From 6f49197cabdccf36e0d899e8c35a94cce5793716 Mon Sep 17 00:00:00 2001 From: Chris Crone Date: Wed, 16 Sep 2020 16:35:04 +0200 Subject: [PATCH 001/127] context: Ensure import paths are valid Signed-off-by: Chris Crone --- cli/context/store/store.go | 27 +++++++++++++++++++++++---- cli/context/store/store_test.go | 4 ++-- cli/context/store/storeconfig_test.go | 16 ++++++++++++++++ 3 files changed, 41 insertions(+), 6 deletions(-) diff --git a/cli/context/store/store.go b/cli/context/store/store.go index b3cd4c54edf3..5ad4d7759bdb 100644 --- a/cli/context/store/store.go +++ b/cli/context/store/store.go @@ -7,7 +7,6 @@ import ( "bytes" _ "crypto/sha256" // ensure ids can be computed "encoding/json" - "errors" "fmt" "io" "io/ioutil" @@ -18,6 +17,7 @@ import ( "github.com/docker/docker/errdefs" digest "github.com/opencontainers/go-digest" + "github.com/pkg/errors" ) // Store provides a context store for easily remembering endpoints configuration @@ -295,6 +295,19 @@ func Import(name string, s Writer, reader io.Reader) error { } } +func isValidFilePath(p string) error { + if p != metaFile && !strings.HasPrefix(p, "tls/") { + return errors.New("unexpected context file") + } + if path.Clean(p) != p { + return errors.New("unexpected path format") + } + if strings.Contains(p, `\`) { + return errors.New(`unexpected '\' in path`) + } + return nil +} + func importTar(name string, s Writer, reader io.Reader) error { tr := tar.NewReader(&LimitedReader{R: reader, N: maxAllowedFileSizeToImport}) tlsData := ContextTLSData{ @@ -309,10 +322,13 @@ func importTar(name string, s Writer, reader io.Reader) error { if err != nil { return err } - if hdr.Typeflag == tar.TypeDir { + if hdr.Typeflag != tar.TypeReg { // skip this entry, only taking files into account continue } + if err := isValidFilePath(hdr.Name); err != nil { + return errors.Wrap(err, hdr.Name) + } if hdr.Name == metaFile { data, err := ioutil.ReadAll(tr) if err != nil { @@ -358,10 +374,13 @@ func importZip(name string, s Writer, reader io.Reader) error { var importedMetaFile bool for _, zf := range zr.File { fi := zf.FileInfo() - if fi.IsDir() { - // skip this entry, only taking files into account + if !fi.Mode().IsRegular() { + // skip this entry, only taking regular files into account continue } + if err := isValidFilePath(zf.Name); err != nil { + return errors.Wrap(err, zf.Name) + } if zf.Name == metaFile { f, err := zf.Open() if err != nil { diff --git a/cli/context/store/store_test.go b/cli/context/store/store_test.go index df506061e52a..4b412652de01 100644 --- a/cli/context/store/store_test.go +++ b/cli/context/store/store_test.go @@ -175,7 +175,7 @@ func TestImportTarInvalid(t *testing.T) { var r io.Reader = source s := New(testDir, testCfg) err = Import("tarInvalid", s, r) - assert.ErrorContains(t, err, "invalid context: no metadata found") + assert.ErrorContains(t, err, "unexpected context file") } func TestImportZip(t *testing.T) { @@ -254,5 +254,5 @@ func TestImportZipInvalid(t *testing.T) { var r io.Reader = source s := New(testDir, testCfg) err = Import("zipInvalid", s, r) - assert.ErrorContains(t, err, "invalid context: no metadata found") + assert.ErrorContains(t, err, "unexpected context file") } diff --git a/cli/context/store/storeconfig_test.go b/cli/context/store/storeconfig_test.go index 7f59e3f015b6..e7384fb07140 100644 --- a/cli/context/store/storeconfig_test.go +++ b/cli/context/store/storeconfig_test.go @@ -29,3 +29,19 @@ func TestConfigModification(t *testing.T) { assert.Equal(t, &testEP2{}, cfgCopy.endpointTypes["ep1"]()) assert.Equal(t, &testEP3{}, cfgCopy.endpointTypes["ep2"]()) } + +func TestValidFilePaths(t *testing.T) { + paths := map[string]bool{ + "tls/_/../../something": false, + "tls/../../something": false, + "../../something": false, + "/tls/absolute/unix/path": false, + `C:\tls\absolute\windows\path`: false, + "C:/tls/absolute/windows/path": false, + "tls/kubernetes/key.pem": true, + } + for p, expectedValid := range paths { + err := isValidFilePath(p) + assert.Equal(t, err == nil, expectedValid, "%q should report valid as: %v", p, expectedValid) + } +} From 9ecc69d17e40cd0a03b6b03d8421bc415936d231 Mon Sep 17 00:00:00 2001 From: Chris Crone Date: Thu, 24 Sep 2020 16:24:24 +0200 Subject: [PATCH 002/127] context: Ensure context name is valid on import Signed-off-by: Chris Crone --- cli/command/context/cmd.go | 21 --------------------- cli/command/context/create.go | 2 +- cli/command/context/export.go | 2 +- cli/command/context/update.go | 2 +- cli/command/context/use.go | 3 ++- cli/context/store/store.go | 22 ++++++++++++++++++++++ cli/context/store/storeconfig_test.go | 13 +++++++++++++ 7 files changed, 40 insertions(+), 25 deletions(-) diff --git a/cli/command/context/cmd.go b/cli/command/context/cmd.go index 1b6898456d04..6dce68aeaaa9 100644 --- a/cli/command/context/cmd.go +++ b/cli/command/context/cmd.go @@ -1,10 +1,6 @@ package context import ( - "errors" - "fmt" - "regexp" - "github.com/docker/cli/cli" "github.com/docker/cli/cli/command" "github.com/spf13/cobra" @@ -30,20 +26,3 @@ func NewContextCommand(dockerCli command.Cli) *cobra.Command { ) return cmd } - -const restrictedNamePattern = "^[a-zA-Z0-9][a-zA-Z0-9_.+-]+$" - -var restrictedNameRegEx = regexp.MustCompile(restrictedNamePattern) - -func validateContextName(name string) error { - if name == "" { - return errors.New("context name cannot be empty") - } - if name == "default" { - return errors.New(`"default" is a reserved context name`) - } - if !restrictedNameRegEx.MatchString(name) { - return fmt.Errorf("context name %q is invalid, names are validated against regexp %q", name, restrictedNamePattern) - } - return nil -} diff --git a/cli/command/context/create.go b/cli/command/context/create.go index 9d5865a70a7d..9e6fe0295b4d 100644 --- a/cli/command/context/create.go +++ b/cli/command/context/create.go @@ -137,7 +137,7 @@ func createNewContext(o *CreateOptions, stackOrchestrator command.Orchestrator, } func checkContextNameForCreation(s store.Reader, name string) error { - if err := validateContextName(name); err != nil { + if err := store.ValidateContextName(name); err != nil { return err } if _, err := s.GetMetadata(name); !store.IsErrContextDoesNotExist(err) { diff --git a/cli/command/context/export.go b/cli/command/context/export.go index fd66a5d490d0..601307140238 100644 --- a/cli/command/context/export.go +++ b/cli/command/context/export.go @@ -77,7 +77,7 @@ func writeTo(dockerCli command.Cli, reader io.Reader, dest string) error { // RunExport exports a Docker context func RunExport(dockerCli command.Cli, opts *ExportOptions) error { - if err := validateContextName(opts.ContextName); err != nil && opts.ContextName != command.DefaultContextName { + if err := store.ValidateContextName(opts.ContextName); err != nil && opts.ContextName != command.DefaultContextName { return err } ctxMeta, err := dockerCli.ContextStore().GetMetadata(opts.ContextName) diff --git a/cli/command/context/update.go b/cli/command/context/update.go index 9165bb301969..3c67fdd207fb 100644 --- a/cli/command/context/update.go +++ b/cli/command/context/update.go @@ -68,7 +68,7 @@ func newUpdateCommand(dockerCli command.Cli) *cobra.Command { // RunUpdate updates a Docker context func RunUpdate(cli command.Cli, o *UpdateOptions) error { - if err := validateContextName(o.Name); err != nil { + if err := store.ValidateContextName(o.Name); err != nil { return err } s := cli.ContextStore() diff --git a/cli/command/context/use.go b/cli/command/context/use.go index 97e3a9705615..a3998da69dd6 100644 --- a/cli/command/context/use.go +++ b/cli/command/context/use.go @@ -5,6 +5,7 @@ import ( "os" "github.com/docker/cli/cli/command" + "github.com/docker/cli/cli/context/store" "github.com/spf13/cobra" ) @@ -23,7 +24,7 @@ func newUseCommand(dockerCli command.Cli) *cobra.Command { // RunUse set the current Docker context func RunUse(dockerCli command.Cli, name string) error { - if err := validateContextName(name); err != nil && name != "default" { + if err := store.ValidateContextName(name); err != nil && name != "default" { return err } if _, err := dockerCli.ContextStore().GetMetadata(name); err != nil && name != "default" { diff --git a/cli/context/store/store.go b/cli/context/store/store.go index 5ad4d7759bdb..71220e9ac0f6 100644 --- a/cli/context/store/store.go +++ b/cli/context/store/store.go @@ -13,6 +13,7 @@ import ( "net/http" "path" "path/filepath" + "regexp" "strings" "github.com/docker/docker/errdefs" @@ -20,6 +21,10 @@ import ( "github.com/pkg/errors" ) +const restrictedNamePattern = "^[a-zA-Z0-9][a-zA-Z0-9_.+-]+$" + +var restrictedNameRegEx = regexp.MustCompile(restrictedNamePattern) + // Store provides a context store for easily remembering endpoints configuration type Store interface { Reader @@ -184,6 +189,20 @@ func (s *store) GetStorageInfo(contextName string) StorageInfo { } } +// ValidateContextName checks a context name is valid. +func ValidateContextName(name string) error { + if name == "" { + return errors.New("context name cannot be empty") + } + if name == "default" { + return errors.New(`"default" is a reserved context name`) + } + if !restrictedNameRegEx.MatchString(name) { + return fmt.Errorf("context name %q is invalid, names are validated against regexp %q", name, restrictedNamePattern) + } + return nil +} + // Export exports an existing namespace into an opaque data stream // This stream is actually a tarball containing context metadata and TLS materials, but it does // not map 1:1 the layout of the context store (don't try to restore it manually without calling store.Import) @@ -427,6 +446,9 @@ func parseMetadata(data []byte, name string) (Metadata, error) { if err := json.Unmarshal(data, &meta); err != nil { return meta, err } + if err := ValidateContextName(name); err != nil { + return Metadata{}, err + } meta.Name = name return meta, nil } diff --git a/cli/context/store/storeconfig_test.go b/cli/context/store/storeconfig_test.go index e7384fb07140..4d9a3b63fb49 100644 --- a/cli/context/store/storeconfig_test.go +++ b/cli/context/store/storeconfig_test.go @@ -45,3 +45,16 @@ func TestValidFilePaths(t *testing.T) { assert.Equal(t, err == nil, expectedValid, "%q should report valid as: %v", p, expectedValid) } } + +func TestValidateContextName(t *testing.T) { + names := map[string]bool{ + "../../invalid/escape": false, + "/invalid/absolute": false, + `\invalid\windows`: false, + "validname": true, + } + for n, expectedValid := range names { + err := ValidateContextName(n) + assert.Equal(t, err == nil, expectedValid, "%q should report valid as: %v", n, expectedValid) + } +} From 18f33b337d7af97ba30ab03eeeab801574208e55 Mon Sep 17 00:00:00 2001 From: Chris Crone Date: Tue, 5 Jan 2021 14:12:52 +0100 Subject: [PATCH 003/127] context: Add tarball e2e tests Signed-off-by: Chris Crone --- e2e/context/context_test.go | 73 ++++++++++++++++++ e2e/context/testdata/context-ls-notls.golden | 3 + e2e/context/testdata/context-ls-tls.golden | 3 + .../testdata/test-dockerconfig-tls.tar | Bin 0 -> 8335 bytes e2e/context/testdata/test-dockerconfig.tar | Bin 0 -> 1536 bytes 5 files changed, 79 insertions(+) create mode 100644 e2e/context/testdata/context-ls-notls.golden create mode 100644 e2e/context/testdata/context-ls-tls.golden create mode 100644 e2e/context/testdata/test-dockerconfig-tls.tar create mode 100644 e2e/context/testdata/test-dockerconfig.tar diff --git a/e2e/context/context_test.go b/e2e/context/context_test.go index ce22f7b7c3cf..6212b98dea47 100644 --- a/e2e/context/context_test.go +++ b/e2e/context/context_test.go @@ -1,8 +1,11 @@ package context import ( + "io/ioutil" + "os" "testing" + "gotest.tools/v3/assert" "gotest.tools/v3/golden" "gotest.tools/v3/icmd" ) @@ -19,3 +22,73 @@ func TestContextList(t *testing.T) { }) golden.Assert(t, result.Stdout(), "context-ls.golden") } + +func TestContextImportNoTLS(t *testing.T) { + d, _ := ioutil.TempDir("", "") + defer func() { + os.RemoveAll(d) + }() + cmd := icmd.Command("docker", "context", "import", "remote", "./testdata/test-dockerconfig.tar") + cmd.Env = append(cmd.Env, + "DOCKER_CONFIG="+d, + ) + icmd.RunCmd(cmd).Assert(t, icmd.Success) + + cmd = icmd.Command("docker", "context", "ls") + cmd.Env = append(cmd.Env, + "DOCKER_CONFIG="+d, + "KUBECONFIG=./testdata/test-kubeconfig", // Allows reuse of context-ls.golden + ) + result := icmd.RunCmd(cmd).Assert(t, icmd.Success) + golden.Assert(t, result.Stdout(), "context-ls.golden") +} + +func TestContextImportTLS(t *testing.T) { + d, _ := ioutil.TempDir("", "") + defer func() { + os.RemoveAll(d) + }() + cmd := icmd.Command("docker", "context", "import", "test", "./testdata/test-dockerconfig-tls.tar") + cmd.Env = append(cmd.Env, + "DOCKER_CONFIG="+d, + ) + icmd.RunCmd(cmd).Assert(t, icmd.Success) + + cmd = icmd.Command("docker", "context", "ls") + cmd.Env = append(cmd.Env, + "DOCKER_CONFIG="+d, + ) + result := icmd.RunCmd(cmd).Assert(t, icmd.Success) + golden.Assert(t, result.Stdout(), "context-ls-tls.golden") + + b, err := ioutil.ReadFile(d + "/contexts/tls/9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08/kubernetes/key.pem") + assert.NilError(t, err) + assert.Equal(t, string(b), `-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEArQk77K5sgrQYY6HiQ1y7AC+67HrRB36oEvR+Fq60RsFcc3cZ +xAvMkRSBPjQyskjdYY7kfykGHhfJxGKopb3cDJx3eDBxjgAniwnnOMmHVWbf8Eik +o0sNxkgzQPGq83nL3QvVxm3xgqe4nlTdR/Swoq6Pv0oaVYvPPMnaZIF89SJ/wlNT +myCs6Uq00dICi20II+M2Nw9b+EVEK4ENl+SlrsK7iuoBIh/H0ZghxOthO9J/HeBb +hmM4wcs1OonhPDYKHEaChYA7/Q3/8OBp3bAdlQJ1ziyP3ROAKHL2NwwkGZ8o8HP8 +u0ex/NAb8w5J5WNePqYQd/sqfisfNpA5VIKcEQIDAQABAoIBABLo4W2aGi2mdMve +kxV9esoobSsOuO0ywDdiFK1x5i2dT/cmWuB70Z1BOmaL2cZ2BAt3TC1BVHPRcbFO +ftOuDfAq4Tt3P9Ge3rNpH6WrEGka1voxVhyqRRUYKtG8F0yIUOkVNAV9WllG7vwO +ligY63y7yuXCuWID51/jR0SYiglXz6G4gcJKFXtugXXiLUIg08GVWkwOsrACC+hR +mhcHly1926VhN5+ozjNU/GZ1LaTuK6erBZakH5bqlN97s5rrk0ZRwk/JtnkoRRdI +cq0918Za2vqGDHZ3MqLttL52YfDXPIEJPwlFdvC/+sXK2NhUB/xY4yuliU3sY0sf +XsIvIWECgYEAwD8AnZI0hnGv8hc6zJppHFRwhrtLZ+09SJwPv5Y4wxuuk5dzNkpf +xCNo5hjSVYA1MMmWG8p/sEXo2IyCT8sWDNCn9kieTXihxRxbj88Y2qA5O4N46Zy4 +kPngjkP5PPDMkwaQQgUr9LvlWS7P6OJkH18ZN8s3QhMaKcHu9FFT44UCgYEA5mte +mMSDf9hUK3IK+yrGX62qc2H+ecXN3Zf3nehyiz+dX4ZXhBwBkwJ/mHvuAZPfoFUN +Xg6cdyWFJg9ynm45JXnDjmYPGmFLn0mP3Mje/+SbbW2fdFWHJW/maqj4uUqqgQd+ +pGNzKXq34MzDrpsqIJ7AHu3LYVMOoLAVqC7LXh0CgYEAnLF9ZfFqQH7fgvouIeBl +dgLZKOf2AUJcJheVunnN0DF67K+P55tdTTfzY0CuB6SVNivI3uQBiYKh1AdKm5ET +auSTUmlEJi8B4/BGLQQG5QOdQoXZgsgLo5cX0b1To7k9dUTvRfCDMFoKCNPgAJiu +NOfFXTWU15VMSObaRmcXciUCgYEA5e1cXwsxwUAodZX+eTXs8ArHHQ47Nl55GFeN +wufybRuUuX7AE9cyhvUmSA3aqX5a144noaTo40fwftNJZ+jLY6cGyjDzfzp5kMCC +KynSxPzlUCPkytyR2Hy6K9LjJ1rnm4vUBswqXcjUdiE+Xxz8w8JGKlbV7Q9JeHVd +lw7i5s0CgYAn9T9ySI3xCbrUa/XV/ZY2hopUdH5CDPeTd2eH+L+lctkD9nlzLrpj +qij+jaEUweymNx0uttgv02J3DYcIIvVq3RNAwORy5Mp9KasHmjbW2xq+HAq5yFOO +1ma82F5zeUl+bKqjMRCY8IVZ349VxRZtb2RVVEKyVswb7HmKp6gGbA== +-----END RSA PRIVATE KEY----- +`) +} diff --git a/e2e/context/testdata/context-ls-notls.golden b/e2e/context/testdata/context-ls-notls.golden new file mode 100644 index 000000000000..17475033052c --- /dev/null +++ b/e2e/context/testdata/context-ls-notls.golden @@ -0,0 +1,3 @@ +NAME DESCRIPTION DOCKER ENDPOINT KUBERNETES ENDPOINT ORCHESTRATOR +default * Current DOCKER_HOST based configuration unix:///var/run/docker.sock swarm +remote my remote cluster ssh://someserver https://someserver (default) kubernetes diff --git a/e2e/context/testdata/context-ls-tls.golden b/e2e/context/testdata/context-ls-tls.golden new file mode 100644 index 000000000000..f0f0d464e73c --- /dev/null +++ b/e2e/context/testdata/context-ls-tls.golden @@ -0,0 +1,3 @@ +NAME DESCRIPTION DOCKER ENDPOINT KUBERNETES ENDPOINT ORCHESTRATOR +default * Current DOCKER_HOST based configuration unix:///var/run/docker.sock swarm +test unix:///var/run/docker.sock https://kubernetes.docker.internal:6443 (default) swarm diff --git a/e2e/context/testdata/test-dockerconfig-tls.tar b/e2e/context/testdata/test-dockerconfig-tls.tar new file mode 100644 index 0000000000000000000000000000000000000000..6dc21a601421ecbbb22119a38f2b0d175e46a152 GIT binary patch literal 8335 zcmeHMS+lD~lJ+yd!f{^JV|ED~(GTqVju7aL9mFPfki-AIImf=^>pPzAp60y(;egBrESvc3z+n?UFBPEh>3g5o};mw)C zxH5*gNXKair*1eT$2A<9w;%uX#p^T*3hy z<`(=(;JfjVJB&D0`E*ssONTPs-@ebndQ11>-d9l_}w#Y zel7A(e|wMr`Ij31RO_Ff2n4~O-rq&PfnXFtj`;u6nEdy6{%>CY|MA{vPLT9(8P0Yk zUScSh`{)HUNn&=EVW^17sa2w>{P?hxPUlr$RHZ2P=SY43fT@k`&zyPT^X4pH!x1E@_?Lewko zzC7Q3yN+LnH;%NjRv;_gT`HDXr!0=9EsD)^&ZOSGwL0c_rzr*FfhG>_UFpS7JijH2 zPNtGzf?OP6xZ2NP8{iN1)KCrBrSi)yc3eC84>Iv{ak;D+;UK_s_N_o-#hrH5Ei}o~ z$<)rC&yFHTxL%uiMe0v6+o}p#wkL$J`}$rc0!^%FpPeHDz`7{)uaRKEgX;T_+>5U8V4YvzW?{di2e( zc*@Jn$(|t>STCNOXGv0bW90Px)qq=|M9u08jsfieT3(sSLtic>;6ZX0eZ{WNtE-y} zzeM5FMF`Vw9lkaeuW+Y2E)DApF4{~DSV>P{14voUxYy-m8|TWYZ-wK=47G9;6>1NS z;Z`<3;%-AGWr^UC5G<7|l|~WoAxyZHqXBTWc#YC%DkHuOo%(a=Xo|aS)m1>*8cv@c zOEU8Hq3QgQC6^VrTukO-wl{@_R}y_#`#9-bxFVHpE8~28>*Um>Wxndme1g#2U*BI2gI6s;$#?F z-~p}l+z7cbhUj3i`-u*2T?sN{D0s`B^@!qt4Vh#-ElwQl+-F^ zOUK3%E6VQG74}&Sghfv-acCwOW0xC)6N<yjlw<%0(%gI zgCB4Q!Q?xZa^J%(I#-TmDTU7SfzCM|pskpt9>2jnDdXUK9F_E8rb|y8ix2_vR{03J z*}T?^+>z0R!$@E$;d;JjGeq7-GrJdo76y@_FG+<6dBrv|xQ~1}x`KGeD6`laLoJxs zb5)x51tJm;%<$%P1q9D~Ac_dZ>JPsR4HoT}Q4l$j#su3;RApjkcAHU$)`eJcDra_I z=KtK8hA9!ZxLq;jMl&@GqMITi@mAo3)fZ$m%e zL^d2`I)%5(_*n2W@5?AOH>0p*;FHAQR0SR3ku38PxogWx)F$3on zz@xzI9dw0S72z66^|icjvy`Yz&||D4J;cDeA{?^dvumC)OMjWFdCUL&2YL8C_Tm36 z8(-jmmG1v?`2WE6zjFRZ5%}^Y{$t1A1%I6Xe}|;_4F7G1`qs21?>PT|t8l@8-T`n= z>HtPc`PgX(tGZkie9Q+cI8LLb1@9M%Ih`-!VAJTi;}-kG_h-l+`8Y=7JFroUR@n}1 zzMtBvM-l{=D%&eTEHZf$lfg*At zQv}onv`~;R=qDOcNo~pStK3c0HYi0@4+Co@+=-45O#+yqbOUuNB34|+Z+dF>ft7$` zpOs^#KPlXkl$f(5ma?dW=^Tqqs~vVjLZL*OL|amz+B`BHyDoA@V?NIGE1Q(O0&jSU zBrX^?x0${`cbGPsP(|W9LQ@m!GBE9lrX5GT0c4Xgvl-Q6?u448kfMYB6wkMT6RHqi zy3H&0-nOrSG6@6^?b6k#Je~5$TU`s6Wi^1h%!4z!U-sE&=9|RgF!-<`Cn)pUf1L#^ zk7b4Tr#biiQoTw!L94|QNtJd5E;t7tN-yzb@xWss4b*3e&GIjm3 z*z7HO5JZ6V6mDQTcE0ZzP?>H1s7%~6S*=<_%gV0e7;mN&Xf%h-$l|J?l5*My!9OE?jEJW+_I320p>101J>z>zykz;( z%~DF&K$5F>#mErqD#vn>dUMDRJHG6+p~PpB+yx7YUs$x(t*8rV^#W zITr|L$GtW+Czk|`fwZ7nmVjGEVs-vKA9J3`y>&M8 zRbLsi+Na${#Qm(0>O+QyBPh$29@pNFAJ?ShPX6{HRzen(I`S?SDW{^B0QGt)@$r3? zspDdc+#Lzsm}t0$pzneA04ciXH4$-!HB&c1Qt_mo>UgSHvaMh0@O%J$`8Yj7?z*OX zqi@hWP5A;LGRg+ABrRT#+B&rw_HiNlB$aR!o5zt6TYnO%9^ZMx0N^Gh5FUS}*ZLGG q{X?^vfRMa9ijm%C-=_$%y<>aby>X2$Vxv6Ixe!sGlgZzNo4)|bYn{me literal 0 HcmV?d00001 diff --git a/e2e/context/testdata/test-dockerconfig.tar b/e2e/context/testdata/test-dockerconfig.tar new file mode 100644 index 0000000000000000000000000000000000000000..92eab23bda94661456a55c023f3c8dc4b227ff37 GIT binary patch literal 1536 zcmd^8O;5ux4DC;;a$dU@_JMk45(hpGLtGGtkh(OqO{&-(Ow;~54i#G22~FxQ_>efx z^Rr(RH$XCeM{9!dEMZ&BW`WLT#^*oPFw>jr(4q2Fr?XrJt|Z+KN~nkuSu%v!Ko6E zoFwZQS9P!83=p8$PsGaPt<{Fm6XsS`oX6gcMPe*snN6o?8$fWIp0d*I$a4s*t4DS7f_9(SM#H>9E`@%sQBaW`A?S1bP<{9 literal 0 HcmV?d00001 From 5941f4104a33aaddf08a080a3cf5d05e6fdace6b Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Mon, 25 Jan 2021 19:18:35 +0000 Subject: [PATCH 004/127] vendor docker, docker-credential-helpers and golang/sys for execabs package Signed-off-by: Tibor Vass (cherry picked from commit 7bef2487659c3609d6da10e36ad2a61267b9cdc9) Signed-off-by: Tibor Vass --- vendor.conf | 6 +- .../client/command.go | 3 +- .../docker/docker-credential-helpers/go.mod | 8 + .../osxkeychain/osxkeychain_darwin.go | 13 + .../builder/remotecontext/git/gitutils.go | 2 +- .../docker/docker/pkg/archive/archive.go | 2 +- .../docker/docker/pkg/idtools/idtools.go | 11 +- .../docker/docker/pkg/idtools/idtools_unix.go | 14 +- vendor/github.com/docker/docker/vendor.conf | 10 +- vendor/golang.org/x/sys/README.md | 2 + vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s | 2 +- vendor/golang.org/x/sys/cpu/cpu_arm64.go | 40 +- vendor/golang.org/x/sys/cpu/cpu_arm64.s | 2 +- vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go | 2 +- vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go | 2 +- vendor/golang.org/x/sys/cpu/cpu_gc_x86.go | 2 +- .../golang.org/x/sys/cpu/cpu_linux_s390x.go | 121 +- .../golang.org/x/sys/cpu/cpu_netbsd_arm64.go | 173 ++ .../golang.org/x/sys/cpu/cpu_other_arm64.go | 3 +- .../golang.org/x/sys/cpu/cpu_other_mips64x.go | 12 + vendor/golang.org/x/sys/cpu/cpu_s390x.go | 150 +- vendor/golang.org/x/sys/cpu/cpu_s390x.s | 2 +- vendor/golang.org/x/sys/cpu/cpu_x86.s | 2 +- vendor/golang.org/x/sys/cpu/cpu_zos.go | 10 + vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go | 25 + .../x/sys/cpu/syscall_aix_ppc64_gc.go | 2 +- vendor/golang.org/x/sys/execabs/execabs.go | 102 + vendor/golang.org/x/sys/plan9/syscall.go | 49 +- vendor/golang.org/x/sys/unix/asm_aix_ppc64.s | 2 +- vendor/golang.org/x/sys/unix/asm_darwin_386.s | 2 +- .../golang.org/x/sys/unix/asm_darwin_amd64.s | 2 +- vendor/golang.org/x/sys/unix/asm_darwin_arm.s | 2 +- .../golang.org/x/sys/unix/asm_darwin_arm64.s | 2 +- .../x/sys/unix/asm_dragonfly_amd64.s | 2 +- .../golang.org/x/sys/unix/asm_freebsd_386.s | 2 +- .../golang.org/x/sys/unix/asm_freebsd_amd64.s | 2 +- .../golang.org/x/sys/unix/asm_freebsd_arm.s | 2 +- .../golang.org/x/sys/unix/asm_freebsd_arm64.s | 2 +- vendor/golang.org/x/sys/unix/asm_linux_386.s | 2 +- .../golang.org/x/sys/unix/asm_linux_amd64.s | 2 +- vendor/golang.org/x/sys/unix/asm_linux_arm.s | 2 +- .../golang.org/x/sys/unix/asm_linux_arm64.s | 2 +- .../golang.org/x/sys/unix/asm_linux_mips64x.s | 2 +- .../golang.org/x/sys/unix/asm_linux_mipsx.s | 2 +- .../golang.org/x/sys/unix/asm_linux_ppc64x.s | 2 +- .../golang.org/x/sys/unix/asm_linux_riscv64.s | 2 +- .../golang.org/x/sys/unix/asm_linux_s390x.s | 2 +- vendor/golang.org/x/sys/unix/asm_netbsd_386.s | 2 +- .../golang.org/x/sys/unix/asm_netbsd_amd64.s | 2 +- vendor/golang.org/x/sys/unix/asm_netbsd_arm.s | 2 +- .../golang.org/x/sys/unix/asm_netbsd_arm64.s | 2 +- .../golang.org/x/sys/unix/asm_openbsd_386.s | 2 +- .../golang.org/x/sys/unix/asm_openbsd_amd64.s | 2 +- .../golang.org/x/sys/unix/asm_openbsd_arm.s | 2 +- .../golang.org/x/sys/unix/asm_openbsd_arm64.s | 2 +- .../x/sys/unix/asm_openbsd_mips64.s | 2 +- .../golang.org/x/sys/unix/asm_solaris_amd64.s | 2 +- vendor/golang.org/x/sys/unix/endian_big.go | 2 +- vendor/golang.org/x/sys/unix/endian_little.go | 2 +- vendor/golang.org/x/sys/unix/ptrace_darwin.go | 11 + vendor/golang.org/x/sys/unix/ptrace_ios.go | 11 + vendor/golang.org/x/sys/unix/syscall.go | 43 +- vendor/golang.org/x/sys/unix/syscall_bsd.go | 2 +- .../x/sys/unix/syscall_darwin.1_13.go | 1 - .../golang.org/x/sys/unix/syscall_darwin.go | 62 +- .../x/sys/unix/syscall_darwin_386.go | 2 +- .../x/sys/unix/syscall_darwin_amd64.go | 2 +- .../x/sys/unix/syscall_darwin_arm.go | 2 +- .../x/sys/unix/syscall_darwin_arm64.go | 2 +- .../x/sys/unix/syscall_dragonfly.go | 17 + .../golang.org/x/sys/unix/syscall_freebsd.go | 4 + .../golang.org/x/sys/unix/syscall_illumos.go | 13 - vendor/golang.org/x/sys/unix/syscall_linux.go | 87 +- .../x/sys/unix/syscall_linux_amd64_gc.go | 2 +- .../golang.org/x/sys/unix/syscall_linux_gc.go | 2 +- .../x/sys/unix/syscall_linux_gc_386.go | 2 +- .../x/sys/unix/syscall_linux_gc_arm.go | 2 +- .../golang.org/x/sys/unix/syscall_netbsd.go | 4 + .../golang.org/x/sys/unix/syscall_openbsd.go | 4 + .../golang.org/x/sys/unix/syscall_solaris.go | 13 + .../golang.org/x/sys/unix/syscall_unix_gc.go | 2 +- .../x/sys/unix/syscall_unix_gc_ppc64x.go | 2 +- vendor/golang.org/x/sys/unix/timestruct.go | 26 +- .../x/sys/unix/zerrors_darwin_386.go | 1 + .../x/sys/unix/zerrors_darwin_amd64.go | 1 + .../x/sys/unix/zerrors_darwin_arm.go | 1 + .../x/sys/unix/zerrors_darwin_arm64.go | 1 + vendor/golang.org/x/sys/unix/zerrors_linux.go | 149 +- .../x/sys/unix/zerrors_linux_386.go | 2 +- .../x/sys/unix/zerrors_linux_amd64.go | 2 +- .../x/sys/unix/zerrors_linux_arm.go | 2 +- .../x/sys/unix/zerrors_linux_arm64.go | 4 +- .../x/sys/unix/zerrors_linux_mips.go | 2 +- .../x/sys/unix/zerrors_linux_mips64.go | 2 +- .../x/sys/unix/zerrors_linux_mips64le.go | 2 +- .../x/sys/unix/zerrors_linux_mipsle.go | 2 +- .../x/sys/unix/zerrors_linux_ppc64.go | 2 +- .../x/sys/unix/zerrors_linux_ppc64le.go | 2 +- .../x/sys/unix/zerrors_linux_riscv64.go | 2 +- .../x/sys/unix/zerrors_linux_s390x.go | 2 +- .../x/sys/unix/zerrors_linux_sparc64.go | 2 +- .../x/sys/unix/zsyscall_aix_ppc64_gc.go | 2 +- .../x/sys/unix/zsyscall_darwin_386.1_13.go | 2 - .../x/sys/unix/zsyscall_darwin_386.go | 150 +- .../x/sys/unix/zsyscall_darwin_amd64.1_13.go | 2 - .../x/sys/unix/zsyscall_darwin_amd64.go | 150 +- .../x/sys/unix/zsyscall_darwin_arm.1_13.go | 2 - .../x/sys/unix/zsyscall_darwin_arm.go | 147 +- .../x/sys/unix/zsyscall_darwin_arm64.1_13.go | 2 - .../x/sys/unix/zsyscall_darwin_arm64.go | 150 +- .../x/sys/unix/zsyscall_dragonfly_amd64.go | 10 + .../x/sys/unix/zsyscall_illumos_amd64.go | 15 +- .../x/sys/unix/zsyscall_solaris_amd64.go | 13 + .../x/sys/unix/zsysnum_darwin_386.go | 437 ++++ .../x/sys/unix/zsysnum_darwin_amd64.go | 439 ++++ .../x/sys/unix/zsysnum_darwin_arm.go | 437 ++++ .../x/sys/unix/zsysnum_darwin_arm64.go | 437 ++++ .../x/sys/unix/zsysnum_linux_386.go | 1 + .../x/sys/unix/zsysnum_linux_amd64.go | 1 + .../x/sys/unix/zsysnum_linux_arm.go | 1 + .../x/sys/unix/zsysnum_linux_arm64.go | 1 + .../x/sys/unix/zsysnum_linux_mips.go | 1 + .../x/sys/unix/zsysnum_linux_mips64.go | 1 + .../x/sys/unix/zsysnum_linux_mips64le.go | 1 + .../x/sys/unix/zsysnum_linux_mipsle.go | 1 + .../x/sys/unix/zsysnum_linux_ppc64.go | 1 + .../x/sys/unix/zsysnum_linux_ppc64le.go | 1 + .../x/sys/unix/zsysnum_linux_riscv64.go | 1 + .../x/sys/unix/zsysnum_linux_s390x.go | 1 + .../x/sys/unix/zsysnum_linux_sparc64.go | 1 + .../golang.org/x/sys/unix/ztypes_aix_ppc.go | 1 + .../golang.org/x/sys/unix/ztypes_aix_ppc64.go | 1 + .../x/sys/unix/ztypes_darwin_386.go | 11 + .../x/sys/unix/ztypes_darwin_amd64.go | 11 + .../x/sys/unix/ztypes_darwin_arm.go | 11 + .../x/sys/unix/ztypes_darwin_arm64.go | 11 + .../x/sys/unix/ztypes_dragonfly_amd64.go | 1 + .../x/sys/unix/ztypes_freebsd_386.go | 1 + .../x/sys/unix/ztypes_freebsd_amd64.go | 1 + .../x/sys/unix/ztypes_freebsd_arm.go | 1 + .../x/sys/unix/ztypes_freebsd_arm64.go | 1 + vendor/golang.org/x/sys/unix/ztypes_linux.go | 2180 ++++++++++++----- .../golang.org/x/sys/unix/ztypes_linux_386.go | 17 +- .../x/sys/unix/ztypes_linux_amd64.go | 18 +- .../golang.org/x/sys/unix/ztypes_linux_arm.go | 18 +- .../x/sys/unix/ztypes_linux_arm64.go | 18 +- .../x/sys/unix/ztypes_linux_mips.go | 18 +- .../x/sys/unix/ztypes_linux_mips64.go | 18 +- .../x/sys/unix/ztypes_linux_mips64le.go | 18 +- .../x/sys/unix/ztypes_linux_mipsle.go | 18 +- .../x/sys/unix/ztypes_linux_ppc64.go | 18 +- .../x/sys/unix/ztypes_linux_ppc64le.go | 18 +- .../x/sys/unix/ztypes_linux_riscv64.go | 18 +- .../x/sys/unix/ztypes_linux_s390x.go | 18 +- .../x/sys/unix/ztypes_linux_sparc64.go | 18 +- .../x/sys/unix/ztypes_netbsd_386.go | 1 + .../x/sys/unix/ztypes_netbsd_amd64.go | 1 + .../x/sys/unix/ztypes_netbsd_arm.go | 1 + .../x/sys/unix/ztypes_netbsd_arm64.go | 1 + .../x/sys/unix/ztypes_openbsd_386.go | 1 + .../x/sys/unix/ztypes_openbsd_amd64.go | 1 + .../x/sys/unix/ztypes_openbsd_arm.go | 1 + .../x/sys/unix/ztypes_openbsd_arm64.go | 1 + .../x/sys/unix/ztypes_openbsd_mips64.go | 1 + .../x/sys/unix/ztypes_solaris_amd64.go | 1 + .../golang.org/x/sys/windows/dll_windows.go | 3 +- .../x/sys/windows/memory_windows.go | 20 +- .../x/sys/windows/security_windows.go | 14 +- vendor/golang.org/x/sys/windows/service.go | 6 + .../x/sys/windows/setupapierrors_windows.go | 100 + .../golang.org/x/sys/windows/svc/service.go | 12 +- vendor/golang.org/x/sys/windows/syscall.go | 46 +- .../x/sys/windows/syscall_windows.go | 30 +- .../golang.org/x/sys/windows/types_windows.go | 125 +- .../x/sys/windows/zsyscall_windows.go | 177 +- 175 files changed, 5221 insertions(+), 1527 deletions(-) create mode 100644 vendor/github.com/docker/docker-credential-helpers/go.mod create mode 100644 vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go create mode 100644 vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go create mode 100644 vendor/golang.org/x/sys/cpu/cpu_zos.go create mode 100644 vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go create mode 100644 vendor/golang.org/x/sys/execabs/execabs.go create mode 100644 vendor/golang.org/x/sys/unix/ptrace_darwin.go create mode 100644 vendor/golang.org/x/sys/unix/ptrace_ios.go create mode 100644 vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go create mode 100644 vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go create mode 100644 vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go create mode 100644 vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go create mode 100644 vendor/golang.org/x/sys/windows/setupapierrors_windows.go diff --git a/vendor.conf b/vendor.conf index f236f3271fea..72ab54cc6e82 100755 --- a/vendor.conf +++ b/vendor.conf @@ -14,8 +14,8 @@ github.com/creack/pty 2a38352e8b4d7ab6c336eef107e4 github.com/davecgh/go-spew 8991bc29aa16c548c550c7ff78260e27b9ab7c73 # v1.1.1 github.com/docker/compose-on-kubernetes 78e6a00beda64ac8ccb9fec787e601fe2ce0d5bb # v0.5.0-alpha1 github.com/docker/distribution 0d3efadf0154c2b8a4e7b6621fff9809655cc580 -github.com/docker/docker f0014860c1b3345e1fcc7ed81c491298de2633fb # v20.10.1 -github.com/docker/docker-credential-helpers 54f0238b6bf101fc3ad3b34114cb5520beb562f5 # v0.6.3 +github.com/docker/docker 46229ca1d815cfd4b50eb377ac75ad8300e13a85 +github.com/docker/docker-credential-helpers 38bea2ce277ad0c9d2a6230692b0606ca5286526 github.com/docker/go d30aec9fd63c35133f8f79c3412ad91a3b08be06 # Contains a customized version of canonical/json and is used by Notary. The package is periodically rebased on current Go versions. github.com/docker/go-connections 7395e3f8aa162843a74ed6d48e79627d9792ac55 # v0.4.0 github.com/docker/go-events e31b211e4f1cd09aa76fe4ac244571fab96ae47f @@ -80,7 +80,7 @@ golang.org/x/crypto c1f2f97bffc9c53fc40a1a28a5b4 golang.org/x/net ab34263943818b32f575efc978a3d24e80b04bd7 golang.org/x/oauth2 bf48bf16ab8d622ce64ec6ce98d2c98f916b6303 golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb -golang.org/x/sys eeed37f84f13f52d35e095e8023ba65671ff86a1 +golang.org/x/sys b64e53b001e413bd5067f36d4e439eded3827374 golang.org/x/term f5c789dd3221ff39d752ac54467d762de7cfbec6 golang.org/x/text 23ae387dee1f90d29a23c0e87ee0b46038fbed0e # v0.3.3 golang.org/x/time 555d28b269f0569763d25dbe1a237ae74c6bcc82 diff --git a/vendor/github.com/docker/docker-credential-helpers/client/command.go b/vendor/github.com/docker/docker-credential-helpers/client/command.go index 8da3343065f6..0183c0639393 100644 --- a/vendor/github.com/docker/docker-credential-helpers/client/command.go +++ b/vendor/github.com/docker/docker-credential-helpers/client/command.go @@ -4,7 +4,8 @@ import ( "fmt" "io" "os" - "os/exec" + + exec "golang.org/x/sys/execabs" ) // Program is an interface to execute external programs. diff --git a/vendor/github.com/docker/docker-credential-helpers/go.mod b/vendor/github.com/docker/docker-credential-helpers/go.mod new file mode 100644 index 000000000000..913b1b394bb6 --- /dev/null +++ b/vendor/github.com/docker/docker-credential-helpers/go.mod @@ -0,0 +1,8 @@ +module github.com/docker/docker-credential-helpers + +go 1.13 + +require ( + github.com/danieljoos/wincred v1.1.0 + golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4 +) diff --git a/vendor/github.com/docker/docker-credential-helpers/osxkeychain/osxkeychain_darwin.go b/vendor/github.com/docker/docker-credential-helpers/osxkeychain/osxkeychain_darwin.go index 6c8ac571654c..a6d37303b5a3 100644 --- a/vendor/github.com/docker/docker-credential-helpers/osxkeychain/osxkeychain_darwin.go +++ b/vendor/github.com/docker/docker-credential-helpers/osxkeychain/osxkeychain_darwin.go @@ -21,6 +21,13 @@ import ( // when the credentials are not in the keychain. const errCredentialsNotFound = "The specified item could not be found in the keychain." +// errCredentialsNotFound is the specific error message returned by OS X +// when environment does not allow showing dialog to unlock keychain. +const errInteractionNotAllowed = "User interaction is not allowed." + +// ErrInteractionNotAllowed is returned if keychain password prompt can not be shown. +var ErrInteractionNotAllowed = errors.New(`keychain cannot be accessed because the current session does not allow user interaction. The keychain may be locked; unlock it by running "security -v unlock-keychain ~/Library/Keychains/login.keychain-db" and try again`) + // Osxkeychain handles secrets using the OS X Keychain as store. type Osxkeychain struct{} @@ -89,6 +96,9 @@ func (h Osxkeychain) Get(serverURL string) (string, string, error) { if goMsg == errCredentialsNotFound { return "", "", credentials.NewErrCredentialsNotFound() } + if goMsg == errInteractionNotAllowed { + return "", "", ErrInteractionNotAllowed + } return "", "", errors.New(goMsg) } @@ -117,6 +127,9 @@ func (h Osxkeychain) List() (map[string]string, error) { if goMsg == errCredentialsNotFound { return make(map[string]string), nil } + if goMsg == errInteractionNotAllowed { + return nil, ErrInteractionNotAllowed + } return nil, errors.New(goMsg) } diff --git a/vendor/github.com/docker/docker/builder/remotecontext/git/gitutils.go b/vendor/github.com/docker/docker/builder/remotecontext/git/gitutils.go index b3aba7f58b26..c0f68f8f89d3 100644 --- a/vendor/github.com/docker/docker/builder/remotecontext/git/gitutils.go +++ b/vendor/github.com/docker/docker/builder/remotecontext/git/gitutils.go @@ -5,12 +5,12 @@ import ( "net/http" "net/url" "os" - "os/exec" "path/filepath" "strings" "github.com/moby/sys/symlink" "github.com/pkg/errors" + exec "golang.org/x/sys/execabs" ) type gitRepo struct { diff --git a/vendor/github.com/docker/docker/pkg/archive/archive.go b/vendor/github.com/docker/docker/pkg/archive/archive.go index eeed6747295e..2c65fca54a9e 100644 --- a/vendor/github.com/docker/docker/pkg/archive/archive.go +++ b/vendor/github.com/docker/docker/pkg/archive/archive.go @@ -11,7 +11,6 @@ import ( "io" "io/ioutil" "os" - "os/exec" "path/filepath" "runtime" "strconv" @@ -25,6 +24,7 @@ import ( "github.com/docker/docker/pkg/pools" "github.com/docker/docker/pkg/system" "github.com/sirupsen/logrus" + exec "golang.org/x/sys/execabs" ) type ( diff --git a/vendor/github.com/docker/docker/pkg/idtools/idtools.go b/vendor/github.com/docker/docker/pkg/idtools/idtools.go index 7569ac15dde7..25a57b231e01 100644 --- a/vendor/github.com/docker/docker/pkg/idtools/idtools.go +++ b/vendor/github.com/docker/docker/pkg/idtools/idtools.go @@ -35,13 +35,13 @@ const ( // MkdirAllAndChown creates a directory (include any along the path) and then modifies // ownership to the requested uid/gid. If the directory already exists, this -// function will still change ownership to the requested uid/gid pair. +// function will still change ownership and permissions. func MkdirAllAndChown(path string, mode os.FileMode, owner Identity) error { return mkdirAs(path, mode, owner, true, true) } // MkdirAndChown creates a directory and then modifies ownership to the requested uid/gid. -// If the directory already exists, this function still changes ownership. +// If the directory already exists, this function still changes ownership and permissions. // Note that unlike os.Mkdir(), this function does not return IsExist error // in case path already exists. func MkdirAndChown(path string, mode os.FileMode, owner Identity) error { @@ -50,7 +50,7 @@ func MkdirAndChown(path string, mode os.FileMode, owner Identity) error { // MkdirAllAndChownNew creates a directory (include any along the path) and then modifies // ownership ONLY of newly created directories to the requested uid/gid. If the -// directories along the path exist, no change of ownership will be performed +// directories along the path exist, no change of ownership or permissions will be performed func MkdirAllAndChownNew(path string, mode os.FileMode, owner Identity) error { return mkdirAs(path, mode, owner, true, false) } @@ -234,3 +234,8 @@ func parseSubidFile(path, username string) (ranges, error) { return rangeList, s.Err() } + +// CurrentIdentity returns the identity of the current process +func CurrentIdentity() Identity { + return Identity{UID: os.Getuid(), GID: os.Getegid()} +} diff --git a/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go b/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go index 5defe6459f5b..a03af120458e 100644 --- a/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go +++ b/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go @@ -40,7 +40,7 @@ func mkdirAs(path string, mode os.FileMode, owner Identity, mkAll, chownExisting } // short-circuit--we were called with an existing directory and chown was requested - return lazyChown(path, owner.UID, owner.GID, stat) + return setPermissions(path, mode, owner.UID, owner.GID, stat) } if os.IsNotExist(err) { @@ -71,7 +71,7 @@ func mkdirAs(path string, mode os.FileMode, owner Identity, mkAll, chownExisting // even if it existed, we will chown the requested path + any subpaths that // didn't exist when we called MkdirAll for _, pathComponent := range paths { - if err := lazyChown(pathComponent, owner.UID, owner.GID, nil); err != nil { + if err := setPermissions(pathComponent, mode, owner.UID, owner.GID, nil); err != nil { return err } } @@ -213,10 +213,11 @@ func callGetent(database, key string) (io.Reader, error) { return bytes.NewReader(out), nil } -// lazyChown performs a chown only if the uid/gid don't match what's requested +// setPermissions performs a chown/chmod only if the uid/gid don't match what's requested // Normally a Chown is a no-op if uid/gid match, but in some cases this can still cause an error, e.g. if the // dir is on an NFS share, so don't call chown unless we absolutely must. -func lazyChown(p string, uid, gid int, stat *system.StatT) error { +// Likewise for setting permissions. +func setPermissions(p string, mode os.FileMode, uid, gid int, stat *system.StatT) error { if stat == nil { var err error stat, err = system.Stat(p) @@ -224,6 +225,11 @@ func lazyChown(p string, uid, gid int, stat *system.StatT) error { return err } } + if os.FileMode(stat.Mode()).Perm() != mode.Perm() { + if err := os.Chmod(p, mode.Perm()); err != nil { + return err + } + } if stat.UID() == uint32(uid) && stat.GID() == uint32(gid) { return nil } diff --git a/vendor/github.com/docker/docker/vendor.conf b/vendor/github.com/docker/docker/vendor.conf index 34b377b1aced..b56df8947f7a 100644 --- a/vendor/github.com/docker/docker/vendor.conf +++ b/vendor/github.com/docker/docker/vendor.conf @@ -20,11 +20,11 @@ github.com/creack/pty 2a38352e8b4d7ab6c336eef107e4 github.com/sirupsen/logrus 6699a89a232f3db797f2e280639854bbc4b89725 # v1.7.0 github.com/tchap/go-patricia a7f0089c6f496e8e70402f61733606daa326cac5 # v2.3.0 golang.org/x/net ab34263943818b32f575efc978a3d24e80b04bd7 -golang.org/x/sys eeed37f84f13f52d35e095e8023ba65671ff86a1 +golang.org/x/sys b64e53b001e413bd5067f36d4e439eded3827374 github.com/docker/go-units 519db1ee28dcc9fd2474ae59fca29a810482bfb1 # v0.4.0 github.com/docker/go-connections 7395e3f8aa162843a74ed6d48e79627d9792ac55 # v0.4.0 golang.org/x/text 23ae387dee1f90d29a23c0e87ee0b46038fbed0e # v0.3.3 -gotest.tools/v3 bb0d8a963040ea5048dcef1a14d8f8b58a33d4b3 # v3.0.2 +gotest.tools/v3 568bc57cc5c19a2ef85e5749870b49a4cc2ab54d # v3.0.3 github.com/google/go-cmp 3af367b6b30c263d47e8895973edcca9a49cf029 # v0.2.0 github.com/syndtr/gocapability 42c35b4376354fd554efc7ad35e0b7f94e3a0ffb @@ -33,7 +33,7 @@ github.com/imdario/mergo 1afb36080aec31e0d1528973ebe6 golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb # buildkit -github.com/moby/buildkit 8142d66b5ebde79846b869fba30d9d30633e74aa # v0.8.1 +github.com/moby/buildkit 68bb095353c65bc3993fd534c26cf77fe05e61b1 # v0.8 branch github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9 github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2 github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746 @@ -47,7 +47,7 @@ github.com/grpc-ecosystem/go-grpc-middleware 3c51f7f332123e8be5a157c0802a # libnetwork # When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly -github.com/docker/libnetwork 5c6a95bfb20c61571a00f913c6b91959ede84e8d +github.com/docker/libnetwork fa125a3512ee0f6187721c88582bf8c4378bd4d7 github.com/docker/go-events e31b211e4f1cd09aa76fe4ac244571fab96ae47f github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80 github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec @@ -176,7 +176,7 @@ github.com/morikuni/aec 39771216ff4c63d11f5e604076f9 # metrics github.com/docker/go-metrics b619b3592b65de4f087d9f16863a7e6ff905973c # v0.0.1 -github.com/opencontainers/selinux 25504e34a9826d481f6e2903963ecaa881749124 # v1.6.0 +github.com/opencontainers/selinux 2f45b3796d18f1ab4c9fc0c888a98d0a0fd6e429 # v1.8.0 github.com/willf/bitset 559910e8471e48d76d9e5a1ba15842dee77ad45d # v1.1.11 diff --git a/vendor/golang.org/x/sys/README.md b/vendor/golang.org/x/sys/README.md index ef6c9e59c261..3b7e728042fd 100644 --- a/vendor/golang.org/x/sys/README.md +++ b/vendor/golang.org/x/sys/README.md @@ -1,5 +1,7 @@ # sys +[![Go Reference](https://pkg.go.dev/badge/golang.org/x/sys.svg)](https://pkg.go.dev/golang.org/x/sys) + This repository holds supplemental Go packages for low-level interactions with the operating system. diff --git a/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s b/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s index 06f84b855580..6b4027b33fd2 100644 --- a/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s +++ b/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_arm64.go index 2f64d3b3983c..87dd5e30215b 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.go @@ -39,34 +39,34 @@ func initOptions() { func archInit() { switch runtime.GOOS { - case "android", "darwin", "ios", "netbsd", "openbsd": - // Android and iOS don't seem to allow reading these registers. - // - // NetBSD: - // ID_AA64ISAR0_EL1 is a privileged register and cannot be read from EL0. - // It can be read via sysctl(3). Example for future implementers: - // https://nxr.netbsd.org/xref/src/usr.sbin/cpuctl/arch/aarch64.c + case "freebsd": + readARM64Registers() + case "linux", "netbsd": + doinit() + default: + // Most platforms don't seem to allow reading these registers. // // OpenBSD: // See https://golang.org/issue/31746 - // - // Fake the minimal features expected by - // TestARM64minimalFeatures. - ARM64.HasASIMD = true - ARM64.HasFP = true - case "linux": - doinit() - default: - readARM64Registers() + setMinimalFeatures() } } +// setMinimalFeatures fakes the minimal ARM64 features expected by +// TestARM64minimalFeatures. +func setMinimalFeatures() { + ARM64.HasASIMD = true + ARM64.HasFP = true +} + func readARM64Registers() { Initialized = true - // ID_AA64ISAR0_EL1 - isar0 := getisar0() + parseARM64SystemRegisters(getisar0(), getisar1(), getpfr0()) +} +func parseARM64SystemRegisters(isar0, isar1, pfr0 uint64) { + // ID_AA64ISAR0_EL1 switch extractBits(isar0, 4, 7) { case 1: ARM64.HasAES = true @@ -124,8 +124,6 @@ func readARM64Registers() { } // ID_AA64ISAR1_EL1 - isar1 := getisar1() - switch extractBits(isar1, 0, 3) { case 1: ARM64.HasDCPOP = true @@ -147,8 +145,6 @@ func readARM64Registers() { } // ID_AA64PFR0_EL1 - pfr0 := getpfr0() - switch extractBits(pfr0, 16, 19) { case 0: ARM64.HasFP = true diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.s b/vendor/golang.org/x/sys/cpu/cpu_arm64.s index a54436e39095..cfc08c979439 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_arm64.s +++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go index 7b88e865a428..7f7f272a014f 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go index 568bcd031aa4..75a95566161d 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go +++ b/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go index f7cb46971cb0..4adb89cf9cc8 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go +++ b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // +build 386 amd64 amd64p32 -// +build !gccgo +// +build gc package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_linux_s390x.go index b88d6b8f662b..1517ac61d31b 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_linux_s390x.go +++ b/vendor/golang.org/x/sys/cpu/cpu_linux_s390x.go @@ -17,86 +17,7 @@ const ( hwcap_VXE = 8192 ) -// bitIsSet reports whether the bit at index is set. The bit index -// is in big endian order, so bit index 0 is the leftmost bit. -func bitIsSet(bits []uint64, index uint) bool { - return bits[index/64]&((1<<63)>>(index%64)) != 0 -} - -// function is the code for the named cryptographic function. -type function uint8 - -const ( - // KM{,A,C,CTR} function codes - aes128 function = 18 // AES-128 - aes192 function = 19 // AES-192 - aes256 function = 20 // AES-256 - - // K{I,L}MD function codes - sha1 function = 1 // SHA-1 - sha256 function = 2 // SHA-256 - sha512 function = 3 // SHA-512 - sha3_224 function = 32 // SHA3-224 - sha3_256 function = 33 // SHA3-256 - sha3_384 function = 34 // SHA3-384 - sha3_512 function = 35 // SHA3-512 - shake128 function = 36 // SHAKE-128 - shake256 function = 37 // SHAKE-256 - - // KLMD function codes - ghash function = 65 // GHASH -) - -// queryResult contains the result of a Query function -// call. Bits are numbered in big endian order so the -// leftmost bit (the MSB) is at index 0. -type queryResult struct { - bits [2]uint64 -} - -// Has reports whether the given functions are present. -func (q *queryResult) Has(fns ...function) bool { - if len(fns) == 0 { - panic("no function codes provided") - } - for _, f := range fns { - if !bitIsSet(q.bits[:], uint(f)) { - return false - } - } - return true -} - -// facility is a bit index for the named facility. -type facility uint8 - -const ( - // cryptography facilities - msa4 facility = 77 // message-security-assist extension 4 - msa8 facility = 146 // message-security-assist extension 8 -) - -// facilityList contains the result of an STFLE call. -// Bits are numbered in big endian order so the -// leftmost bit (the MSB) is at index 0. -type facilityList struct { - bits [4]uint64 -} - -// Has reports whether the given facilities are present. -func (s *facilityList) Has(fs ...facility) bool { - if len(fs) == 0 { - panic("no facility bits provided") - } - for _, f := range fs { - if !bitIsSet(s.bits[:], uint(f)) { - return false - } - } - return true -} - -func doinit() { +func initS390Xbase() { // test HWCAP bit vector has := func(featureMask uint) bool { return hwCap&featureMask == featureMask @@ -116,44 +37,4 @@ func doinit() { if S390X.HasVX { S390X.HasVXE = has(hwcap_VXE) } - - // We need implementations of stfle, km and so on - // to detect cryptographic features. - if !haveAsmFunctions() { - return - } - - // optional cryptographic functions - if S390X.HasMSA { - aes := []function{aes128, aes192, aes256} - - // cipher message - km, kmc := kmQuery(), kmcQuery() - S390X.HasAES = km.Has(aes...) - S390X.HasAESCBC = kmc.Has(aes...) - if S390X.HasSTFLE { - facilities := stfle() - if facilities.Has(msa4) { - kmctr := kmctrQuery() - S390X.HasAESCTR = kmctr.Has(aes...) - } - if facilities.Has(msa8) { - kma := kmaQuery() - S390X.HasAESGCM = kma.Has(aes...) - } - } - - // compute message digest - kimd := kimdQuery() // intermediate (no padding) - klmd := klmdQuery() // last (padding) - S390X.HasSHA1 = kimd.Has(sha1) && klmd.Has(sha1) - S390X.HasSHA256 = kimd.Has(sha256) && klmd.Has(sha256) - S390X.HasSHA512 = kimd.Has(sha512) && klmd.Has(sha512) - S390X.HasGHASH = kimd.Has(ghash) // KLMD-GHASH does not exist - sha3 := []function{ - sha3_224, sha3_256, sha3_384, sha3_512, - shake128, shake256, - } - S390X.HasSHA3 = kimd.Has(sha3...) && klmd.Has(sha3...) - } } diff --git a/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go new file mode 100644 index 000000000000..ebfb3fc8e76d --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go @@ -0,0 +1,173 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cpu + +import ( + "syscall" + "unsafe" +) + +// Minimal copy of functionality from x/sys/unix so the cpu package can call +// sysctl without depending on x/sys/unix. + +const ( + _CTL_QUERY = -2 + + _SYSCTL_VERS_1 = 0x1000000 +) + +var _zero uintptr + +func sysctl(mib []int32, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { + var _p0 unsafe.Pointer + if len(mib) > 0 { + _p0 = unsafe.Pointer(&mib[0]) + } else { + _p0 = unsafe.Pointer(&_zero) + } + _, _, errno := syscall.Syscall6( + syscall.SYS___SYSCTL, + uintptr(_p0), + uintptr(len(mib)), + uintptr(unsafe.Pointer(old)), + uintptr(unsafe.Pointer(oldlen)), + uintptr(unsafe.Pointer(new)), + uintptr(newlen)) + if errno != 0 { + return errno + } + return nil +} + +type sysctlNode struct { + Flags uint32 + Num int32 + Name [32]int8 + Ver uint32 + __rsvd uint32 + Un [16]byte + _sysctl_size [8]byte + _sysctl_func [8]byte + _sysctl_parent [8]byte + _sysctl_desc [8]byte +} + +func sysctlNodes(mib []int32) ([]sysctlNode, error) { + var olen uintptr + + // Get a list of all sysctl nodes below the given MIB by performing + // a sysctl for the given MIB with CTL_QUERY appended. + mib = append(mib, _CTL_QUERY) + qnode := sysctlNode{Flags: _SYSCTL_VERS_1} + qp := (*byte)(unsafe.Pointer(&qnode)) + sz := unsafe.Sizeof(qnode) + if err := sysctl(mib, nil, &olen, qp, sz); err != nil { + return nil, err + } + + // Now that we know the size, get the actual nodes. + nodes := make([]sysctlNode, olen/sz) + np := (*byte)(unsafe.Pointer(&nodes[0])) + if err := sysctl(mib, np, &olen, qp, sz); err != nil { + return nil, err + } + + return nodes, nil +} + +func nametomib(name string) ([]int32, error) { + // Split name into components. + var parts []string + last := 0 + for i := 0; i < len(name); i++ { + if name[i] == '.' { + parts = append(parts, name[last:i]) + last = i + 1 + } + } + parts = append(parts, name[last:]) + + mib := []int32{} + // Discover the nodes and construct the MIB OID. + for partno, part := range parts { + nodes, err := sysctlNodes(mib) + if err != nil { + return nil, err + } + for _, node := range nodes { + n := make([]byte, 0) + for i := range node.Name { + if node.Name[i] != 0 { + n = append(n, byte(node.Name[i])) + } + } + if string(n) == part { + mib = append(mib, int32(node.Num)) + break + } + } + if len(mib) != partno+1 { + return nil, err + } + } + + return mib, nil +} + +// aarch64SysctlCPUID is struct aarch64_sysctl_cpu_id from NetBSD's +type aarch64SysctlCPUID struct { + midr uint64 /* Main ID Register */ + revidr uint64 /* Revision ID Register */ + mpidr uint64 /* Multiprocessor Affinity Register */ + aa64dfr0 uint64 /* A64 Debug Feature Register 0 */ + aa64dfr1 uint64 /* A64 Debug Feature Register 1 */ + aa64isar0 uint64 /* A64 Instruction Set Attribute Register 0 */ + aa64isar1 uint64 /* A64 Instruction Set Attribute Register 1 */ + aa64mmfr0 uint64 /* A64 Memory Model Feature Register 0 */ + aa64mmfr1 uint64 /* A64 Memory Model Feature Register 1 */ + aa64mmfr2 uint64 /* A64 Memory Model Feature Register 2 */ + aa64pfr0 uint64 /* A64 Processor Feature Register 0 */ + aa64pfr1 uint64 /* A64 Processor Feature Register 1 */ + aa64zfr0 uint64 /* A64 SVE Feature ID Register 0 */ + mvfr0 uint32 /* Media and VFP Feature Register 0 */ + mvfr1 uint32 /* Media and VFP Feature Register 1 */ + mvfr2 uint32 /* Media and VFP Feature Register 2 */ + pad uint32 + clidr uint64 /* Cache Level ID Register */ + ctr uint64 /* Cache Type Register */ +} + +func sysctlCPUID(name string) (*aarch64SysctlCPUID, error) { + mib, err := nametomib(name) + if err != nil { + return nil, err + } + + out := aarch64SysctlCPUID{} + n := unsafe.Sizeof(out) + _, _, errno := syscall.Syscall6( + syscall.SYS___SYSCTL, + uintptr(unsafe.Pointer(&mib[0])), + uintptr(len(mib)), + uintptr(unsafe.Pointer(&out)), + uintptr(unsafe.Pointer(&n)), + uintptr(0), + uintptr(0)) + if errno != 0 { + return nil, errno + } + return &out, nil +} + +func doinit() { + cpuid, err := sysctlCPUID("machdep.cpu0.cpu_id") + if err != nil { + setMinimalFeatures() + return + } + parseARM64SystemRegisters(cpuid.aa64isar0, cpuid.aa64isar1, cpuid.aa64pfr0) + + Initialized = true +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go index 3ffc4afa03ce..16c1c4090ee2 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go @@ -2,7 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !linux,arm64 +// +build !linux,!netbsd +// +build arm64 package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go b/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go new file mode 100644 index 000000000000..f49fad67783e --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go @@ -0,0 +1,12 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !linux +// +build mips64 mips64le + +package cpu + +func archInit() { + Initialized = true +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_s390x.go index 544cd621ceea..5881b8833f5a 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_s390x.go +++ b/vendor/golang.org/x/sys/cpu/cpu_s390x.go @@ -8,10 +8,10 @@ const cacheLineSize = 256 func initOptions() { options = []option{ - {Name: "zarch", Feature: &S390X.HasZARCH}, - {Name: "stfle", Feature: &S390X.HasSTFLE}, - {Name: "ldisp", Feature: &S390X.HasLDISP}, - {Name: "eimm", Feature: &S390X.HasEIMM}, + {Name: "zarch", Feature: &S390X.HasZARCH, Required: true}, + {Name: "stfle", Feature: &S390X.HasSTFLE, Required: true}, + {Name: "ldisp", Feature: &S390X.HasLDISP, Required: true}, + {Name: "eimm", Feature: &S390X.HasEIMM, Required: true}, {Name: "dfp", Feature: &S390X.HasDFP}, {Name: "etf3eh", Feature: &S390X.HasETF3EH}, {Name: "msa", Feature: &S390X.HasMSA}, @@ -28,3 +28,145 @@ func initOptions() { {Name: "vxe", Feature: &S390X.HasVXE}, } } + +// bitIsSet reports whether the bit at index is set. The bit index +// is in big endian order, so bit index 0 is the leftmost bit. +func bitIsSet(bits []uint64, index uint) bool { + return bits[index/64]&((1<<63)>>(index%64)) != 0 +} + +// facility is a bit index for the named facility. +type facility uint8 + +const ( + // mandatory facilities + zarch facility = 1 // z architecture mode is active + stflef facility = 7 // store-facility-list-extended + ldisp facility = 18 // long-displacement + eimm facility = 21 // extended-immediate + + // miscellaneous facilities + dfp facility = 42 // decimal-floating-point + etf3eh facility = 30 // extended-translation 3 enhancement + + // cryptography facilities + msa facility = 17 // message-security-assist + msa3 facility = 76 // message-security-assist extension 3 + msa4 facility = 77 // message-security-assist extension 4 + msa5 facility = 57 // message-security-assist extension 5 + msa8 facility = 146 // message-security-assist extension 8 + msa9 facility = 155 // message-security-assist extension 9 + + // vector facilities + vx facility = 129 // vector facility + vxe facility = 135 // vector-enhancements 1 + vxe2 facility = 148 // vector-enhancements 2 +) + +// facilityList contains the result of an STFLE call. +// Bits are numbered in big endian order so the +// leftmost bit (the MSB) is at index 0. +type facilityList struct { + bits [4]uint64 +} + +// Has reports whether the given facilities are present. +func (s *facilityList) Has(fs ...facility) bool { + if len(fs) == 0 { + panic("no facility bits provided") + } + for _, f := range fs { + if !bitIsSet(s.bits[:], uint(f)) { + return false + } + } + return true +} + +// function is the code for the named cryptographic function. +type function uint8 + +const ( + // KM{,A,C,CTR} function codes + aes128 function = 18 // AES-128 + aes192 function = 19 // AES-192 + aes256 function = 20 // AES-256 + + // K{I,L}MD function codes + sha1 function = 1 // SHA-1 + sha256 function = 2 // SHA-256 + sha512 function = 3 // SHA-512 + sha3_224 function = 32 // SHA3-224 + sha3_256 function = 33 // SHA3-256 + sha3_384 function = 34 // SHA3-384 + sha3_512 function = 35 // SHA3-512 + shake128 function = 36 // SHAKE-128 + shake256 function = 37 // SHAKE-256 + + // KLMD function codes + ghash function = 65 // GHASH +) + +// queryResult contains the result of a Query function +// call. Bits are numbered in big endian order so the +// leftmost bit (the MSB) is at index 0. +type queryResult struct { + bits [2]uint64 +} + +// Has reports whether the given functions are present. +func (q *queryResult) Has(fns ...function) bool { + if len(fns) == 0 { + panic("no function codes provided") + } + for _, f := range fns { + if !bitIsSet(q.bits[:], uint(f)) { + return false + } + } + return true +} + +func doinit() { + initS390Xbase() + + // We need implementations of stfle, km and so on + // to detect cryptographic features. + if !haveAsmFunctions() { + return + } + + // optional cryptographic functions + if S390X.HasMSA { + aes := []function{aes128, aes192, aes256} + + // cipher message + km, kmc := kmQuery(), kmcQuery() + S390X.HasAES = km.Has(aes...) + S390X.HasAESCBC = kmc.Has(aes...) + if S390X.HasSTFLE { + facilities := stfle() + if facilities.Has(msa4) { + kmctr := kmctrQuery() + S390X.HasAESCTR = kmctr.Has(aes...) + } + if facilities.Has(msa8) { + kma := kmaQuery() + S390X.HasAESGCM = kma.Has(aes...) + } + } + + // compute message digest + kimd := kimdQuery() // intermediate (no padding) + klmd := klmdQuery() // last (padding) + S390X.HasSHA1 = kimd.Has(sha1) && klmd.Has(sha1) + S390X.HasSHA256 = kimd.Has(sha256) && klmd.Has(sha256) + S390X.HasSHA512 = kimd.Has(sha512) && klmd.Has(sha512) + S390X.HasGHASH = kimd.Has(ghash) // KLMD-GHASH does not exist + sha3 := []function{ + sha3_224, sha3_256, sha3_384, sha3_512, + shake128, shake256, + } + S390X.HasSHA3 = kimd.Has(sha3...) && klmd.Has(sha3...) + } +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_s390x.s b/vendor/golang.org/x/sys/cpu/cpu_s390x.s index e5037d92e061..964946df9571 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_s390x.s +++ b/vendor/golang.org/x/sys/cpu/cpu_s390x.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.s b/vendor/golang.org/x/sys/cpu/cpu_x86.s index 47f084128cc3..2f557a5887a4 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_x86.s +++ b/vendor/golang.org/x/sys/cpu/cpu_x86.s @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // +build 386 amd64 amd64p32 -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/cpu/cpu_zos.go b/vendor/golang.org/x/sys/cpu/cpu_zos.go new file mode 100644 index 000000000000..5f54683a22e3 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_zos.go @@ -0,0 +1,10 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cpu + +func archInit() { + doinit() + Initialized = true +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go new file mode 100644 index 000000000000..ccb1b708aba9 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go @@ -0,0 +1,25 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cpu + +func initS390Xbase() { + // get the facilities list + facilities := stfle() + + // mandatory + S390X.HasZARCH = facilities.Has(zarch) + S390X.HasSTFLE = facilities.Has(stflef) + S390X.HasLDISP = facilities.Has(ldisp) + S390X.HasEIMM = facilities.Has(eimm) + + // optional + S390X.HasETF3EH = facilities.Has(etf3eh) + S390X.HasDFP = facilities.Has(dfp) + S390X.HasMSA = facilities.Has(msa) + S390X.HasVX = facilities.Has(vx) + if S390X.HasVX { + S390X.HasVXE = facilities.Has(vxe) + } +} diff --git a/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go index 78fe25e86fbb..5b427d67e2f7 100644 --- a/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go +++ b/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go @@ -7,7 +7,7 @@ // (See golang.org/issue/32102) // +build aix,ppc64 -// +build !gccgo +// +build gc package cpu diff --git a/vendor/golang.org/x/sys/execabs/execabs.go b/vendor/golang.org/x/sys/execabs/execabs.go new file mode 100644 index 000000000000..78192498db01 --- /dev/null +++ b/vendor/golang.org/x/sys/execabs/execabs.go @@ -0,0 +1,102 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package execabs is a drop-in replacement for os/exec +// that requires PATH lookups to find absolute paths. +// That is, execabs.Command("cmd") runs the same PATH lookup +// as exec.Command("cmd"), but if the result is a path +// which is relative, the Run and Start methods will report +// an error instead of running the executable. +// +// See https://blog.golang.org/path-security for more information +// about when it may be necessary or appropriate to use this package. +package execabs + +import ( + "context" + "fmt" + "os/exec" + "path/filepath" + "reflect" + "unsafe" +) + +// ErrNotFound is the error resulting if a path search failed to find an executable file. +// It is an alias for exec.ErrNotFound. +var ErrNotFound = exec.ErrNotFound + +// Cmd represents an external command being prepared or run. +// It is an alias for exec.Cmd. +type Cmd = exec.Cmd + +// Error is returned by LookPath when it fails to classify a file as an executable. +// It is an alias for exec.Error. +type Error = exec.Error + +// An ExitError reports an unsuccessful exit by a command. +// It is an alias for exec.ExitError. +type ExitError = exec.ExitError + +func relError(file, path string) error { + return fmt.Errorf("%s resolves to executable in current directory (.%c%s)", file, filepath.Separator, path) +} + +// LookPath searches for an executable named file in the directories +// named by the PATH environment variable. If file contains a slash, +// it is tried directly and the PATH is not consulted. The result will be +// an absolute path. +// +// LookPath differs from exec.LookPath in its handling of PATH lookups, +// which are used for file names without slashes. If exec.LookPath's +// PATH lookup would have returned an executable from the current directory, +// LookPath instead returns an error. +func LookPath(file string) (string, error) { + path, err := exec.LookPath(file) + if err != nil { + return "", err + } + if filepath.Base(file) == file && !filepath.IsAbs(path) { + return "", relError(file, path) + } + return path, nil +} + +func fixCmd(name string, cmd *exec.Cmd) { + if filepath.Base(name) == name && !filepath.IsAbs(cmd.Path) { + // exec.Command was called with a bare binary name and + // exec.LookPath returned a path which is not absolute. + // Set cmd.lookPathErr and clear cmd.Path so that it + // cannot be run. + lookPathErr := (*error)(unsafe.Pointer(reflect.ValueOf(cmd).Elem().FieldByName("lookPathErr").Addr().Pointer())) + if *lookPathErr == nil { + *lookPathErr = relError(name, cmd.Path) + } + cmd.Path = "" + } +} + +// CommandContext is like Command but includes a context. +// +// The provided context is used to kill the process (by calling os.Process.Kill) +// if the context becomes done before the command completes on its own. +func CommandContext(ctx context.Context, name string, arg ...string) *exec.Cmd { + cmd := exec.CommandContext(ctx, name, arg...) + fixCmd(name, cmd) + return cmd + +} + +// Command returns the Cmd struct to execute the named program with the given arguments. +// See exec.Command for most details. +// +// Command differs from exec.Command in its handling of PATH lookups, +// which are used when the program name contains no slashes. +// If exec.Command would have returned an exec.Cmd configured to run an +// executable from the current directory, Command instead +// returns an exec.Cmd that will return an error from Start or Run. +func Command(name string, arg ...string) *exec.Cmd { + cmd := exec.Command(name, arg...) + fixCmd(name, cmd) + return cmd +} diff --git a/vendor/golang.org/x/sys/plan9/syscall.go b/vendor/golang.org/x/sys/plan9/syscall.go index 163254cee96f..e7363a2f54d5 100644 --- a/vendor/golang.org/x/sys/plan9/syscall.go +++ b/vendor/golang.org/x/sys/plan9/syscall.go @@ -24,16 +24,20 @@ // holds a value of type syscall.ErrorString. package plan9 // import "golang.org/x/sys/plan9" -import "unsafe" +import ( + "bytes" + "strings" + "unsafe" + + "golang.org/x/sys/internal/unsafeheader" +) // ByteSliceFromString returns a NUL-terminated slice of bytes // containing the text of s. If s contains a NUL byte at any // location, it returns (nil, EINVAL). func ByteSliceFromString(s string) ([]byte, error) { - for i := 0; i < len(s); i++ { - if s[i] == 0 { - return nil, EINVAL - } + if strings.IndexByte(s, 0) != -1 { + return nil, EINVAL } a := make([]byte, len(s)+1) copy(a, s) @@ -51,6 +55,41 @@ func BytePtrFromString(s string) (*byte, error) { return &a[0], nil } +// ByteSliceToString returns a string form of the text represented by the slice s, with a terminating NUL and any +// bytes after the NUL removed. +func ByteSliceToString(s []byte) string { + if i := bytes.IndexByte(s, 0); i != -1 { + s = s[:i] + } + return string(s) +} + +// BytePtrToString takes a pointer to a sequence of text and returns the corresponding string. +// If the pointer is nil, it returns the empty string. It assumes that the text sequence is terminated +// at a zero byte; if the zero byte is not present, the program may crash. +func BytePtrToString(p *byte) string { + if p == nil { + return "" + } + if *p == 0 { + return "" + } + + // Find NUL terminator. + n := 0 + for ptr := unsafe.Pointer(p); *(*byte)(ptr) != 0; n++ { + ptr = unsafe.Pointer(uintptr(ptr) + 1) + } + + var s []byte + h := (*unsafeheader.Slice)(unsafe.Pointer(&s)) + h.Data = unsafe.Pointer(p) + h.Len = n + h.Cap = n + + return string(s) +} + // Single-word zero for use when we need a valid pointer to 0 bytes. // See mksyscall.pl. var _zero uintptr diff --git a/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s b/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s index 06f84b855580..6b4027b33fd2 100644 --- a/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s +++ b/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_386.s b/vendor/golang.org/x/sys/unix/asm_darwin_386.s index 8a7278319e31..8a06b87d715a 100644 --- a/vendor/golang.org/x/sys/unix/asm_darwin_386.s +++ b/vendor/golang.org/x/sys/unix/asm_darwin_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s b/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s index 6321421f2726..f2397fde554d 100644 --- a/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_arm.s b/vendor/golang.org/x/sys/unix/asm_darwin_arm.s index 333242d50619..c9e6b6fc8b55 100644 --- a/vendor/golang.org/x/sys/unix/asm_darwin_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_darwin_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc // +build arm,darwin #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s b/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s index 97e017437186..89843f8f4b29 100644 --- a/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc // +build arm64,darwin #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s b/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s index 603dd5728c4a..27674e1cafd7 100644 --- a/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_386.s b/vendor/golang.org/x/sys/unix/asm_freebsd_386.s index c9a0a2601562..49f0ac2364cb 100644 --- a/vendor/golang.org/x/sys/unix/asm_freebsd_386.s +++ b/vendor/golang.org/x/sys/unix/asm_freebsd_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s index 35172477c869..f2dfc57b836f 100644 --- a/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s b/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s index 9227c875bfeb..6d740db2c0c7 100644 --- a/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s index d9318cbf034d..a8f5a29b35f2 100644 --- a/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_386.s b/vendor/golang.org/x/sys/unix/asm_linux_386.s index 448bebbb59af..0655ecbfbbec 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_386.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_amd64.s b/vendor/golang.org/x/sys/unix/asm_linux_amd64.s index c6468a958802..bc3fb6ac3ed2 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_arm.s b/vendor/golang.org/x/sys/unix/asm_linux_arm.s index cf0f3575c133..55b13c7ba45c 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_arm64.s b/vendor/golang.org/x/sys/unix/asm_linux_arm64.s index afe6fdf6b111..22a83d8e3fad 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_arm64.s @@ -4,7 +4,7 @@ // +build linux // +build arm64 -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s b/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s index ab9d63831a75..dc222b90ce74 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s @@ -4,7 +4,7 @@ // +build linux // +build mips64 mips64le -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s b/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s index 99e5399045c2..d333f13cff3b 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s @@ -4,7 +4,7 @@ // +build linux // +build mips mipsle -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s b/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s index 88f712557810..459a629c2732 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s @@ -4,7 +4,7 @@ // +build linux // +build ppc64 ppc64le -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s b/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s index 3cfefed2ec04..04d38497c6dd 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build riscv64,!gccgo +// +build riscv64,gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_s390x.s b/vendor/golang.org/x/sys/unix/asm_linux_s390x.s index a5a863c6bd75..cc303989e174 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_s390x.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_s390x.s @@ -4,7 +4,7 @@ // +build s390x // +build linux -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_386.s b/vendor/golang.org/x/sys/unix/asm_netbsd_386.s index 48bdcd7632af..ae7b498d5068 100644 --- a/vendor/golang.org/x/sys/unix/asm_netbsd_386.s +++ b/vendor/golang.org/x/sys/unix/asm_netbsd_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s index 2ede05c72f09..e57367c17aa7 100644 --- a/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s b/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s index e8928571c450..d7da175e1a3f 100644 --- a/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s index 6f98ba5a370a..e7cbe1904c4e 100644 --- a/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_386.s b/vendor/golang.org/x/sys/unix/asm_openbsd_386.s index 00576f3c8355..2f00b0310f43 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_386.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s index 790ef77f86ef..07632c99ceaa 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s b/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s index 469bfa10039a..73e997320fc7 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s index 0cedea3d39d8..c47302aa46df 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s index 567a4763c88a..47c93fcb6c76 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s b/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s index ded8260f3e40..1f2c755a7203 100644 --- a/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/endian_big.go b/vendor/golang.org/x/sys/unix/endian_big.go index 5e9269063f5b..86781eac2210 100644 --- a/vendor/golang.org/x/sys/unix/endian_big.go +++ b/vendor/golang.org/x/sys/unix/endian_big.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // -// +build ppc64 s390x mips mips64 +// +build armbe arm64be m68k mips mips64 mips64p32 ppc ppc64 s390 s390x shbe sparc sparc64 package unix diff --git a/vendor/golang.org/x/sys/unix/endian_little.go b/vendor/golang.org/x/sys/unix/endian_little.go index bcdb5d30eb9b..8822d8541f23 100644 --- a/vendor/golang.org/x/sys/unix/endian_little.go +++ b/vendor/golang.org/x/sys/unix/endian_little.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // -// +build 386 amd64 amd64p32 arm arm64 ppc64le mipsle mips64le riscv64 +// +build 386 amd64 amd64p32 alpha arm arm64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh package unix diff --git a/vendor/golang.org/x/sys/unix/ptrace_darwin.go b/vendor/golang.org/x/sys/unix/ptrace_darwin.go new file mode 100644 index 000000000000..fc568b5403e6 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/ptrace_darwin.go @@ -0,0 +1,11 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build darwin,!ios + +package unix + +func ptrace(request int, pid int, addr uintptr, data uintptr) error { + return ptrace1(request, pid, addr, data) +} diff --git a/vendor/golang.org/x/sys/unix/ptrace_ios.go b/vendor/golang.org/x/sys/unix/ptrace_ios.go new file mode 100644 index 000000000000..183441c9a531 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/ptrace_ios.go @@ -0,0 +1,11 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build ios + +package unix + +func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { + return ENOTSUP +} diff --git a/vendor/golang.org/x/sys/unix/syscall.go b/vendor/golang.org/x/sys/unix/syscall.go index fd4ee8ebeb70..ab75ef9cc621 100644 --- a/vendor/golang.org/x/sys/unix/syscall.go +++ b/vendor/golang.org/x/sys/unix/syscall.go @@ -24,7 +24,13 @@ // holds a value of type syscall.Errno. package unix // import "golang.org/x/sys/unix" -import "strings" +import ( + "bytes" + "strings" + "unsafe" + + "golang.org/x/sys/internal/unsafeheader" +) // ByteSliceFromString returns a NUL-terminated slice of bytes // containing the text of s. If s contains a NUL byte at any @@ -49,5 +55,40 @@ func BytePtrFromString(s string) (*byte, error) { return &a[0], nil } +// ByteSliceToString returns a string form of the text represented by the slice s, with a terminating NUL and any +// bytes after the NUL removed. +func ByteSliceToString(s []byte) string { + if i := bytes.IndexByte(s, 0); i != -1 { + s = s[:i] + } + return string(s) +} + +// BytePtrToString takes a pointer to a sequence of text and returns the corresponding string. +// If the pointer is nil, it returns the empty string. It assumes that the text sequence is terminated +// at a zero byte; if the zero byte is not present, the program may crash. +func BytePtrToString(p *byte) string { + if p == nil { + return "" + } + if *p == 0 { + return "" + } + + // Find NUL terminator. + n := 0 + for ptr := unsafe.Pointer(p); *(*byte)(ptr) != 0; n++ { + ptr = unsafe.Pointer(uintptr(ptr) + 1) + } + + var s []byte + h := (*unsafeheader.Slice)(unsafe.Pointer(&s)) + h.Data = unsafe.Pointer(p) + h.Len = n + h.Cap = n + + return string(s) +} + // Single-word zero for use when we need a valid pointer to 0 bytes. var _zero uintptr diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go index 123536a028ca..bc634a280a08 100644 --- a/vendor/golang.org/x/sys/unix/syscall_bsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go @@ -277,7 +277,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { } return sa, nil } - return nil, EAFNOSUPPORT + return anyToSockaddrGOOS(fd, rsa) } func Accept(fd int) (nfd int, sa Sockaddr, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go b/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go index dc0befee37eb..ee852f1abc5a 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go @@ -26,7 +26,6 @@ func fdopendir(fd int) (dir uintptr, err error) { func libc_fdopendir_trampoline() -//go:linkname libc_fdopendir libc_fdopendir //go:cgo_import_dynamic libc_fdopendir fdopendir "/usr/lib/libSystem.B.dylib" func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go index 5b0e831f24f5..16f9c226b908 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go @@ -31,10 +31,40 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +// SockaddrCtl implements the Sockaddr interface for AF_SYSTEM type sockets. +type SockaddrCtl struct { + ID uint32 + Unit uint32 + raw RawSockaddrCtl +} + +func (sa *SockaddrCtl) sockaddr() (unsafe.Pointer, _Socklen, error) { + sa.raw.Sc_len = SizeofSockaddrCtl + sa.raw.Sc_family = AF_SYSTEM + sa.raw.Ss_sysaddr = AF_SYS_CONTROL + sa.raw.Sc_id = sa.ID + sa.raw.Sc_unit = sa.Unit + return unsafe.Pointer(&sa.raw), SizeofSockaddrCtl, nil +} + +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + switch rsa.Addr.Family { + case AF_SYSTEM: + pp := (*RawSockaddrCtl)(unsafe.Pointer(rsa)) + if pp.Ss_sysaddr == AF_SYS_CONTROL { + sa := new(SockaddrCtl) + sa.ID = pp.Sc_id + sa.Unit = pp.Sc_unit + return sa, nil + } + } + return nil, EAFNOSUPPORT +} + // Some external packages rely on SYS___SYSCTL being defined to implement their // own sysctl wrappers. Provide it here, even though direct syscalls are no // longer supported on darwin. -const SYS___SYSCTL = 202 +const SYS___SYSCTL = SYS_SYSCTL // Translate "kern.hostname" to []_C_int{0,1,2,3}. func nametomib(name string) (mib []_C_int, err error) { @@ -89,13 +119,16 @@ type attrList struct { Forkattr uint32 } -//sysnb pipe() (r int, w int, err error) +//sysnb pipe(p *[2]int32) (err error) func Pipe(p []int) (err error) { if len(p) != 2 { return EINVAL } - p[0], p[1], err = pipe() + var x [2]int32 + err = pipe(&x) + p[0] = int(x[0]) + p[1] = int(x[1]) return } @@ -264,6 +297,29 @@ func IoctlCtlInfo(fd int, ctlInfo *CtlInfo) error { return err } +// IfreqMTU is struct ifreq used to get or set a network device's MTU. +type IfreqMTU struct { + Name [IFNAMSIZ]byte + MTU int32 +} + +// IoctlGetIfreqMTU performs the SIOCGIFMTU ioctl operation on fd to get the MTU +// of the network device specified by ifname. +func IoctlGetIfreqMTU(fd int, ifname string) (*IfreqMTU, error) { + var ifreq IfreqMTU + copy(ifreq.Name[:], ifname) + err := ioctl(fd, SIOCGIFMTU, uintptr(unsafe.Pointer(&ifreq))) + return &ifreq, err +} + +// IoctlSetIfreqMTU performs the SIOCSIFMTU ioctl operation on fd to set the MTU +// of the network device specified by ifreq.Name. +func IoctlSetIfreqMTU(fd int, ifreq *IfreqMTU) error { + err := ioctl(fd, SIOCSIFMTU, uintptr(unsafe.Pointer(ifreq))) + runtime.KeepAlive(ifreq) + return err +} + //sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS_SYSCTL func Uname(uname *Utsname) error { diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_386.go b/vendor/golang.org/x/sys/unix/syscall_darwin_386.go index 6c1f4ab95b47..ee065fcf2da9 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_386.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_386.go @@ -45,6 +45,6 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, //sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64 //sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64 //sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64 -//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error) +//sys ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace //sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64 //sys Statfs(path string, stat *Statfs_t) (err error) = SYS_STATFS64 diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go index 0582ae256ef4..7a1f64a7b6b4 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go @@ -45,6 +45,6 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, //sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64 //sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64 //sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64 -//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error) +//sys ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace //sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64 //sys Statfs(path string, stat *Statfs_t) (err error) = SYS_STATFS64 diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go b/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go index c6a9733b4cb6..d30735c5d630 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go @@ -6,7 +6,7 @@ package unix import "syscall" -func ptrace(request int, pid int, addr uintptr, data uintptr) error { +func ptrace1(request int, pid int, addr uintptr, data uintptr) error { return ENOTSUP } diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go index 253afa4de55c..9f85fd4046ea 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go @@ -45,6 +45,6 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, //sys Fstatfs(fd int, stat *Statfs_t) (err error) //sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT //sys Lstat(path string, stat *Stat_t) (err error) -//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error) +//sys ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace //sys Stat(path string, stat *Stat_t) (err error) //sys Statfs(path string, stat *Statfs_t) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go index bed7dcfec116..a4f2944a24ea 100644 --- a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go +++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go @@ -47,6 +47,10 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + return nil, EAFNOSUPPORT +} + // Translate "kern.hostname" to []_C_int{0,1,2,3}. func nametomib(name string) (mib []_C_int, err error) { const siz = unsafe.Sizeof(mib[0]) @@ -101,6 +105,19 @@ func Pipe(p []int) (err error) { return } +//sysnb pipe2(p *[2]_C_int, flags int) (err error) + +func Pipe2(p []int, flags int) error { + if len(p) != 2 { + return EINVAL + } + var pp [2]_C_int + err := pipe2(&pp, flags) + p[0] = int(pp[0]) + p[1] = int(pp[1]) + return err +} + //sys extpread(fd int, p []byte, flags int, offset int64) (n int, err error) func Pread(fd int, p []byte, offset int64) (n int, err error) { return extpread(fd, p, 0, offset) diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd.go b/vendor/golang.org/x/sys/unix/syscall_freebsd.go index f6db02aff401..acc00c2e6a10 100644 --- a/vendor/golang.org/x/sys/unix/syscall_freebsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_freebsd.go @@ -54,6 +54,10 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + return nil, EAFNOSUPPORT +} + // Translate "kern.hostname" to []_C_int{0,1,2,3}. func nametomib(name string) (mib []_C_int, err error) { const siz = unsafe.Sizeof(mib[0]) diff --git a/vendor/golang.org/x/sys/unix/syscall_illumos.go b/vendor/golang.org/x/sys/unix/syscall_illumos.go index bbc4f3ea5439..7a2d4120fc08 100644 --- a/vendor/golang.org/x/sys/unix/syscall_illumos.go +++ b/vendor/golang.org/x/sys/unix/syscall_illumos.go @@ -75,16 +75,3 @@ func Accept4(fd int, flags int) (nfd int, sa Sockaddr, err error) { } return } - -//sysnb pipe2(p *[2]_C_int, flags int) (err error) - -func Pipe2(p []int, flags int) error { - if len(p) != 2 { - return EINVAL - } - var pp [2]_C_int - err := pipe2(&pp, flags) - p[0] = int(pp[0]) - p[1] = int(pp[1]) - return err -} diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go index 84a9e5277ac5..28be1306ec97 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -641,6 +641,36 @@ func (sa *SockaddrCAN) sockaddr() (unsafe.Pointer, _Socklen, error) { return unsafe.Pointer(&sa.raw), SizeofSockaddrCAN, nil } +// SockaddrCANJ1939 implements the Sockaddr interface for AF_CAN using J1939 +// protocol (https://en.wikipedia.org/wiki/SAE_J1939). For more information +// on the purposes of the fields, check the official linux kernel documentation +// available here: https://www.kernel.org/doc/Documentation/networking/j1939.rst +type SockaddrCANJ1939 struct { + Ifindex int + Name uint64 + PGN uint32 + Addr uint8 + raw RawSockaddrCAN +} + +func (sa *SockaddrCANJ1939) sockaddr() (unsafe.Pointer, _Socklen, error) { + if sa.Ifindex < 0 || sa.Ifindex > 0x7fffffff { + return nil, 0, EINVAL + } + sa.raw.Family = AF_CAN + sa.raw.Ifindex = int32(sa.Ifindex) + n := (*[8]byte)(unsafe.Pointer(&sa.Name)) + for i := 0; i < 8; i++ { + sa.raw.Addr[i] = n[i] + } + p := (*[4]byte)(unsafe.Pointer(&sa.PGN)) + for i := 0; i < 4; i++ { + sa.raw.Addr[i+8] = p[i] + } + sa.raw.Addr[12] = sa.Addr + return unsafe.Pointer(&sa.raw), SizeofSockaddrCAN, nil +} + // SockaddrALG implements the Sockaddr interface for AF_ALG type sockets. // SockaddrALG enables userspace access to the Linux kernel's cryptography // subsystem. The Type and Name fields specify which type of hash or cipher @@ -952,6 +982,10 @@ func (sa *SockaddrIUCV) sockaddr() (unsafe.Pointer, _Socklen, error) { return unsafe.Pointer(&sa.raw), SizeofSockaddrIUCV, nil } +var socketProtocol = func(fd int) (int, error) { + return GetsockoptInt(fd, SOL_SOCKET, SO_PROTOCOL) +} + func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { switch rsa.Addr.Family { case AF_NETLINK: @@ -1002,7 +1036,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { return sa, nil case AF_INET: - proto, err := GetsockoptInt(fd, SOL_SOCKET, SO_PROTOCOL) + proto, err := socketProtocol(fd) if err != nil { return nil, err } @@ -1028,7 +1062,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { } case AF_INET6: - proto, err := GetsockoptInt(fd, SOL_SOCKET, SO_PROTOCOL) + proto, err := socketProtocol(fd) if err != nil { return nil, err } @@ -1063,7 +1097,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { } return sa, nil case AF_BLUETOOTH: - proto, err := GetsockoptInt(fd, SOL_SOCKET, SO_PROTOCOL) + proto, err := socketProtocol(fd) if err != nil { return nil, err } @@ -1150,20 +1184,43 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { return sa, nil case AF_CAN: - pp := (*RawSockaddrCAN)(unsafe.Pointer(rsa)) - sa := &SockaddrCAN{ - Ifindex: int(pp.Ifindex), - } - rx := (*[4]byte)(unsafe.Pointer(&sa.RxID)) - for i := 0; i < 4; i++ { - rx[i] = pp.Addr[i] - } - tx := (*[4]byte)(unsafe.Pointer(&sa.TxID)) - for i := 0; i < 4; i++ { - tx[i] = pp.Addr[i+4] + proto, err := socketProtocol(fd) + if err != nil { + return nil, err } - return sa, nil + pp := (*RawSockaddrCAN)(unsafe.Pointer(rsa)) + + switch proto { + case CAN_J1939: + sa := &SockaddrCANJ1939{ + Ifindex: int(pp.Ifindex), + } + name := (*[8]byte)(unsafe.Pointer(&sa.Name)) + for i := 0; i < 8; i++ { + name[i] = pp.Addr[i] + } + pgn := (*[4]byte)(unsafe.Pointer(&sa.PGN)) + for i := 0; i < 4; i++ { + pgn[i] = pp.Addr[i+8] + } + addr := (*[1]byte)(unsafe.Pointer(&sa.Addr)) + addr[0] = pp.Addr[12] + return sa, nil + default: + sa := &SockaddrCAN{ + Ifindex: int(pp.Ifindex), + } + rx := (*[4]byte)(unsafe.Pointer(&sa.RxID)) + for i := 0; i < 4; i++ { + rx[i] = pp.Addr[i] + } + tx := (*[4]byte)(unsafe.Pointer(&sa.TxID)) + for i := 0; i < 4; i++ { + tx[i] = pp.Addr[i+4] + } + return sa, nil + } } return nil, EAFNOSUPPORT } diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go b/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go index 21a4946ba553..baa771f8ad98 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // +build amd64,linux -// +build !gccgo +// +build gc package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc.go index c26e6ec2314a..9edf3961b010 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_gc.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build linux,!gccgo +// +build linux,gc package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go index 070bd38994ec..90e33d8cf751 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build linux,!gccgo,386 +// +build linux,gc,386 package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go index 8c514c95ed4f..1a97baae732e 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build arm,!gccgo,linux +// +build arm,gc,linux package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd.go b/vendor/golang.org/x/sys/unix/syscall_netbsd.go index dbd5e03b6272..1e6843b4c3da 100644 --- a/vendor/golang.org/x/sys/unix/syscall_netbsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_netbsd.go @@ -31,6 +31,10 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + return nil, EAFNOSUPPORT +} + func Syscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) func sysctlNodes(mib []_C_int) (nodes []Sysctlnode, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go index 2c1f46ea1eff..6a50b50bd692 100644 --- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go @@ -31,6 +31,10 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + return nil, EAFNOSUPPORT +} + func Syscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) func nametomib(name string) (mib []_C_int, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go index fee6e9952891..184786ed99b7 100644 --- a/vendor/golang.org/x/sys/unix/syscall_solaris.go +++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go @@ -68,6 +68,19 @@ func Pipe(p []int) (err error) { return nil } +//sysnb pipe2(p *[2]_C_int, flags int) (err error) + +func Pipe2(p []int, flags int) error { + if len(p) != 2 { + return EINVAL + } + var pp [2]_C_int + err := pipe2(&pp, flags) + p[0] = int(pp[0]) + p[1] = int(pp[1]) + return err +} + func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) { if sa.Port < 0 || sa.Port > 0xFFFF { return nil, 0, EINVAL diff --git a/vendor/golang.org/x/sys/unix/syscall_unix_gc.go b/vendor/golang.org/x/sys/unix/syscall_unix_gc.go index 1c70d1b6902b..87bd161cefc9 100644 --- a/vendor/golang.org/x/sys/unix/syscall_unix_gc.go +++ b/vendor/golang.org/x/sys/unix/syscall_unix_gc.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // +build darwin dragonfly freebsd linux netbsd openbsd solaris -// +build !gccgo,!ppc64le,!ppc64 +// +build gc,!ppc64le,!ppc64 package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go b/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go index 86dc765aba3e..d36216c3ca73 100644 --- a/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go +++ b/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go @@ -4,7 +4,7 @@ // +build linux // +build ppc64le ppc64 -// +build !gccgo +// +build gc package unix diff --git a/vendor/golang.org/x/sys/unix/timestruct.go b/vendor/golang.org/x/sys/unix/timestruct.go index 4a672f56942a..103604299e2a 100644 --- a/vendor/golang.org/x/sys/unix/timestruct.go +++ b/vendor/golang.org/x/sys/unix/timestruct.go @@ -8,12 +8,10 @@ package unix import "time" -// TimespecToNsec converts a Timespec value into a number of -// nanoseconds since the Unix epoch. -func TimespecToNsec(ts Timespec) int64 { return int64(ts.Sec)*1e9 + int64(ts.Nsec) } +// TimespecToNSec returns the time stored in ts as nanoseconds. +func TimespecToNsec(ts Timespec) int64 { return ts.Nano() } -// NsecToTimespec takes a number of nanoseconds since the Unix epoch -// and returns the corresponding Timespec value. +// NsecToTimespec converts a number of nanoseconds into a Timespec. func NsecToTimespec(nsec int64) Timespec { sec := nsec / 1e9 nsec = nsec % 1e9 @@ -42,12 +40,10 @@ func TimeToTimespec(t time.Time) (Timespec, error) { return ts, nil } -// TimevalToNsec converts a Timeval value into a number of nanoseconds -// since the Unix epoch. -func TimevalToNsec(tv Timeval) int64 { return int64(tv.Sec)*1e9 + int64(tv.Usec)*1e3 } +// TimevalToNsec returns the time stored in tv as nanoseconds. +func TimevalToNsec(tv Timeval) int64 { return tv.Nano() } -// NsecToTimeval takes a number of nanoseconds since the Unix epoch -// and returns the corresponding Timeval value. +// NsecToTimeval converts a number of nanoseconds into a Timeval. func NsecToTimeval(nsec int64) Timeval { nsec += 999 // round up to microsecond usec := nsec % 1e9 / 1e3 @@ -59,24 +55,22 @@ func NsecToTimeval(nsec int64) Timeval { return setTimeval(sec, usec) } -// Unix returns ts as the number of seconds and nanoseconds elapsed since the -// Unix epoch. +// Unix returns the time stored in ts as seconds plus nanoseconds. func (ts *Timespec) Unix() (sec int64, nsec int64) { return int64(ts.Sec), int64(ts.Nsec) } -// Unix returns tv as the number of seconds and nanoseconds elapsed since the -// Unix epoch. +// Unix returns the time stored in tv as seconds plus nanoseconds. func (tv *Timeval) Unix() (sec int64, nsec int64) { return int64(tv.Sec), int64(tv.Usec) * 1000 } -// Nano returns ts as the number of nanoseconds elapsed since the Unix epoch. +// Nano returns the time stored in ts as nanoseconds. func (ts *Timespec) Nano() int64 { return int64(ts.Sec)*1e9 + int64(ts.Nsec) } -// Nano returns tv as the number of nanoseconds elapsed since the Unix epoch. +// Nano returns the time stored in tv as nanoseconds. func (tv *Timeval) Nano() int64 { return int64(tv.Sec)*1e9 + int64(tv.Usec)*1000 } diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go index c8f9f7a1fb1a..ec376f51bc42 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go @@ -45,6 +45,7 @@ const ( AF_SIP = 0x18 AF_SNA = 0xb AF_SYSTEM = 0x20 + AF_SYS_CONTROL = 0x2 AF_UNIX = 0x1 AF_UNSPEC = 0x0 AF_UTUN = 0x26 diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go index 7180064b2b88..fea5dfaadb9b 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go @@ -45,6 +45,7 @@ const ( AF_SIP = 0x18 AF_SNA = 0xb AF_SYSTEM = 0x20 + AF_SYS_CONTROL = 0x2 AF_UNIX = 0x1 AF_UNSPEC = 0x0 AF_UTUN = 0x26 diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go index 3b9ca7585820..03feefbf8c92 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go @@ -45,6 +45,7 @@ const ( AF_SIP = 0x18 AF_SNA = 0xb AF_SYSTEM = 0x20 + AF_SYS_CONTROL = 0x2 AF_UNIX = 0x1 AF_UNSPEC = 0x0 AF_UTUN = 0x26 diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go index 4687c73ac168..b40fb1f69675 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go @@ -45,6 +45,7 @@ const ( AF_SIP = 0x18 AF_SNA = 0xb AF_SYSTEM = 0x20 + AF_SYS_CONTROL = 0x2 AF_UNIX = 0x1 AF_UNSPEC = 0x0 AF_UTUN = 0x26 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go index 2069fb861d11..b3463a8b5a54 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go @@ -65,6 +65,7 @@ const ( ALG_OP_ENCRYPT = 0x1 ALG_SET_AEAD_ASSOCLEN = 0x4 ALG_SET_AEAD_AUTHSIZE = 0x5 + ALG_SET_DRBG_ENTROPY = 0x6 ALG_SET_IV = 0x2 ALG_SET_KEY = 0x1 ALG_SET_OP = 0x3 @@ -179,8 +180,10 @@ const ( BPF_F_ANY_ALIGNMENT = 0x2 BPF_F_QUERY_EFFECTIVE = 0x1 BPF_F_REPLACE = 0x4 + BPF_F_SLEEPABLE = 0x10 BPF_F_STRICT_ALIGNMENT = 0x1 BPF_F_TEST_RND_HI32 = 0x4 + BPF_F_TEST_RUN_ON_CPU = 0x1 BPF_F_TEST_STATE_FREQ = 0x8 BPF_H = 0x8 BPF_IMM = 0x0 @@ -219,6 +222,7 @@ const ( BPF_NET_OFF = -0x100000 BPF_OBJ_NAME_LEN = 0x10 BPF_OR = 0x40 + BPF_PSEUDO_BTF_ID = 0x3 BPF_PSEUDO_CALL = 0x1 BPF_PSEUDO_MAP_FD = 0x1 BPF_PSEUDO_MAP_VALUE = 0x2 @@ -429,10 +433,13 @@ const ( DEBUGFS_MAGIC = 0x64626720 DEVLINK_CMD_ESWITCH_MODE_GET = 0x1d DEVLINK_CMD_ESWITCH_MODE_SET = 0x1e + DEVLINK_FLASH_OVERWRITE_IDENTIFIERS = 0x2 + DEVLINK_FLASH_OVERWRITE_SETTINGS = 0x1 DEVLINK_GENL_MCGRP_CONFIG_NAME = "config" DEVLINK_GENL_NAME = "devlink" DEVLINK_GENL_VERSION = 0x1 DEVLINK_SB_THRESHOLD_TO_ALPHA_MAX = 0x14 + DEVLINK_SUPPORTED_FLASH_OVERWRITE_SECTIONS = 0x3 DEVMEM_MAGIC = 0x454d444d DEVPTS_SUPER_MAGIC = 0x1cd1 DMA_BUF_MAGIC = 0x444d4142 @@ -477,9 +484,9 @@ const ( DM_UUID_FLAG = 0x4000 DM_UUID_LEN = 0x81 DM_VERSION = 0xc138fd00 - DM_VERSION_EXTRA = "-ioctl (2020-02-27)" + DM_VERSION_EXTRA = "-ioctl (2020-10-01)" DM_VERSION_MAJOR = 0x4 - DM_VERSION_MINOR = 0x2a + DM_VERSION_MINOR = 0x2b DM_VERSION_PATCHLEVEL = 0x0 DT_BLK = 0x6 DT_CHR = 0x2 @@ -520,6 +527,119 @@ const ( EPOLL_CTL_DEL = 0x2 EPOLL_CTL_MOD = 0x3 EROFS_SUPER_MAGIC_V1 = 0xe0f5e1e2 + ESP_V4_FLOW = 0xa + ESP_V6_FLOW = 0xc + ETHER_FLOW = 0x12 + ETHTOOL_BUSINFO_LEN = 0x20 + ETHTOOL_EROMVERS_LEN = 0x20 + ETHTOOL_FEC_AUTO = 0x2 + ETHTOOL_FEC_BASER = 0x10 + ETHTOOL_FEC_LLRS = 0x20 + ETHTOOL_FEC_NONE = 0x1 + ETHTOOL_FEC_OFF = 0x4 + ETHTOOL_FEC_RS = 0x8 + ETHTOOL_FLAG_ALL = 0x7 + ETHTOOL_FLAG_COMPACT_BITSETS = 0x1 + ETHTOOL_FLAG_OMIT_REPLY = 0x2 + ETHTOOL_FLAG_STATS = 0x4 + ETHTOOL_FLASHDEV = 0x33 + ETHTOOL_FLASH_MAX_FILENAME = 0x80 + ETHTOOL_FWVERS_LEN = 0x20 + ETHTOOL_F_COMPAT = 0x4 + ETHTOOL_F_UNSUPPORTED = 0x1 + ETHTOOL_F_WISH = 0x2 + ETHTOOL_GCHANNELS = 0x3c + ETHTOOL_GCOALESCE = 0xe + ETHTOOL_GDRVINFO = 0x3 + ETHTOOL_GEEE = 0x44 + ETHTOOL_GEEPROM = 0xb + ETHTOOL_GENL_NAME = "ethtool" + ETHTOOL_GENL_VERSION = 0x1 + ETHTOOL_GET_DUMP_DATA = 0x40 + ETHTOOL_GET_DUMP_FLAG = 0x3f + ETHTOOL_GET_TS_INFO = 0x41 + ETHTOOL_GFEATURES = 0x3a + ETHTOOL_GFECPARAM = 0x50 + ETHTOOL_GFLAGS = 0x25 + ETHTOOL_GGRO = 0x2b + ETHTOOL_GGSO = 0x23 + ETHTOOL_GLINK = 0xa + ETHTOOL_GLINKSETTINGS = 0x4c + ETHTOOL_GMODULEEEPROM = 0x43 + ETHTOOL_GMODULEINFO = 0x42 + ETHTOOL_GMSGLVL = 0x7 + ETHTOOL_GPAUSEPARAM = 0x12 + ETHTOOL_GPERMADDR = 0x20 + ETHTOOL_GPFLAGS = 0x27 + ETHTOOL_GPHYSTATS = 0x4a + ETHTOOL_GREGS = 0x4 + ETHTOOL_GRINGPARAM = 0x10 + ETHTOOL_GRSSH = 0x46 + ETHTOOL_GRXCLSRLALL = 0x30 + ETHTOOL_GRXCLSRLCNT = 0x2e + ETHTOOL_GRXCLSRULE = 0x2f + ETHTOOL_GRXCSUM = 0x14 + ETHTOOL_GRXFH = 0x29 + ETHTOOL_GRXFHINDIR = 0x38 + ETHTOOL_GRXNTUPLE = 0x36 + ETHTOOL_GRXRINGS = 0x2d + ETHTOOL_GSET = 0x1 + ETHTOOL_GSG = 0x18 + ETHTOOL_GSSET_INFO = 0x37 + ETHTOOL_GSTATS = 0x1d + ETHTOOL_GSTRINGS = 0x1b + ETHTOOL_GTSO = 0x1e + ETHTOOL_GTUNABLE = 0x48 + ETHTOOL_GTXCSUM = 0x16 + ETHTOOL_GUFO = 0x21 + ETHTOOL_GWOL = 0x5 + ETHTOOL_MCGRP_MONITOR_NAME = "monitor" + ETHTOOL_NWAY_RST = 0x9 + ETHTOOL_PERQUEUE = 0x4b + ETHTOOL_PHYS_ID = 0x1c + ETHTOOL_PHY_EDPD_DFLT_TX_MSECS = 0xffff + ETHTOOL_PHY_EDPD_DISABLE = 0x0 + ETHTOOL_PHY_EDPD_NO_TX = 0xfffe + ETHTOOL_PHY_FAST_LINK_DOWN_OFF = 0xff + ETHTOOL_PHY_FAST_LINK_DOWN_ON = 0x0 + ETHTOOL_PHY_GTUNABLE = 0x4e + ETHTOOL_PHY_STUNABLE = 0x4f + ETHTOOL_RESET = 0x34 + ETHTOOL_RXNTUPLE_ACTION_CLEAR = -0x2 + ETHTOOL_RXNTUPLE_ACTION_DROP = -0x1 + ETHTOOL_RX_FLOW_SPEC_RING = 0xffffffff + ETHTOOL_RX_FLOW_SPEC_RING_VF = 0xff00000000 + ETHTOOL_RX_FLOW_SPEC_RING_VF_OFF = 0x20 + ETHTOOL_SCHANNELS = 0x3d + ETHTOOL_SCOALESCE = 0xf + ETHTOOL_SEEE = 0x45 + ETHTOOL_SEEPROM = 0xc + ETHTOOL_SET_DUMP = 0x3e + ETHTOOL_SFEATURES = 0x3b + ETHTOOL_SFECPARAM = 0x51 + ETHTOOL_SFLAGS = 0x26 + ETHTOOL_SGRO = 0x2c + ETHTOOL_SGSO = 0x24 + ETHTOOL_SLINKSETTINGS = 0x4d + ETHTOOL_SMSGLVL = 0x8 + ETHTOOL_SPAUSEPARAM = 0x13 + ETHTOOL_SPFLAGS = 0x28 + ETHTOOL_SRINGPARAM = 0x11 + ETHTOOL_SRSSH = 0x47 + ETHTOOL_SRXCLSRLDEL = 0x31 + ETHTOOL_SRXCLSRLINS = 0x32 + ETHTOOL_SRXCSUM = 0x15 + ETHTOOL_SRXFH = 0x2a + ETHTOOL_SRXFHINDIR = 0x39 + ETHTOOL_SRXNTUPLE = 0x35 + ETHTOOL_SSET = 0x2 + ETHTOOL_SSG = 0x19 + ETHTOOL_STSO = 0x1f + ETHTOOL_STUNABLE = 0x49 + ETHTOOL_STXCSUM = 0x17 + ETHTOOL_SUFO = 0x22 + ETHTOOL_SWOL = 0x6 + ETHTOOL_TEST = 0x1a ETH_P_1588 = 0x88f7 ETH_P_8021AD = 0x88a8 ETH_P_8021AH = 0x88e7 @@ -989,6 +1109,7 @@ const ( IPV6_DONTFRAG = 0x3e IPV6_DROP_MEMBERSHIP = 0x15 IPV6_DSTOPTS = 0x3b + IPV6_FLOW = 0x11 IPV6_FREEBIND = 0x4e IPV6_HDRINCL = 0x24 IPV6_HOPLIMIT = 0x34 @@ -1038,6 +1159,7 @@ const ( IPV6_TRANSPARENT = 0x4b IPV6_UNICAST_HOPS = 0x10 IPV6_UNICAST_IF = 0x4c + IPV6_USER_FLOW = 0xe IPV6_V6ONLY = 0x1a IPV6_XFRM_POLICY = 0x23 IP_ADD_MEMBERSHIP = 0x23 @@ -1094,6 +1216,7 @@ const ( IP_TTL = 0x2 IP_UNBLOCK_SOURCE = 0x25 IP_UNICAST_IF = 0x32 + IP_USER_FLOW = 0xd IP_XFRM_POLICY = 0x11 ISOFS_SUPER_MAGIC = 0x9660 ISTRIP = 0x20 @@ -1217,6 +1340,12 @@ const ( LOOP_SET_STATUS_SETTABLE_FLAGS = 0xc LO_KEY_SIZE = 0x20 LO_NAME_SIZE = 0x40 + LWTUNNEL_IP6_MAX = 0x8 + LWTUNNEL_IP_MAX = 0x8 + LWTUNNEL_IP_OPTS_MAX = 0x3 + LWTUNNEL_IP_OPT_ERSPAN_MAX = 0x4 + LWTUNNEL_IP_OPT_GENEVE_MAX = 0x3 + LWTUNNEL_IP_OPT_VXLAN_MAX = 0x1 MADV_COLD = 0x14 MADV_DODUMP = 0x11 MADV_DOFORK = 0xb @@ -1325,6 +1454,7 @@ const ( MS_NOREMOTELOCK = 0x8000000 MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 + MS_NOSYMFOLLOW = 0x100 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 MS_PRIVATE = 0x40000 @@ -1566,7 +1696,7 @@ const ( PERF_MEM_REMOTE_REMOTE = 0x1 PERF_MEM_REMOTE_SHIFT = 0x25 PERF_MEM_SNOOPX_FWD = 0x1 - PERF_MEM_SNOOPX_SHIFT = 0x25 + PERF_MEM_SNOOPX_SHIFT = 0x26 PERF_MEM_SNOOP_HIT = 0x4 PERF_MEM_SNOOP_HITM = 0x10 PERF_MEM_SNOOP_MISS = 0x8 @@ -1666,6 +1796,13 @@ const ( PR_MCE_KILL_SET = 0x1 PR_MPX_DISABLE_MANAGEMENT = 0x2c PR_MPX_ENABLE_MANAGEMENT = 0x2b + PR_MTE_TAG_MASK = 0x7fff8 + PR_MTE_TAG_SHIFT = 0x3 + PR_MTE_TCF_ASYNC = 0x4 + PR_MTE_TCF_MASK = 0x6 + PR_MTE_TCF_NONE = 0x0 + PR_MTE_TCF_SHIFT = 0x1 + PR_MTE_TCF_SYNC = 0x2 PR_PAC_APDAKEY = 0x4 PR_PAC_APDBKEY = 0x8 PR_PAC_APGAKEY = 0x10 @@ -2200,7 +2337,7 @@ const ( STATX_ATTR_APPEND = 0x20 STATX_ATTR_AUTOMOUNT = 0x1000 STATX_ATTR_COMPRESSED = 0x4 - STATX_ATTR_DAX = 0x2000 + STATX_ATTR_DAX = 0x200000 STATX_ATTR_ENCRYPTED = 0x800 STATX_ATTR_IMMUTABLE = 0x10 STATX_ATTR_MOUNT_ROOT = 0x2000 @@ -2319,6 +2456,8 @@ const ( TCP_TX_DELAY = 0x25 TCP_ULP = 0x1f TCP_USER_TIMEOUT = 0x12 + TCP_V4_FLOW = 0x1 + TCP_V6_FLOW = 0x5 TCP_WINDOW_CLAMP = 0xa TCP_ZEROCOPY_RECEIVE = 0x23 TFD_TIMER_ABSTIME = 0x1 @@ -2384,6 +2523,7 @@ const ( TIPC_NODE_STATE = 0x0 TIPC_OK = 0x0 TIPC_PUBLISHED = 0x1 + TIPC_REKEYING_NOW = 0xffffffff TIPC_RESERVED_TYPES = 0x40 TIPC_RETDATA = 0x2 TIPC_SERVICE_ADDR = 0x2 @@ -2444,6 +2584,7 @@ const ( VM_SOCKETS_INVALID_VERSION = 0xffffffff VQUIT = 0x1 VT0 = 0x0 + WAKE_MAGIC = 0x20 WALL = 0x40000000 WCLONE = 0x80000000 WCONTINUED = 0x8 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go index dd282c08b7f1..336e0b326a91 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go @@ -4,7 +4,7 @@ // +build 386,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go index 82fc93c7bbc1..961507e937d4 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go @@ -4,7 +4,7 @@ // +build amd64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go index fe7094f2763f..a65576db7b61 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go @@ -4,7 +4,7 @@ // +build arm,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go index 3b6cc58803b6..cf075caa8c8f 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go @@ -4,7 +4,7 @@ // +build arm64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/_const.go package unix @@ -196,6 +196,8 @@ const ( PPPIOCXFERUNIT = 0x744e PROT_BTI = 0x10 PR_SET_PTRACER_ANY = 0xffffffffffffffff + PTRACE_PEEKMTETAGS = 0x21 + PTRACE_POKEMTETAGS = 0x22 PTRACE_SYSEMU = 0x1f PTRACE_SYSEMU_SINGLESTEP = 0x20 RLIMIT_AS = 0x9 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go index ce3d9ae15610..efe90deeab85 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go @@ -4,7 +4,7 @@ // +build mips,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go index 7a85215ce523..8b0e8911dc3f 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go @@ -4,7 +4,7 @@ // +build mips64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go index 07d4cc1bd5ff..e9430cd1a22a 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go @@ -4,7 +4,7 @@ // +build mips64le,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go index d4842ba1c2a8..61e4f5db67c1 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go @@ -4,7 +4,7 @@ // +build mipsle,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go index 941e20daceca..973ad934633c 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go @@ -4,7 +4,7 @@ // +build ppc64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go index 63d3bc56627d..70a7406ba11a 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go @@ -4,7 +4,7 @@ // +build ppc64le,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go index 490bee1ab1b5..b1bf7997cbdc 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go @@ -4,7 +4,7 @@ // +build riscv64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go index 467b8218e80e..7053d10ba024 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go @@ -4,7 +4,7 @@ // +build s390x,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go index 79fbafbcf6c4..137cfe796269 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go @@ -4,7 +4,7 @@ // +build sparc64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go index 4b3a8ad7bec1..0550da06d147 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go @@ -2,7 +2,7 @@ // Code generated by the command above; see README.md. DO NOT EDIT. // +build aix,ppc64 -// +build !gccgo +// +build gc package unix diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go index e263fbdb8bf5..c8c142c59a09 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go @@ -24,7 +24,6 @@ func closedir(dir uintptr) (err error) { func libc_closedir_trampoline() -//go:linkname libc_closedir libc_closedir //go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -37,5 +36,4 @@ func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) { func libc_readdir_r_trampoline() -//go:linkname libc_readdir_r libc_readdir_r //go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go index 6eb457983232..3877183483f1 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go @@ -25,7 +25,6 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) { func libc_getgroups_trampoline() -//go:linkname libc_getgroups libc_getgroups //go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -40,7 +39,6 @@ func setgroups(ngid int, gid *_Gid_t) (err error) { func libc_setgroups_trampoline() -//go:linkname libc_setgroups libc_setgroups //go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -56,7 +54,6 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err func libc_wait4_trampoline() -//go:linkname libc_wait4 libc_wait4 //go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -72,7 +69,6 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) { func libc_accept_trampoline() -//go:linkname libc_accept libc_accept //go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -87,7 +83,6 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_bind_trampoline() -//go:linkname libc_bind libc_bind //go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,7 +97,6 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_connect_trampoline() -//go:linkname libc_connect libc_connect //go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -118,7 +112,6 @@ func socket(domain int, typ int, proto int) (fd int, err error) { func libc_socket_trampoline() -//go:linkname libc_socket libc_socket //go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -133,7 +126,6 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen func libc_getsockopt_trampoline() -//go:linkname libc_getsockopt libc_getsockopt //go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -148,7 +140,6 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) func libc_setsockopt_trampoline() -//go:linkname libc_setsockopt libc_setsockopt //go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -163,7 +154,6 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getpeername_trampoline() -//go:linkname libc_getpeername libc_getpeername //go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -178,7 +168,6 @@ func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getsockname_trampoline() -//go:linkname libc_getsockname libc_getsockname //go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -193,7 +182,6 @@ func Shutdown(s int, how int) (err error) { func libc_shutdown_trampoline() -//go:linkname libc_shutdown libc_shutdown //go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -208,7 +196,6 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) { func libc_socketpair_trampoline() -//go:linkname libc_socketpair libc_socketpair //go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -230,7 +217,6 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl func libc_recvfrom_trampoline() -//go:linkname libc_recvfrom libc_recvfrom //go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -251,7 +237,6 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) ( func libc_sendto_trampoline() -//go:linkname libc_sendto libc_sendto //go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -267,7 +252,6 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_recvmsg_trampoline() -//go:linkname libc_recvmsg libc_recvmsg //go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -283,7 +267,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_sendmsg_trampoline() -//go:linkname libc_sendmsg libc_sendmsg //go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -299,7 +282,6 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne func libc_kevent_trampoline() -//go:linkname libc_kevent libc_kevent //go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -319,7 +301,6 @@ func utimes(path string, timeval *[2]Timeval) (err error) { func libc_utimes_trampoline() -//go:linkname libc_utimes libc_utimes //go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -334,7 +315,6 @@ func futimes(fd int, timeval *[2]Timeval) (err error) { func libc_futimes_trampoline() -//go:linkname libc_futimes libc_futimes //go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -350,7 +330,6 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { func libc_poll_trampoline() -//go:linkname libc_poll libc_poll //go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -371,7 +350,6 @@ func Madvise(b []byte, behav int) (err error) { func libc_madvise_trampoline() -//go:linkname libc_madvise libc_madvise //go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -392,7 +370,6 @@ func Mlock(b []byte) (err error) { func libc_mlock_trampoline() -//go:linkname libc_mlock libc_mlock //go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -407,7 +384,6 @@ func Mlockall(flags int) (err error) { func libc_mlockall_trampoline() -//go:linkname libc_mlockall libc_mlockall //go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -428,7 +404,6 @@ func Mprotect(b []byte, prot int) (err error) { func libc_mprotect_trampoline() -//go:linkname libc_mprotect libc_mprotect //go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -449,7 +424,6 @@ func Msync(b []byte, flags int) (err error) { func libc_msync_trampoline() -//go:linkname libc_msync libc_msync //go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -470,7 +444,6 @@ func Munlock(b []byte) (err error) { func libc_munlock_trampoline() -//go:linkname libc_munlock libc_munlock //go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -485,15 +458,12 @@ func Munlockall() (err error) { func libc_munlockall_trampoline() -//go:linkname libc_munlockall libc_munlockall //go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func pipe() (r int, w int, err error) { - r0, r1, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), 0, 0, 0) - r = int(r0) - w = int(r1) +func pipe(p *[2]int32) (err error) { + _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0) if e1 != 0 { err = errnoErr(e1) } @@ -502,7 +472,6 @@ func pipe() (r int, w int, err error) { func libc_pipe_trampoline() -//go:linkname libc_pipe libc_pipe //go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -528,7 +497,6 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o func libc_getxattr_trampoline() -//go:linkname libc_getxattr libc_getxattr //go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -549,7 +517,6 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio func libc_fgetxattr_trampoline() -//go:linkname libc_fgetxattr libc_fgetxattr //go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -574,7 +541,6 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o func libc_setxattr_trampoline() -//go:linkname libc_setxattr libc_setxattr //go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -594,7 +560,6 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio func libc_fsetxattr_trampoline() -//go:linkname libc_fsetxattr libc_fsetxattr //go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -619,7 +584,6 @@ func removexattr(path string, attr string, options int) (err error) { func libc_removexattr_trampoline() -//go:linkname libc_removexattr libc_removexattr //go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -639,7 +603,6 @@ func fremovexattr(fd int, attr string, options int) (err error) { func libc_fremovexattr_trampoline() -//go:linkname libc_fremovexattr libc_fremovexattr //go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -660,7 +623,6 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro func libc_listxattr_trampoline() -//go:linkname libc_listxattr libc_listxattr //go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -676,7 +638,6 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) { func libc_flistxattr_trampoline() -//go:linkname libc_flistxattr libc_flistxattr //go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -691,7 +652,6 @@ func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintp func libc_setattrlist_trampoline() -//go:linkname libc_setattrlist libc_setattrlist //go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -707,7 +667,6 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) { func libc_fcntl_trampoline() -//go:linkname libc_fcntl libc_fcntl //go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -722,7 +681,6 @@ func kill(pid int, signum int, posix int) (err error) { func libc_kill_trampoline() -//go:linkname libc_kill libc_kill //go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -737,7 +695,6 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { func libc_ioctl_trampoline() -//go:linkname libc_ioctl libc_ioctl //go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -758,7 +715,6 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) func libc_sysctl_trampoline() -//go:linkname libc_sysctl libc_sysctl //go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -773,7 +729,6 @@ func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer func libc_sendfile_trampoline() -//go:linkname libc_sendfile libc_sendfile //go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -793,7 +748,6 @@ func Access(path string, mode uint32) (err error) { func libc_access_trampoline() -//go:linkname libc_access libc_access //go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -808,7 +762,6 @@ func Adjtime(delta *Timeval, olddelta *Timeval) (err error) { func libc_adjtime_trampoline() -//go:linkname libc_adjtime libc_adjtime //go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -828,7 +781,6 @@ func Chdir(path string) (err error) { func libc_chdir_trampoline() -//go:linkname libc_chdir libc_chdir //go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -848,7 +800,6 @@ func Chflags(path string, flags int) (err error) { func libc_chflags_trampoline() -//go:linkname libc_chflags libc_chflags //go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -868,7 +819,6 @@ func Chmod(path string, mode uint32) (err error) { func libc_chmod_trampoline() -//go:linkname libc_chmod libc_chmod //go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -888,7 +838,6 @@ func Chown(path string, uid int, gid int) (err error) { func libc_chown_trampoline() -//go:linkname libc_chown libc_chown //go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -908,7 +857,6 @@ func Chroot(path string) (err error) { func libc_chroot_trampoline() -//go:linkname libc_chroot libc_chroot //go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -923,7 +871,6 @@ func ClockGettime(clockid int32, time *Timespec) (err error) { func libc_clock_gettime_trampoline() -//go:linkname libc_clock_gettime libc_clock_gettime //go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -938,7 +885,6 @@ func Close(fd int) (err error) { func libc_close_trampoline() -//go:linkname libc_close libc_close //go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -963,7 +909,6 @@ func Clonefile(src string, dst string, flags int) (err error) { func libc_clonefile_trampoline() -//go:linkname libc_clonefile libc_clonefile //go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -988,7 +933,6 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) func libc_clonefileat_trampoline() -//go:linkname libc_clonefileat libc_clonefileat //go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1004,7 +948,6 @@ func Dup(fd int) (nfd int, err error) { func libc_dup_trampoline() -//go:linkname libc_dup libc_dup //go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1019,7 +962,6 @@ func Dup2(from int, to int) (err error) { func libc_dup2_trampoline() -//go:linkname libc_dup2 libc_dup2 //go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1044,7 +986,6 @@ func Exchangedata(path1 string, path2 string, options int) (err error) { func libc_exchangedata_trampoline() -//go:linkname libc_exchangedata libc_exchangedata //go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1056,7 +997,6 @@ func Exit(code int) { func libc_exit_trampoline() -//go:linkname libc_exit libc_exit //go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1076,7 +1016,6 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_faccessat_trampoline() -//go:linkname libc_faccessat libc_faccessat //go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1091,7 +1030,6 @@ func Fchdir(fd int) (err error) { func libc_fchdir_trampoline() -//go:linkname libc_fchdir libc_fchdir //go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1106,7 +1044,6 @@ func Fchflags(fd int, flags int) (err error) { func libc_fchflags_trampoline() -//go:linkname libc_fchflags libc_fchflags //go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1121,7 +1058,6 @@ func Fchmod(fd int, mode uint32) (err error) { func libc_fchmod_trampoline() -//go:linkname libc_fchmod libc_fchmod //go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1141,7 +1077,6 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_fchmodat_trampoline() -//go:linkname libc_fchmodat libc_fchmodat //go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1156,7 +1091,6 @@ func Fchown(fd int, uid int, gid int) (err error) { func libc_fchown_trampoline() -//go:linkname libc_fchown libc_fchown //go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1176,7 +1110,6 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) { func libc_fchownat_trampoline() -//go:linkname libc_fchownat libc_fchownat //go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1196,7 +1129,6 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) func libc_fclonefileat_trampoline() -//go:linkname libc_fclonefileat libc_fclonefileat //go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1211,7 +1143,6 @@ func Flock(fd int, how int) (err error) { func libc_flock_trampoline() -//go:linkname libc_flock libc_flock //go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1227,7 +1158,6 @@ func Fpathconf(fd int, name int) (val int, err error) { func libc_fpathconf_trampoline() -//go:linkname libc_fpathconf libc_fpathconf //go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1242,7 +1172,6 @@ func Fsync(fd int) (err error) { func libc_fsync_trampoline() -//go:linkname libc_fsync libc_fsync //go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1257,7 +1186,6 @@ func Ftruncate(fd int, length int64) (err error) { func libc_ftruncate_trampoline() -//go:linkname libc_ftruncate libc_ftruncate //go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1279,7 +1207,6 @@ func Getcwd(buf []byte) (n int, err error) { func libc_getcwd_trampoline() -//go:linkname libc_getcwd libc_getcwd //go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1292,7 +1219,6 @@ func Getdtablesize() (size int) { func libc_getdtablesize_trampoline() -//go:linkname libc_getdtablesize libc_getdtablesize //go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1305,7 +1231,6 @@ func Getegid() (egid int) { func libc_getegid_trampoline() -//go:linkname libc_getegid libc_getegid //go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1318,7 +1243,6 @@ func Geteuid() (uid int) { func libc_geteuid_trampoline() -//go:linkname libc_geteuid libc_geteuid //go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1331,7 +1255,6 @@ func Getgid() (gid int) { func libc_getgid_trampoline() -//go:linkname libc_getgid libc_getgid //go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1347,7 +1270,6 @@ func Getpgid(pid int) (pgid int, err error) { func libc_getpgid_trampoline() -//go:linkname libc_getpgid libc_getpgid //go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1360,7 +1282,6 @@ func Getpgrp() (pgrp int) { func libc_getpgrp_trampoline() -//go:linkname libc_getpgrp libc_getpgrp //go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1373,7 +1294,6 @@ func Getpid() (pid int) { func libc_getpid_trampoline() -//go:linkname libc_getpid libc_getpid //go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1386,7 +1306,6 @@ func Getppid() (ppid int) { func libc_getppid_trampoline() -//go:linkname libc_getppid libc_getppid //go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1402,7 +1321,6 @@ func Getpriority(which int, who int) (prio int, err error) { func libc_getpriority_trampoline() -//go:linkname libc_getpriority libc_getpriority //go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1417,7 +1335,6 @@ func Getrlimit(which int, lim *Rlimit) (err error) { func libc_getrlimit_trampoline() -//go:linkname libc_getrlimit libc_getrlimit //go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1432,7 +1349,6 @@ func Getrusage(who int, rusage *Rusage) (err error) { func libc_getrusage_trampoline() -//go:linkname libc_getrusage libc_getrusage //go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1448,7 +1364,6 @@ func Getsid(pid int) (sid int, err error) { func libc_getsid_trampoline() -//go:linkname libc_getsid libc_getsid //go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1463,7 +1378,6 @@ func Gettimeofday(tp *Timeval) (err error) { func libc_gettimeofday_trampoline() -//go:linkname libc_gettimeofday libc_gettimeofday //go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1476,7 +1390,6 @@ func Getuid() (uid int) { func libc_getuid_trampoline() -//go:linkname libc_getuid libc_getuid //go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1489,7 +1402,6 @@ func Issetugid() (tainted bool) { func libc_issetugid_trampoline() -//go:linkname libc_issetugid libc_issetugid //go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1505,7 +1417,6 @@ func Kqueue() (fd int, err error) { func libc_kqueue_trampoline() -//go:linkname libc_kqueue libc_kqueue //go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1525,7 +1436,6 @@ func Lchown(path string, uid int, gid int) (err error) { func libc_lchown_trampoline() -//go:linkname libc_lchown libc_lchown //go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1550,7 +1460,6 @@ func Link(path string, link string) (err error) { func libc_link_trampoline() -//go:linkname libc_link libc_link //go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1575,7 +1484,6 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er func libc_linkat_trampoline() -//go:linkname libc_linkat libc_linkat //go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1590,7 +1498,6 @@ func Listen(s int, backlog int) (err error) { func libc_listen_trampoline() -//go:linkname libc_listen libc_listen //go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1610,7 +1517,6 @@ func Mkdir(path string, mode uint32) (err error) { func libc_mkdir_trampoline() -//go:linkname libc_mkdir libc_mkdir //go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1630,7 +1536,6 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) { func libc_mkdirat_trampoline() -//go:linkname libc_mkdirat libc_mkdirat //go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1650,7 +1555,6 @@ func Mkfifo(path string, mode uint32) (err error) { func libc_mkfifo_trampoline() -//go:linkname libc_mkfifo libc_mkfifo //go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1670,7 +1574,6 @@ func Mknod(path string, mode uint32, dev int) (err error) { func libc_mknod_trampoline() -//go:linkname libc_mknod libc_mknod //go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1691,7 +1594,6 @@ func Open(path string, mode int, perm uint32) (fd int, err error) { func libc_open_trampoline() -//go:linkname libc_open libc_open //go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1712,7 +1614,6 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) { func libc_openat_trampoline() -//go:linkname libc_openat libc_openat //go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1733,7 +1634,6 @@ func Pathconf(path string, name int) (val int, err error) { func libc_pathconf_trampoline() -//go:linkname libc_pathconf libc_pathconf //go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1755,7 +1655,6 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) { func libc_pread_trampoline() -//go:linkname libc_pread libc_pread //go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1777,7 +1676,6 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) { func libc_pwrite_trampoline() -//go:linkname libc_pwrite libc_pwrite //go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1799,7 +1697,6 @@ func read(fd int, p []byte) (n int, err error) { func libc_read_trampoline() -//go:linkname libc_read libc_read //go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1826,7 +1723,6 @@ func Readlink(path string, buf []byte) (n int, err error) { func libc_readlink_trampoline() -//go:linkname libc_readlink libc_readlink //go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1853,7 +1749,6 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) { func libc_readlinkat_trampoline() -//go:linkname libc_readlinkat libc_readlinkat //go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1878,7 +1773,6 @@ func Rename(from string, to string) (err error) { func libc_rename_trampoline() -//go:linkname libc_rename libc_rename //go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1903,7 +1797,6 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) { func libc_renameat_trampoline() -//go:linkname libc_renameat libc_renameat //go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1923,7 +1816,6 @@ func Revoke(path string) (err error) { func libc_revoke_trampoline() -//go:linkname libc_revoke libc_revoke //go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1943,7 +1835,6 @@ func Rmdir(path string) (err error) { func libc_rmdir_trampoline() -//go:linkname libc_rmdir libc_rmdir //go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1959,7 +1850,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { func libc_lseek_trampoline() -//go:linkname libc_lseek libc_lseek //go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1975,7 +1865,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err func libc_select_trampoline() -//go:linkname libc_select libc_select //go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1990,7 +1879,6 @@ func Setegid(egid int) (err error) { func libc_setegid_trampoline() -//go:linkname libc_setegid libc_setegid //go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2005,7 +1893,6 @@ func Seteuid(euid int) (err error) { func libc_seteuid_trampoline() -//go:linkname libc_seteuid libc_seteuid //go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2020,7 +1907,6 @@ func Setgid(gid int) (err error) { func libc_setgid_trampoline() -//go:linkname libc_setgid libc_setgid //go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2040,7 +1926,6 @@ func Setlogin(name string) (err error) { func libc_setlogin_trampoline() -//go:linkname libc_setlogin libc_setlogin //go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2055,7 +1940,6 @@ func Setpgid(pid int, pgid int) (err error) { func libc_setpgid_trampoline() -//go:linkname libc_setpgid libc_setpgid //go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2070,7 +1954,6 @@ func Setpriority(which int, who int, prio int) (err error) { func libc_setpriority_trampoline() -//go:linkname libc_setpriority libc_setpriority //go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2085,7 +1968,6 @@ func Setprivexec(flag int) (err error) { func libc_setprivexec_trampoline() -//go:linkname libc_setprivexec libc_setprivexec //go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2100,7 +1982,6 @@ func Setregid(rgid int, egid int) (err error) { func libc_setregid_trampoline() -//go:linkname libc_setregid libc_setregid //go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2115,7 +1996,6 @@ func Setreuid(ruid int, euid int) (err error) { func libc_setreuid_trampoline() -//go:linkname libc_setreuid libc_setreuid //go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2130,7 +2010,6 @@ func Setrlimit(which int, lim *Rlimit) (err error) { func libc_setrlimit_trampoline() -//go:linkname libc_setrlimit libc_setrlimit //go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2146,7 +2025,6 @@ func Setsid() (pid int, err error) { func libc_setsid_trampoline() -//go:linkname libc_setsid libc_setsid //go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2161,7 +2039,6 @@ func Settimeofday(tp *Timeval) (err error) { func libc_settimeofday_trampoline() -//go:linkname libc_settimeofday libc_settimeofday //go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2176,7 +2053,6 @@ func Setuid(uid int) (err error) { func libc_setuid_trampoline() -//go:linkname libc_setuid libc_setuid //go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2201,7 +2077,6 @@ func Symlink(path string, link string) (err error) { func libc_symlink_trampoline() -//go:linkname libc_symlink libc_symlink //go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2226,7 +2101,6 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) { func libc_symlinkat_trampoline() -//go:linkname libc_symlinkat libc_symlinkat //go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2241,7 +2115,6 @@ func Sync() (err error) { func libc_sync_trampoline() -//go:linkname libc_sync libc_sync //go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2261,7 +2134,6 @@ func Truncate(path string, length int64) (err error) { func libc_truncate_trampoline() -//go:linkname libc_truncate libc_truncate //go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2274,7 +2146,6 @@ func Umask(newmask int) (oldmask int) { func libc_umask_trampoline() -//go:linkname libc_umask libc_umask //go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2294,7 +2165,6 @@ func Undelete(path string) (err error) { func libc_undelete_trampoline() -//go:linkname libc_undelete libc_undelete //go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2314,7 +2184,6 @@ func Unlink(path string) (err error) { func libc_unlink_trampoline() -//go:linkname libc_unlink libc_unlink //go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2334,7 +2203,6 @@ func Unlinkat(dirfd int, path string, flags int) (err error) { func libc_unlinkat_trampoline() -//go:linkname libc_unlinkat libc_unlinkat //go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2354,7 +2222,6 @@ func Unmount(path string, flags int) (err error) { func libc_unmount_trampoline() -//go:linkname libc_unmount libc_unmount //go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2376,7 +2243,6 @@ func write(fd int, p []byte) (n int, err error) { func libc_write_trampoline() -//go:linkname libc_write libc_write //go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2392,7 +2258,6 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) ( func libc_mmap_trampoline() -//go:linkname libc_mmap libc_mmap //go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2407,7 +2272,6 @@ func munmap(addr uintptr, length uintptr) (err error) { func libc_munmap_trampoline() -//go:linkname libc_munmap libc_munmap //go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2444,7 +2308,6 @@ func Fstat(fd int, stat *Stat_t) (err error) { func libc_fstat64_trampoline() -//go:linkname libc_fstat64 libc_fstat64 //go:cgo_import_dynamic libc_fstat64 fstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2464,7 +2327,6 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) { func libc_fstatat64_trampoline() -//go:linkname libc_fstatat64 libc_fstatat64 //go:cgo_import_dynamic libc_fstatat64 fstatat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2479,7 +2341,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) { func libc_fstatfs64_trampoline() -//go:linkname libc_fstatfs64 libc_fstatfs64 //go:cgo_import_dynamic libc_fstatfs64 fstatfs64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2495,7 +2356,6 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) { func libc_getfsstat64_trampoline() -//go:linkname libc_getfsstat64 libc_getfsstat64 //go:cgo_import_dynamic libc_getfsstat64 getfsstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2515,12 +2375,11 @@ func Lstat(path string, stat *Stat_t) (err error) { func libc_lstat64_trampoline() -//go:linkname libc_lstat64 libc_lstat64 //go:cgo_import_dynamic libc_lstat64 lstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { +func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) { _, _, e1 := syscall_syscall6(funcPC(libc_ptrace_trampoline), uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) if e1 != 0 { err = errnoErr(e1) @@ -2530,7 +2389,6 @@ func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { func libc_ptrace_trampoline() -//go:linkname libc_ptrace libc_ptrace //go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2550,7 +2408,6 @@ func Stat(path string, stat *Stat_t) (err error) { func libc_stat64_trampoline() -//go:linkname libc_stat64 libc_stat64 //go:cgo_import_dynamic libc_stat64 stat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2570,5 +2427,4 @@ func Statfs(path string, stat *Statfs_t) (err error) { func libc_statfs64_trampoline() -//go:linkname libc_statfs64 libc_statfs64 //go:cgo_import_dynamic libc_statfs64 statfs64 "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go index 314042a9d42b..88826236136b 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go @@ -24,7 +24,6 @@ func closedir(dir uintptr) (err error) { func libc_closedir_trampoline() -//go:linkname libc_closedir libc_closedir //go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -37,5 +36,4 @@ func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) { func libc_readdir_r_trampoline() -//go:linkname libc_readdir_r libc_readdir_r //go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go index 889c14059e9a..508e5639bf4a 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go @@ -25,7 +25,6 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) { func libc_getgroups_trampoline() -//go:linkname libc_getgroups libc_getgroups //go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -40,7 +39,6 @@ func setgroups(ngid int, gid *_Gid_t) (err error) { func libc_setgroups_trampoline() -//go:linkname libc_setgroups libc_setgroups //go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -56,7 +54,6 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err func libc_wait4_trampoline() -//go:linkname libc_wait4 libc_wait4 //go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -72,7 +69,6 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) { func libc_accept_trampoline() -//go:linkname libc_accept libc_accept //go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -87,7 +83,6 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_bind_trampoline() -//go:linkname libc_bind libc_bind //go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,7 +97,6 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_connect_trampoline() -//go:linkname libc_connect libc_connect //go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -118,7 +112,6 @@ func socket(domain int, typ int, proto int) (fd int, err error) { func libc_socket_trampoline() -//go:linkname libc_socket libc_socket //go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -133,7 +126,6 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen func libc_getsockopt_trampoline() -//go:linkname libc_getsockopt libc_getsockopt //go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -148,7 +140,6 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) func libc_setsockopt_trampoline() -//go:linkname libc_setsockopt libc_setsockopt //go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -163,7 +154,6 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getpeername_trampoline() -//go:linkname libc_getpeername libc_getpeername //go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -178,7 +168,6 @@ func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getsockname_trampoline() -//go:linkname libc_getsockname libc_getsockname //go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -193,7 +182,6 @@ func Shutdown(s int, how int) (err error) { func libc_shutdown_trampoline() -//go:linkname libc_shutdown libc_shutdown //go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -208,7 +196,6 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) { func libc_socketpair_trampoline() -//go:linkname libc_socketpair libc_socketpair //go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -230,7 +217,6 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl func libc_recvfrom_trampoline() -//go:linkname libc_recvfrom libc_recvfrom //go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -251,7 +237,6 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) ( func libc_sendto_trampoline() -//go:linkname libc_sendto libc_sendto //go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -267,7 +252,6 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_recvmsg_trampoline() -//go:linkname libc_recvmsg libc_recvmsg //go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -283,7 +267,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_sendmsg_trampoline() -//go:linkname libc_sendmsg libc_sendmsg //go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -299,7 +282,6 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne func libc_kevent_trampoline() -//go:linkname libc_kevent libc_kevent //go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -319,7 +301,6 @@ func utimes(path string, timeval *[2]Timeval) (err error) { func libc_utimes_trampoline() -//go:linkname libc_utimes libc_utimes //go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -334,7 +315,6 @@ func futimes(fd int, timeval *[2]Timeval) (err error) { func libc_futimes_trampoline() -//go:linkname libc_futimes libc_futimes //go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -350,7 +330,6 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { func libc_poll_trampoline() -//go:linkname libc_poll libc_poll //go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -371,7 +350,6 @@ func Madvise(b []byte, behav int) (err error) { func libc_madvise_trampoline() -//go:linkname libc_madvise libc_madvise //go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -392,7 +370,6 @@ func Mlock(b []byte) (err error) { func libc_mlock_trampoline() -//go:linkname libc_mlock libc_mlock //go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -407,7 +384,6 @@ func Mlockall(flags int) (err error) { func libc_mlockall_trampoline() -//go:linkname libc_mlockall libc_mlockall //go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -428,7 +404,6 @@ func Mprotect(b []byte, prot int) (err error) { func libc_mprotect_trampoline() -//go:linkname libc_mprotect libc_mprotect //go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -449,7 +424,6 @@ func Msync(b []byte, flags int) (err error) { func libc_msync_trampoline() -//go:linkname libc_msync libc_msync //go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -470,7 +444,6 @@ func Munlock(b []byte) (err error) { func libc_munlock_trampoline() -//go:linkname libc_munlock libc_munlock //go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -485,15 +458,12 @@ func Munlockall() (err error) { func libc_munlockall_trampoline() -//go:linkname libc_munlockall libc_munlockall //go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func pipe() (r int, w int, err error) { - r0, r1, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), 0, 0, 0) - r = int(r0) - w = int(r1) +func pipe(p *[2]int32) (err error) { + _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0) if e1 != 0 { err = errnoErr(e1) } @@ -502,7 +472,6 @@ func pipe() (r int, w int, err error) { func libc_pipe_trampoline() -//go:linkname libc_pipe libc_pipe //go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -528,7 +497,6 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o func libc_getxattr_trampoline() -//go:linkname libc_getxattr libc_getxattr //go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -549,7 +517,6 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio func libc_fgetxattr_trampoline() -//go:linkname libc_fgetxattr libc_fgetxattr //go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -574,7 +541,6 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o func libc_setxattr_trampoline() -//go:linkname libc_setxattr libc_setxattr //go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -594,7 +560,6 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio func libc_fsetxattr_trampoline() -//go:linkname libc_fsetxattr libc_fsetxattr //go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -619,7 +584,6 @@ func removexattr(path string, attr string, options int) (err error) { func libc_removexattr_trampoline() -//go:linkname libc_removexattr libc_removexattr //go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -639,7 +603,6 @@ func fremovexattr(fd int, attr string, options int) (err error) { func libc_fremovexattr_trampoline() -//go:linkname libc_fremovexattr libc_fremovexattr //go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -660,7 +623,6 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro func libc_listxattr_trampoline() -//go:linkname libc_listxattr libc_listxattr //go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -676,7 +638,6 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) { func libc_flistxattr_trampoline() -//go:linkname libc_flistxattr libc_flistxattr //go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -691,7 +652,6 @@ func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintp func libc_setattrlist_trampoline() -//go:linkname libc_setattrlist libc_setattrlist //go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -707,7 +667,6 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) { func libc_fcntl_trampoline() -//go:linkname libc_fcntl libc_fcntl //go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -722,7 +681,6 @@ func kill(pid int, signum int, posix int) (err error) { func libc_kill_trampoline() -//go:linkname libc_kill libc_kill //go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -737,7 +695,6 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { func libc_ioctl_trampoline() -//go:linkname libc_ioctl libc_ioctl //go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -758,7 +715,6 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) func libc_sysctl_trampoline() -//go:linkname libc_sysctl libc_sysctl //go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -773,7 +729,6 @@ func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer func libc_sendfile_trampoline() -//go:linkname libc_sendfile libc_sendfile //go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -793,7 +748,6 @@ func Access(path string, mode uint32) (err error) { func libc_access_trampoline() -//go:linkname libc_access libc_access //go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -808,7 +762,6 @@ func Adjtime(delta *Timeval, olddelta *Timeval) (err error) { func libc_adjtime_trampoline() -//go:linkname libc_adjtime libc_adjtime //go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -828,7 +781,6 @@ func Chdir(path string) (err error) { func libc_chdir_trampoline() -//go:linkname libc_chdir libc_chdir //go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -848,7 +800,6 @@ func Chflags(path string, flags int) (err error) { func libc_chflags_trampoline() -//go:linkname libc_chflags libc_chflags //go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -868,7 +819,6 @@ func Chmod(path string, mode uint32) (err error) { func libc_chmod_trampoline() -//go:linkname libc_chmod libc_chmod //go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -888,7 +838,6 @@ func Chown(path string, uid int, gid int) (err error) { func libc_chown_trampoline() -//go:linkname libc_chown libc_chown //go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -908,7 +857,6 @@ func Chroot(path string) (err error) { func libc_chroot_trampoline() -//go:linkname libc_chroot libc_chroot //go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -923,7 +871,6 @@ func ClockGettime(clockid int32, time *Timespec) (err error) { func libc_clock_gettime_trampoline() -//go:linkname libc_clock_gettime libc_clock_gettime //go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -938,7 +885,6 @@ func Close(fd int) (err error) { func libc_close_trampoline() -//go:linkname libc_close libc_close //go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -963,7 +909,6 @@ func Clonefile(src string, dst string, flags int) (err error) { func libc_clonefile_trampoline() -//go:linkname libc_clonefile libc_clonefile //go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -988,7 +933,6 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) func libc_clonefileat_trampoline() -//go:linkname libc_clonefileat libc_clonefileat //go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1004,7 +948,6 @@ func Dup(fd int) (nfd int, err error) { func libc_dup_trampoline() -//go:linkname libc_dup libc_dup //go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1019,7 +962,6 @@ func Dup2(from int, to int) (err error) { func libc_dup2_trampoline() -//go:linkname libc_dup2 libc_dup2 //go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1044,7 +986,6 @@ func Exchangedata(path1 string, path2 string, options int) (err error) { func libc_exchangedata_trampoline() -//go:linkname libc_exchangedata libc_exchangedata //go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1056,7 +997,6 @@ func Exit(code int) { func libc_exit_trampoline() -//go:linkname libc_exit libc_exit //go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1076,7 +1016,6 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_faccessat_trampoline() -//go:linkname libc_faccessat libc_faccessat //go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1091,7 +1030,6 @@ func Fchdir(fd int) (err error) { func libc_fchdir_trampoline() -//go:linkname libc_fchdir libc_fchdir //go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1106,7 +1044,6 @@ func Fchflags(fd int, flags int) (err error) { func libc_fchflags_trampoline() -//go:linkname libc_fchflags libc_fchflags //go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1121,7 +1058,6 @@ func Fchmod(fd int, mode uint32) (err error) { func libc_fchmod_trampoline() -//go:linkname libc_fchmod libc_fchmod //go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1141,7 +1077,6 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_fchmodat_trampoline() -//go:linkname libc_fchmodat libc_fchmodat //go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1156,7 +1091,6 @@ func Fchown(fd int, uid int, gid int) (err error) { func libc_fchown_trampoline() -//go:linkname libc_fchown libc_fchown //go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1176,7 +1110,6 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) { func libc_fchownat_trampoline() -//go:linkname libc_fchownat libc_fchownat //go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1196,7 +1129,6 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) func libc_fclonefileat_trampoline() -//go:linkname libc_fclonefileat libc_fclonefileat //go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1211,7 +1143,6 @@ func Flock(fd int, how int) (err error) { func libc_flock_trampoline() -//go:linkname libc_flock libc_flock //go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1227,7 +1158,6 @@ func Fpathconf(fd int, name int) (val int, err error) { func libc_fpathconf_trampoline() -//go:linkname libc_fpathconf libc_fpathconf //go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1242,7 +1172,6 @@ func Fsync(fd int) (err error) { func libc_fsync_trampoline() -//go:linkname libc_fsync libc_fsync //go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1257,7 +1186,6 @@ func Ftruncate(fd int, length int64) (err error) { func libc_ftruncate_trampoline() -//go:linkname libc_ftruncate libc_ftruncate //go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1279,7 +1207,6 @@ func Getcwd(buf []byte) (n int, err error) { func libc_getcwd_trampoline() -//go:linkname libc_getcwd libc_getcwd //go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1292,7 +1219,6 @@ func Getdtablesize() (size int) { func libc_getdtablesize_trampoline() -//go:linkname libc_getdtablesize libc_getdtablesize //go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1305,7 +1231,6 @@ func Getegid() (egid int) { func libc_getegid_trampoline() -//go:linkname libc_getegid libc_getegid //go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1318,7 +1243,6 @@ func Geteuid() (uid int) { func libc_geteuid_trampoline() -//go:linkname libc_geteuid libc_geteuid //go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1331,7 +1255,6 @@ func Getgid() (gid int) { func libc_getgid_trampoline() -//go:linkname libc_getgid libc_getgid //go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1347,7 +1270,6 @@ func Getpgid(pid int) (pgid int, err error) { func libc_getpgid_trampoline() -//go:linkname libc_getpgid libc_getpgid //go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1360,7 +1282,6 @@ func Getpgrp() (pgrp int) { func libc_getpgrp_trampoline() -//go:linkname libc_getpgrp libc_getpgrp //go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1373,7 +1294,6 @@ func Getpid() (pid int) { func libc_getpid_trampoline() -//go:linkname libc_getpid libc_getpid //go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1386,7 +1306,6 @@ func Getppid() (ppid int) { func libc_getppid_trampoline() -//go:linkname libc_getppid libc_getppid //go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1402,7 +1321,6 @@ func Getpriority(which int, who int) (prio int, err error) { func libc_getpriority_trampoline() -//go:linkname libc_getpriority libc_getpriority //go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1417,7 +1335,6 @@ func Getrlimit(which int, lim *Rlimit) (err error) { func libc_getrlimit_trampoline() -//go:linkname libc_getrlimit libc_getrlimit //go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1432,7 +1349,6 @@ func Getrusage(who int, rusage *Rusage) (err error) { func libc_getrusage_trampoline() -//go:linkname libc_getrusage libc_getrusage //go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1448,7 +1364,6 @@ func Getsid(pid int) (sid int, err error) { func libc_getsid_trampoline() -//go:linkname libc_getsid libc_getsid //go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1463,7 +1378,6 @@ func Gettimeofday(tp *Timeval) (err error) { func libc_gettimeofday_trampoline() -//go:linkname libc_gettimeofday libc_gettimeofday //go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1476,7 +1390,6 @@ func Getuid() (uid int) { func libc_getuid_trampoline() -//go:linkname libc_getuid libc_getuid //go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1489,7 +1402,6 @@ func Issetugid() (tainted bool) { func libc_issetugid_trampoline() -//go:linkname libc_issetugid libc_issetugid //go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1505,7 +1417,6 @@ func Kqueue() (fd int, err error) { func libc_kqueue_trampoline() -//go:linkname libc_kqueue libc_kqueue //go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1525,7 +1436,6 @@ func Lchown(path string, uid int, gid int) (err error) { func libc_lchown_trampoline() -//go:linkname libc_lchown libc_lchown //go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1550,7 +1460,6 @@ func Link(path string, link string) (err error) { func libc_link_trampoline() -//go:linkname libc_link libc_link //go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1575,7 +1484,6 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er func libc_linkat_trampoline() -//go:linkname libc_linkat libc_linkat //go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1590,7 +1498,6 @@ func Listen(s int, backlog int) (err error) { func libc_listen_trampoline() -//go:linkname libc_listen libc_listen //go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1610,7 +1517,6 @@ func Mkdir(path string, mode uint32) (err error) { func libc_mkdir_trampoline() -//go:linkname libc_mkdir libc_mkdir //go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1630,7 +1536,6 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) { func libc_mkdirat_trampoline() -//go:linkname libc_mkdirat libc_mkdirat //go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1650,7 +1555,6 @@ func Mkfifo(path string, mode uint32) (err error) { func libc_mkfifo_trampoline() -//go:linkname libc_mkfifo libc_mkfifo //go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1670,7 +1574,6 @@ func Mknod(path string, mode uint32, dev int) (err error) { func libc_mknod_trampoline() -//go:linkname libc_mknod libc_mknod //go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1691,7 +1594,6 @@ func Open(path string, mode int, perm uint32) (fd int, err error) { func libc_open_trampoline() -//go:linkname libc_open libc_open //go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1712,7 +1614,6 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) { func libc_openat_trampoline() -//go:linkname libc_openat libc_openat //go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1733,7 +1634,6 @@ func Pathconf(path string, name int) (val int, err error) { func libc_pathconf_trampoline() -//go:linkname libc_pathconf libc_pathconf //go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1755,7 +1655,6 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) { func libc_pread_trampoline() -//go:linkname libc_pread libc_pread //go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1777,7 +1676,6 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) { func libc_pwrite_trampoline() -//go:linkname libc_pwrite libc_pwrite //go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1799,7 +1697,6 @@ func read(fd int, p []byte) (n int, err error) { func libc_read_trampoline() -//go:linkname libc_read libc_read //go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1826,7 +1723,6 @@ func Readlink(path string, buf []byte) (n int, err error) { func libc_readlink_trampoline() -//go:linkname libc_readlink libc_readlink //go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1853,7 +1749,6 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) { func libc_readlinkat_trampoline() -//go:linkname libc_readlinkat libc_readlinkat //go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1878,7 +1773,6 @@ func Rename(from string, to string) (err error) { func libc_rename_trampoline() -//go:linkname libc_rename libc_rename //go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1903,7 +1797,6 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) { func libc_renameat_trampoline() -//go:linkname libc_renameat libc_renameat //go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1923,7 +1816,6 @@ func Revoke(path string) (err error) { func libc_revoke_trampoline() -//go:linkname libc_revoke libc_revoke //go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1943,7 +1835,6 @@ func Rmdir(path string) (err error) { func libc_rmdir_trampoline() -//go:linkname libc_rmdir libc_rmdir //go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1959,7 +1850,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { func libc_lseek_trampoline() -//go:linkname libc_lseek libc_lseek //go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1975,7 +1865,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err func libc_select_trampoline() -//go:linkname libc_select libc_select //go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1990,7 +1879,6 @@ func Setegid(egid int) (err error) { func libc_setegid_trampoline() -//go:linkname libc_setegid libc_setegid //go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2005,7 +1893,6 @@ func Seteuid(euid int) (err error) { func libc_seteuid_trampoline() -//go:linkname libc_seteuid libc_seteuid //go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2020,7 +1907,6 @@ func Setgid(gid int) (err error) { func libc_setgid_trampoline() -//go:linkname libc_setgid libc_setgid //go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2040,7 +1926,6 @@ func Setlogin(name string) (err error) { func libc_setlogin_trampoline() -//go:linkname libc_setlogin libc_setlogin //go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2055,7 +1940,6 @@ func Setpgid(pid int, pgid int) (err error) { func libc_setpgid_trampoline() -//go:linkname libc_setpgid libc_setpgid //go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2070,7 +1954,6 @@ func Setpriority(which int, who int, prio int) (err error) { func libc_setpriority_trampoline() -//go:linkname libc_setpriority libc_setpriority //go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2085,7 +1968,6 @@ func Setprivexec(flag int) (err error) { func libc_setprivexec_trampoline() -//go:linkname libc_setprivexec libc_setprivexec //go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2100,7 +1982,6 @@ func Setregid(rgid int, egid int) (err error) { func libc_setregid_trampoline() -//go:linkname libc_setregid libc_setregid //go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2115,7 +1996,6 @@ func Setreuid(ruid int, euid int) (err error) { func libc_setreuid_trampoline() -//go:linkname libc_setreuid libc_setreuid //go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2130,7 +2010,6 @@ func Setrlimit(which int, lim *Rlimit) (err error) { func libc_setrlimit_trampoline() -//go:linkname libc_setrlimit libc_setrlimit //go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2146,7 +2025,6 @@ func Setsid() (pid int, err error) { func libc_setsid_trampoline() -//go:linkname libc_setsid libc_setsid //go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2161,7 +2039,6 @@ func Settimeofday(tp *Timeval) (err error) { func libc_settimeofday_trampoline() -//go:linkname libc_settimeofday libc_settimeofday //go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2176,7 +2053,6 @@ func Setuid(uid int) (err error) { func libc_setuid_trampoline() -//go:linkname libc_setuid libc_setuid //go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2201,7 +2077,6 @@ func Symlink(path string, link string) (err error) { func libc_symlink_trampoline() -//go:linkname libc_symlink libc_symlink //go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2226,7 +2101,6 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) { func libc_symlinkat_trampoline() -//go:linkname libc_symlinkat libc_symlinkat //go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2241,7 +2115,6 @@ func Sync() (err error) { func libc_sync_trampoline() -//go:linkname libc_sync libc_sync //go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2261,7 +2134,6 @@ func Truncate(path string, length int64) (err error) { func libc_truncate_trampoline() -//go:linkname libc_truncate libc_truncate //go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2274,7 +2146,6 @@ func Umask(newmask int) (oldmask int) { func libc_umask_trampoline() -//go:linkname libc_umask libc_umask //go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2294,7 +2165,6 @@ func Undelete(path string) (err error) { func libc_undelete_trampoline() -//go:linkname libc_undelete libc_undelete //go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2314,7 +2184,6 @@ func Unlink(path string) (err error) { func libc_unlink_trampoline() -//go:linkname libc_unlink libc_unlink //go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2334,7 +2203,6 @@ func Unlinkat(dirfd int, path string, flags int) (err error) { func libc_unlinkat_trampoline() -//go:linkname libc_unlinkat libc_unlinkat //go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2354,7 +2222,6 @@ func Unmount(path string, flags int) (err error) { func libc_unmount_trampoline() -//go:linkname libc_unmount libc_unmount //go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2376,7 +2243,6 @@ func write(fd int, p []byte) (n int, err error) { func libc_write_trampoline() -//go:linkname libc_write libc_write //go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2392,7 +2258,6 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) ( func libc_mmap_trampoline() -//go:linkname libc_mmap libc_mmap //go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2407,7 +2272,6 @@ func munmap(addr uintptr, length uintptr) (err error) { func libc_munmap_trampoline() -//go:linkname libc_munmap libc_munmap //go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2444,7 +2308,6 @@ func Fstat(fd int, stat *Stat_t) (err error) { func libc_fstat64_trampoline() -//go:linkname libc_fstat64 libc_fstat64 //go:cgo_import_dynamic libc_fstat64 fstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2464,7 +2327,6 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) { func libc_fstatat64_trampoline() -//go:linkname libc_fstatat64 libc_fstatat64 //go:cgo_import_dynamic libc_fstatat64 fstatat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2479,7 +2341,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) { func libc_fstatfs64_trampoline() -//go:linkname libc_fstatfs64 libc_fstatfs64 //go:cgo_import_dynamic libc_fstatfs64 fstatfs64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2495,7 +2356,6 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) { func libc_getfsstat64_trampoline() -//go:linkname libc_getfsstat64 libc_getfsstat64 //go:cgo_import_dynamic libc_getfsstat64 getfsstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2515,12 +2375,11 @@ func Lstat(path string, stat *Stat_t) (err error) { func libc_lstat64_trampoline() -//go:linkname libc_lstat64 libc_lstat64 //go:cgo_import_dynamic libc_lstat64 lstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { +func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) { _, _, e1 := syscall_syscall6(funcPC(libc_ptrace_trampoline), uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) if e1 != 0 { err = errnoErr(e1) @@ -2530,7 +2389,6 @@ func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { func libc_ptrace_trampoline() -//go:linkname libc_ptrace libc_ptrace //go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2550,7 +2408,6 @@ func Stat(path string, stat *Stat_t) (err error) { func libc_stat64_trampoline() -//go:linkname libc_stat64 libc_stat64 //go:cgo_import_dynamic libc_stat64 stat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2570,5 +2427,4 @@ func Statfs(path string, stat *Statfs_t) (err error) { func libc_statfs64_trampoline() -//go:linkname libc_statfs64 libc_statfs64 //go:cgo_import_dynamic libc_statfs64 statfs64 "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go index f519ce9afb3b..de4738fff800 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go @@ -24,7 +24,6 @@ func closedir(dir uintptr) (err error) { func libc_closedir_trampoline() -//go:linkname libc_closedir libc_closedir //go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -37,5 +36,4 @@ func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) { func libc_readdir_r_trampoline() -//go:linkname libc_readdir_r libc_readdir_r //go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go index d6b5249c2f20..c0c771f4025d 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go @@ -25,7 +25,6 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) { func libc_getgroups_trampoline() -//go:linkname libc_getgroups libc_getgroups //go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -40,7 +39,6 @@ func setgroups(ngid int, gid *_Gid_t) (err error) { func libc_setgroups_trampoline() -//go:linkname libc_setgroups libc_setgroups //go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -56,7 +54,6 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err func libc_wait4_trampoline() -//go:linkname libc_wait4 libc_wait4 //go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -72,7 +69,6 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) { func libc_accept_trampoline() -//go:linkname libc_accept libc_accept //go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -87,7 +83,6 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_bind_trampoline() -//go:linkname libc_bind libc_bind //go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,7 +97,6 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_connect_trampoline() -//go:linkname libc_connect libc_connect //go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -118,7 +112,6 @@ func socket(domain int, typ int, proto int) (fd int, err error) { func libc_socket_trampoline() -//go:linkname libc_socket libc_socket //go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -133,7 +126,6 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen func libc_getsockopt_trampoline() -//go:linkname libc_getsockopt libc_getsockopt //go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -148,7 +140,6 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) func libc_setsockopt_trampoline() -//go:linkname libc_setsockopt libc_setsockopt //go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -163,7 +154,6 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getpeername_trampoline() -//go:linkname libc_getpeername libc_getpeername //go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -178,7 +168,6 @@ func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getsockname_trampoline() -//go:linkname libc_getsockname libc_getsockname //go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -193,7 +182,6 @@ func Shutdown(s int, how int) (err error) { func libc_shutdown_trampoline() -//go:linkname libc_shutdown libc_shutdown //go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -208,7 +196,6 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) { func libc_socketpair_trampoline() -//go:linkname libc_socketpair libc_socketpair //go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -230,7 +217,6 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl func libc_recvfrom_trampoline() -//go:linkname libc_recvfrom libc_recvfrom //go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -251,7 +237,6 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) ( func libc_sendto_trampoline() -//go:linkname libc_sendto libc_sendto //go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -267,7 +252,6 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_recvmsg_trampoline() -//go:linkname libc_recvmsg libc_recvmsg //go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -283,7 +267,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_sendmsg_trampoline() -//go:linkname libc_sendmsg libc_sendmsg //go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -299,7 +282,6 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne func libc_kevent_trampoline() -//go:linkname libc_kevent libc_kevent //go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -319,7 +301,6 @@ func utimes(path string, timeval *[2]Timeval) (err error) { func libc_utimes_trampoline() -//go:linkname libc_utimes libc_utimes //go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -334,7 +315,6 @@ func futimes(fd int, timeval *[2]Timeval) (err error) { func libc_futimes_trampoline() -//go:linkname libc_futimes libc_futimes //go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -350,7 +330,6 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { func libc_poll_trampoline() -//go:linkname libc_poll libc_poll //go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -371,7 +350,6 @@ func Madvise(b []byte, behav int) (err error) { func libc_madvise_trampoline() -//go:linkname libc_madvise libc_madvise //go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -392,7 +370,6 @@ func Mlock(b []byte) (err error) { func libc_mlock_trampoline() -//go:linkname libc_mlock libc_mlock //go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -407,7 +384,6 @@ func Mlockall(flags int) (err error) { func libc_mlockall_trampoline() -//go:linkname libc_mlockall libc_mlockall //go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -428,7 +404,6 @@ func Mprotect(b []byte, prot int) (err error) { func libc_mprotect_trampoline() -//go:linkname libc_mprotect libc_mprotect //go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -449,7 +424,6 @@ func Msync(b []byte, flags int) (err error) { func libc_msync_trampoline() -//go:linkname libc_msync libc_msync //go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -470,7 +444,6 @@ func Munlock(b []byte) (err error) { func libc_munlock_trampoline() -//go:linkname libc_munlock libc_munlock //go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -485,15 +458,12 @@ func Munlockall() (err error) { func libc_munlockall_trampoline() -//go:linkname libc_munlockall libc_munlockall //go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func pipe() (r int, w int, err error) { - r0, r1, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), 0, 0, 0) - r = int(r0) - w = int(r1) +func pipe(p *[2]int32) (err error) { + _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0) if e1 != 0 { err = errnoErr(e1) } @@ -502,7 +472,6 @@ func pipe() (r int, w int, err error) { func libc_pipe_trampoline() -//go:linkname libc_pipe libc_pipe //go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -528,7 +497,6 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o func libc_getxattr_trampoline() -//go:linkname libc_getxattr libc_getxattr //go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -549,7 +517,6 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio func libc_fgetxattr_trampoline() -//go:linkname libc_fgetxattr libc_fgetxattr //go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -574,7 +541,6 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o func libc_setxattr_trampoline() -//go:linkname libc_setxattr libc_setxattr //go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -594,7 +560,6 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio func libc_fsetxattr_trampoline() -//go:linkname libc_fsetxattr libc_fsetxattr //go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -619,7 +584,6 @@ func removexattr(path string, attr string, options int) (err error) { func libc_removexattr_trampoline() -//go:linkname libc_removexattr libc_removexattr //go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -639,7 +603,6 @@ func fremovexattr(fd int, attr string, options int) (err error) { func libc_fremovexattr_trampoline() -//go:linkname libc_fremovexattr libc_fremovexattr //go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -660,7 +623,6 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro func libc_listxattr_trampoline() -//go:linkname libc_listxattr libc_listxattr //go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -676,7 +638,6 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) { func libc_flistxattr_trampoline() -//go:linkname libc_flistxattr libc_flistxattr //go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -691,7 +652,6 @@ func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintp func libc_setattrlist_trampoline() -//go:linkname libc_setattrlist libc_setattrlist //go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -707,7 +667,6 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) { func libc_fcntl_trampoline() -//go:linkname libc_fcntl libc_fcntl //go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -722,7 +681,6 @@ func kill(pid int, signum int, posix int) (err error) { func libc_kill_trampoline() -//go:linkname libc_kill libc_kill //go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -737,7 +695,6 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { func libc_ioctl_trampoline() -//go:linkname libc_ioctl libc_ioctl //go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -758,7 +715,6 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) func libc_sysctl_trampoline() -//go:linkname libc_sysctl libc_sysctl //go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -773,7 +729,6 @@ func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer func libc_sendfile_trampoline() -//go:linkname libc_sendfile libc_sendfile //go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -793,7 +748,6 @@ func Access(path string, mode uint32) (err error) { func libc_access_trampoline() -//go:linkname libc_access libc_access //go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -808,7 +762,6 @@ func Adjtime(delta *Timeval, olddelta *Timeval) (err error) { func libc_adjtime_trampoline() -//go:linkname libc_adjtime libc_adjtime //go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -828,7 +781,6 @@ func Chdir(path string) (err error) { func libc_chdir_trampoline() -//go:linkname libc_chdir libc_chdir //go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -848,7 +800,6 @@ func Chflags(path string, flags int) (err error) { func libc_chflags_trampoline() -//go:linkname libc_chflags libc_chflags //go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -868,7 +819,6 @@ func Chmod(path string, mode uint32) (err error) { func libc_chmod_trampoline() -//go:linkname libc_chmod libc_chmod //go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -888,7 +838,6 @@ func Chown(path string, uid int, gid int) (err error) { func libc_chown_trampoline() -//go:linkname libc_chown libc_chown //go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -908,7 +857,6 @@ func Chroot(path string) (err error) { func libc_chroot_trampoline() -//go:linkname libc_chroot libc_chroot //go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -923,7 +871,6 @@ func ClockGettime(clockid int32, time *Timespec) (err error) { func libc_clock_gettime_trampoline() -//go:linkname libc_clock_gettime libc_clock_gettime //go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -938,7 +885,6 @@ func Close(fd int) (err error) { func libc_close_trampoline() -//go:linkname libc_close libc_close //go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -963,7 +909,6 @@ func Clonefile(src string, dst string, flags int) (err error) { func libc_clonefile_trampoline() -//go:linkname libc_clonefile libc_clonefile //go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -988,7 +933,6 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) func libc_clonefileat_trampoline() -//go:linkname libc_clonefileat libc_clonefileat //go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1004,7 +948,6 @@ func Dup(fd int) (nfd int, err error) { func libc_dup_trampoline() -//go:linkname libc_dup libc_dup //go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1019,7 +962,6 @@ func Dup2(from int, to int) (err error) { func libc_dup2_trampoline() -//go:linkname libc_dup2 libc_dup2 //go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1044,7 +986,6 @@ func Exchangedata(path1 string, path2 string, options int) (err error) { func libc_exchangedata_trampoline() -//go:linkname libc_exchangedata libc_exchangedata //go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1056,7 +997,6 @@ func Exit(code int) { func libc_exit_trampoline() -//go:linkname libc_exit libc_exit //go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1076,7 +1016,6 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_faccessat_trampoline() -//go:linkname libc_faccessat libc_faccessat //go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1091,7 +1030,6 @@ func Fchdir(fd int) (err error) { func libc_fchdir_trampoline() -//go:linkname libc_fchdir libc_fchdir //go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1106,7 +1044,6 @@ func Fchflags(fd int, flags int) (err error) { func libc_fchflags_trampoline() -//go:linkname libc_fchflags libc_fchflags //go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1121,7 +1058,6 @@ func Fchmod(fd int, mode uint32) (err error) { func libc_fchmod_trampoline() -//go:linkname libc_fchmod libc_fchmod //go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1141,7 +1077,6 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_fchmodat_trampoline() -//go:linkname libc_fchmodat libc_fchmodat //go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1156,7 +1091,6 @@ func Fchown(fd int, uid int, gid int) (err error) { func libc_fchown_trampoline() -//go:linkname libc_fchown libc_fchown //go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1176,7 +1110,6 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) { func libc_fchownat_trampoline() -//go:linkname libc_fchownat libc_fchownat //go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1196,7 +1129,6 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) func libc_fclonefileat_trampoline() -//go:linkname libc_fclonefileat libc_fclonefileat //go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1211,7 +1143,6 @@ func Flock(fd int, how int) (err error) { func libc_flock_trampoline() -//go:linkname libc_flock libc_flock //go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1227,7 +1158,6 @@ func Fpathconf(fd int, name int) (val int, err error) { func libc_fpathconf_trampoline() -//go:linkname libc_fpathconf libc_fpathconf //go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1242,7 +1172,6 @@ func Fsync(fd int) (err error) { func libc_fsync_trampoline() -//go:linkname libc_fsync libc_fsync //go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1257,7 +1186,6 @@ func Ftruncate(fd int, length int64) (err error) { func libc_ftruncate_trampoline() -//go:linkname libc_ftruncate libc_ftruncate //go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1279,7 +1207,6 @@ func Getcwd(buf []byte) (n int, err error) { func libc_getcwd_trampoline() -//go:linkname libc_getcwd libc_getcwd //go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1292,7 +1219,6 @@ func Getdtablesize() (size int) { func libc_getdtablesize_trampoline() -//go:linkname libc_getdtablesize libc_getdtablesize //go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1305,7 +1231,6 @@ func Getegid() (egid int) { func libc_getegid_trampoline() -//go:linkname libc_getegid libc_getegid //go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1318,7 +1243,6 @@ func Geteuid() (uid int) { func libc_geteuid_trampoline() -//go:linkname libc_geteuid libc_geteuid //go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1331,7 +1255,6 @@ func Getgid() (gid int) { func libc_getgid_trampoline() -//go:linkname libc_getgid libc_getgid //go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1347,7 +1270,6 @@ func Getpgid(pid int) (pgid int, err error) { func libc_getpgid_trampoline() -//go:linkname libc_getpgid libc_getpgid //go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1360,7 +1282,6 @@ func Getpgrp() (pgrp int) { func libc_getpgrp_trampoline() -//go:linkname libc_getpgrp libc_getpgrp //go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1373,7 +1294,6 @@ func Getpid() (pid int) { func libc_getpid_trampoline() -//go:linkname libc_getpid libc_getpid //go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1386,7 +1306,6 @@ func Getppid() (ppid int) { func libc_getppid_trampoline() -//go:linkname libc_getppid libc_getppid //go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1402,7 +1321,6 @@ func Getpriority(which int, who int) (prio int, err error) { func libc_getpriority_trampoline() -//go:linkname libc_getpriority libc_getpriority //go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1417,7 +1335,6 @@ func Getrlimit(which int, lim *Rlimit) (err error) { func libc_getrlimit_trampoline() -//go:linkname libc_getrlimit libc_getrlimit //go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1432,7 +1349,6 @@ func Getrusage(who int, rusage *Rusage) (err error) { func libc_getrusage_trampoline() -//go:linkname libc_getrusage libc_getrusage //go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1448,7 +1364,6 @@ func Getsid(pid int) (sid int, err error) { func libc_getsid_trampoline() -//go:linkname libc_getsid libc_getsid //go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1463,7 +1378,6 @@ func Gettimeofday(tp *Timeval) (err error) { func libc_gettimeofday_trampoline() -//go:linkname libc_gettimeofday libc_gettimeofday //go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1476,7 +1390,6 @@ func Getuid() (uid int) { func libc_getuid_trampoline() -//go:linkname libc_getuid libc_getuid //go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1489,7 +1402,6 @@ func Issetugid() (tainted bool) { func libc_issetugid_trampoline() -//go:linkname libc_issetugid libc_issetugid //go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1505,7 +1417,6 @@ func Kqueue() (fd int, err error) { func libc_kqueue_trampoline() -//go:linkname libc_kqueue libc_kqueue //go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1525,7 +1436,6 @@ func Lchown(path string, uid int, gid int) (err error) { func libc_lchown_trampoline() -//go:linkname libc_lchown libc_lchown //go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1550,7 +1460,6 @@ func Link(path string, link string) (err error) { func libc_link_trampoline() -//go:linkname libc_link libc_link //go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1575,7 +1484,6 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er func libc_linkat_trampoline() -//go:linkname libc_linkat libc_linkat //go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1590,7 +1498,6 @@ func Listen(s int, backlog int) (err error) { func libc_listen_trampoline() -//go:linkname libc_listen libc_listen //go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1610,7 +1517,6 @@ func Mkdir(path string, mode uint32) (err error) { func libc_mkdir_trampoline() -//go:linkname libc_mkdir libc_mkdir //go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1630,7 +1536,6 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) { func libc_mkdirat_trampoline() -//go:linkname libc_mkdirat libc_mkdirat //go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1650,7 +1555,6 @@ func Mkfifo(path string, mode uint32) (err error) { func libc_mkfifo_trampoline() -//go:linkname libc_mkfifo libc_mkfifo //go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1670,7 +1574,6 @@ func Mknod(path string, mode uint32, dev int) (err error) { func libc_mknod_trampoline() -//go:linkname libc_mknod libc_mknod //go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1691,7 +1594,6 @@ func Open(path string, mode int, perm uint32) (fd int, err error) { func libc_open_trampoline() -//go:linkname libc_open libc_open //go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1712,7 +1614,6 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) { func libc_openat_trampoline() -//go:linkname libc_openat libc_openat //go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1733,7 +1634,6 @@ func Pathconf(path string, name int) (val int, err error) { func libc_pathconf_trampoline() -//go:linkname libc_pathconf libc_pathconf //go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1755,7 +1655,6 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) { func libc_pread_trampoline() -//go:linkname libc_pread libc_pread //go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1777,7 +1676,6 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) { func libc_pwrite_trampoline() -//go:linkname libc_pwrite libc_pwrite //go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1799,7 +1697,6 @@ func read(fd int, p []byte) (n int, err error) { func libc_read_trampoline() -//go:linkname libc_read libc_read //go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1826,7 +1723,6 @@ func Readlink(path string, buf []byte) (n int, err error) { func libc_readlink_trampoline() -//go:linkname libc_readlink libc_readlink //go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1853,7 +1749,6 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) { func libc_readlinkat_trampoline() -//go:linkname libc_readlinkat libc_readlinkat //go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1878,7 +1773,6 @@ func Rename(from string, to string) (err error) { func libc_rename_trampoline() -//go:linkname libc_rename libc_rename //go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1903,7 +1797,6 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) { func libc_renameat_trampoline() -//go:linkname libc_renameat libc_renameat //go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1923,7 +1816,6 @@ func Revoke(path string) (err error) { func libc_revoke_trampoline() -//go:linkname libc_revoke libc_revoke //go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1943,7 +1835,6 @@ func Rmdir(path string) (err error) { func libc_rmdir_trampoline() -//go:linkname libc_rmdir libc_rmdir //go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1959,7 +1850,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { func libc_lseek_trampoline() -//go:linkname libc_lseek libc_lseek //go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1975,7 +1865,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err func libc_select_trampoline() -//go:linkname libc_select libc_select //go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1990,7 +1879,6 @@ func Setegid(egid int) (err error) { func libc_setegid_trampoline() -//go:linkname libc_setegid libc_setegid //go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2005,7 +1893,6 @@ func Seteuid(euid int) (err error) { func libc_seteuid_trampoline() -//go:linkname libc_seteuid libc_seteuid //go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2020,7 +1907,6 @@ func Setgid(gid int) (err error) { func libc_setgid_trampoline() -//go:linkname libc_setgid libc_setgid //go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2040,7 +1926,6 @@ func Setlogin(name string) (err error) { func libc_setlogin_trampoline() -//go:linkname libc_setlogin libc_setlogin //go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2055,7 +1940,6 @@ func Setpgid(pid int, pgid int) (err error) { func libc_setpgid_trampoline() -//go:linkname libc_setpgid libc_setpgid //go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2070,7 +1954,6 @@ func Setpriority(which int, who int, prio int) (err error) { func libc_setpriority_trampoline() -//go:linkname libc_setpriority libc_setpriority //go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2085,7 +1968,6 @@ func Setprivexec(flag int) (err error) { func libc_setprivexec_trampoline() -//go:linkname libc_setprivexec libc_setprivexec //go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2100,7 +1982,6 @@ func Setregid(rgid int, egid int) (err error) { func libc_setregid_trampoline() -//go:linkname libc_setregid libc_setregid //go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2115,7 +1996,6 @@ func Setreuid(ruid int, euid int) (err error) { func libc_setreuid_trampoline() -//go:linkname libc_setreuid libc_setreuid //go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2130,7 +2010,6 @@ func Setrlimit(which int, lim *Rlimit) (err error) { func libc_setrlimit_trampoline() -//go:linkname libc_setrlimit libc_setrlimit //go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2146,7 +2025,6 @@ func Setsid() (pid int, err error) { func libc_setsid_trampoline() -//go:linkname libc_setsid libc_setsid //go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2161,7 +2039,6 @@ func Settimeofday(tp *Timeval) (err error) { func libc_settimeofday_trampoline() -//go:linkname libc_settimeofday libc_settimeofday //go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2176,7 +2053,6 @@ func Setuid(uid int) (err error) { func libc_setuid_trampoline() -//go:linkname libc_setuid libc_setuid //go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2201,7 +2077,6 @@ func Symlink(path string, link string) (err error) { func libc_symlink_trampoline() -//go:linkname libc_symlink libc_symlink //go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2226,7 +2101,6 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) { func libc_symlinkat_trampoline() -//go:linkname libc_symlinkat libc_symlinkat //go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2241,7 +2115,6 @@ func Sync() (err error) { func libc_sync_trampoline() -//go:linkname libc_sync libc_sync //go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2261,7 +2134,6 @@ func Truncate(path string, length int64) (err error) { func libc_truncate_trampoline() -//go:linkname libc_truncate libc_truncate //go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2274,7 +2146,6 @@ func Umask(newmask int) (oldmask int) { func libc_umask_trampoline() -//go:linkname libc_umask libc_umask //go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2294,7 +2165,6 @@ func Undelete(path string) (err error) { func libc_undelete_trampoline() -//go:linkname libc_undelete libc_undelete //go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2314,7 +2184,6 @@ func Unlink(path string) (err error) { func libc_unlink_trampoline() -//go:linkname libc_unlink libc_unlink //go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2334,7 +2203,6 @@ func Unlinkat(dirfd int, path string, flags int) (err error) { func libc_unlinkat_trampoline() -//go:linkname libc_unlinkat libc_unlinkat //go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2354,7 +2222,6 @@ func Unmount(path string, flags int) (err error) { func libc_unmount_trampoline() -//go:linkname libc_unmount libc_unmount //go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2376,7 +2243,6 @@ func write(fd int, p []byte) (n int, err error) { func libc_write_trampoline() -//go:linkname libc_write libc_write //go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2392,7 +2258,6 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) ( func libc_mmap_trampoline() -//go:linkname libc_mmap libc_mmap //go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2407,7 +2272,6 @@ func munmap(addr uintptr, length uintptr) (err error) { func libc_munmap_trampoline() -//go:linkname libc_munmap libc_munmap //go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2444,7 +2308,6 @@ func Fstat(fd int, stat *Stat_t) (err error) { func libc_fstat_trampoline() -//go:linkname libc_fstat libc_fstat //go:cgo_import_dynamic libc_fstat fstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2464,7 +2327,6 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) { func libc_fstatat_trampoline() -//go:linkname libc_fstatat libc_fstatat //go:cgo_import_dynamic libc_fstatat fstatat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2479,7 +2341,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) { func libc_fstatfs_trampoline() -//go:linkname libc_fstatfs libc_fstatfs //go:cgo_import_dynamic libc_fstatfs fstatfs "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2495,7 +2356,6 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) { func libc_getfsstat_trampoline() -//go:linkname libc_getfsstat libc_getfsstat //go:cgo_import_dynamic libc_getfsstat getfsstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2515,7 +2375,6 @@ func Lstat(path string, stat *Stat_t) (err error) { func libc_lstat_trampoline() -//go:linkname libc_lstat libc_lstat //go:cgo_import_dynamic libc_lstat lstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2535,7 +2394,6 @@ func Stat(path string, stat *Stat_t) (err error) { func libc_stat_trampoline() -//go:linkname libc_stat libc_stat //go:cgo_import_dynamic libc_stat stat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2555,5 +2413,4 @@ func Statfs(path string, stat *Statfs_t) (err error) { func libc_statfs_trampoline() -//go:linkname libc_statfs libc_statfs //go:cgo_import_dynamic libc_statfs statfs "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go index d64e6c806f54..870eb37abf57 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go @@ -24,7 +24,6 @@ func closedir(dir uintptr) (err error) { func libc_closedir_trampoline() -//go:linkname libc_closedir libc_closedir //go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -37,5 +36,4 @@ func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) { func libc_readdir_r_trampoline() -//go:linkname libc_readdir_r libc_readdir_r //go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go index 23b65a5301ad..9b01a79c41ea 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go @@ -25,7 +25,6 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) { func libc_getgroups_trampoline() -//go:linkname libc_getgroups libc_getgroups //go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -40,7 +39,6 @@ func setgroups(ngid int, gid *_Gid_t) (err error) { func libc_setgroups_trampoline() -//go:linkname libc_setgroups libc_setgroups //go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -56,7 +54,6 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err func libc_wait4_trampoline() -//go:linkname libc_wait4 libc_wait4 //go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -72,7 +69,6 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) { func libc_accept_trampoline() -//go:linkname libc_accept libc_accept //go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -87,7 +83,6 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_bind_trampoline() -//go:linkname libc_bind libc_bind //go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,7 +97,6 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_connect_trampoline() -//go:linkname libc_connect libc_connect //go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -118,7 +112,6 @@ func socket(domain int, typ int, proto int) (fd int, err error) { func libc_socket_trampoline() -//go:linkname libc_socket libc_socket //go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -133,7 +126,6 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen func libc_getsockopt_trampoline() -//go:linkname libc_getsockopt libc_getsockopt //go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -148,7 +140,6 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) func libc_setsockopt_trampoline() -//go:linkname libc_setsockopt libc_setsockopt //go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -163,7 +154,6 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getpeername_trampoline() -//go:linkname libc_getpeername libc_getpeername //go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -178,7 +168,6 @@ func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getsockname_trampoline() -//go:linkname libc_getsockname libc_getsockname //go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -193,7 +182,6 @@ func Shutdown(s int, how int) (err error) { func libc_shutdown_trampoline() -//go:linkname libc_shutdown libc_shutdown //go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -208,7 +196,6 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) { func libc_socketpair_trampoline() -//go:linkname libc_socketpair libc_socketpair //go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -230,7 +217,6 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl func libc_recvfrom_trampoline() -//go:linkname libc_recvfrom libc_recvfrom //go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -251,7 +237,6 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) ( func libc_sendto_trampoline() -//go:linkname libc_sendto libc_sendto //go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -267,7 +252,6 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_recvmsg_trampoline() -//go:linkname libc_recvmsg libc_recvmsg //go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -283,7 +267,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_sendmsg_trampoline() -//go:linkname libc_sendmsg libc_sendmsg //go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -299,7 +282,6 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne func libc_kevent_trampoline() -//go:linkname libc_kevent libc_kevent //go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -319,7 +301,6 @@ func utimes(path string, timeval *[2]Timeval) (err error) { func libc_utimes_trampoline() -//go:linkname libc_utimes libc_utimes //go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -334,7 +315,6 @@ func futimes(fd int, timeval *[2]Timeval) (err error) { func libc_futimes_trampoline() -//go:linkname libc_futimes libc_futimes //go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -350,7 +330,6 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { func libc_poll_trampoline() -//go:linkname libc_poll libc_poll //go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -371,7 +350,6 @@ func Madvise(b []byte, behav int) (err error) { func libc_madvise_trampoline() -//go:linkname libc_madvise libc_madvise //go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -392,7 +370,6 @@ func Mlock(b []byte) (err error) { func libc_mlock_trampoline() -//go:linkname libc_mlock libc_mlock //go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -407,7 +384,6 @@ func Mlockall(flags int) (err error) { func libc_mlockall_trampoline() -//go:linkname libc_mlockall libc_mlockall //go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -428,7 +404,6 @@ func Mprotect(b []byte, prot int) (err error) { func libc_mprotect_trampoline() -//go:linkname libc_mprotect libc_mprotect //go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -449,7 +424,6 @@ func Msync(b []byte, flags int) (err error) { func libc_msync_trampoline() -//go:linkname libc_msync libc_msync //go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -470,7 +444,6 @@ func Munlock(b []byte) (err error) { func libc_munlock_trampoline() -//go:linkname libc_munlock libc_munlock //go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -485,15 +458,12 @@ func Munlockall() (err error) { func libc_munlockall_trampoline() -//go:linkname libc_munlockall libc_munlockall //go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func pipe() (r int, w int, err error) { - r0, r1, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), 0, 0, 0) - r = int(r0) - w = int(r1) +func pipe(p *[2]int32) (err error) { + _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0) if e1 != 0 { err = errnoErr(e1) } @@ -502,7 +472,6 @@ func pipe() (r int, w int, err error) { func libc_pipe_trampoline() -//go:linkname libc_pipe libc_pipe //go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -528,7 +497,6 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o func libc_getxattr_trampoline() -//go:linkname libc_getxattr libc_getxattr //go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -549,7 +517,6 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio func libc_fgetxattr_trampoline() -//go:linkname libc_fgetxattr libc_fgetxattr //go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -574,7 +541,6 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o func libc_setxattr_trampoline() -//go:linkname libc_setxattr libc_setxattr //go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -594,7 +560,6 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio func libc_fsetxattr_trampoline() -//go:linkname libc_fsetxattr libc_fsetxattr //go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -619,7 +584,6 @@ func removexattr(path string, attr string, options int) (err error) { func libc_removexattr_trampoline() -//go:linkname libc_removexattr libc_removexattr //go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -639,7 +603,6 @@ func fremovexattr(fd int, attr string, options int) (err error) { func libc_fremovexattr_trampoline() -//go:linkname libc_fremovexattr libc_fremovexattr //go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -660,7 +623,6 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro func libc_listxattr_trampoline() -//go:linkname libc_listxattr libc_listxattr //go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -676,7 +638,6 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) { func libc_flistxattr_trampoline() -//go:linkname libc_flistxattr libc_flistxattr //go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -691,7 +652,6 @@ func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintp func libc_setattrlist_trampoline() -//go:linkname libc_setattrlist libc_setattrlist //go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -707,7 +667,6 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) { func libc_fcntl_trampoline() -//go:linkname libc_fcntl libc_fcntl //go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -722,7 +681,6 @@ func kill(pid int, signum int, posix int) (err error) { func libc_kill_trampoline() -//go:linkname libc_kill libc_kill //go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -737,7 +695,6 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { func libc_ioctl_trampoline() -//go:linkname libc_ioctl libc_ioctl //go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -758,7 +715,6 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) func libc_sysctl_trampoline() -//go:linkname libc_sysctl libc_sysctl //go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -773,7 +729,6 @@ func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer func libc_sendfile_trampoline() -//go:linkname libc_sendfile libc_sendfile //go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -793,7 +748,6 @@ func Access(path string, mode uint32) (err error) { func libc_access_trampoline() -//go:linkname libc_access libc_access //go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -808,7 +762,6 @@ func Adjtime(delta *Timeval, olddelta *Timeval) (err error) { func libc_adjtime_trampoline() -//go:linkname libc_adjtime libc_adjtime //go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -828,7 +781,6 @@ func Chdir(path string) (err error) { func libc_chdir_trampoline() -//go:linkname libc_chdir libc_chdir //go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -848,7 +800,6 @@ func Chflags(path string, flags int) (err error) { func libc_chflags_trampoline() -//go:linkname libc_chflags libc_chflags //go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -868,7 +819,6 @@ func Chmod(path string, mode uint32) (err error) { func libc_chmod_trampoline() -//go:linkname libc_chmod libc_chmod //go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -888,7 +838,6 @@ func Chown(path string, uid int, gid int) (err error) { func libc_chown_trampoline() -//go:linkname libc_chown libc_chown //go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -908,7 +857,6 @@ func Chroot(path string) (err error) { func libc_chroot_trampoline() -//go:linkname libc_chroot libc_chroot //go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -923,7 +871,6 @@ func ClockGettime(clockid int32, time *Timespec) (err error) { func libc_clock_gettime_trampoline() -//go:linkname libc_clock_gettime libc_clock_gettime //go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -938,7 +885,6 @@ func Close(fd int) (err error) { func libc_close_trampoline() -//go:linkname libc_close libc_close //go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -963,7 +909,6 @@ func Clonefile(src string, dst string, flags int) (err error) { func libc_clonefile_trampoline() -//go:linkname libc_clonefile libc_clonefile //go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -988,7 +933,6 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) func libc_clonefileat_trampoline() -//go:linkname libc_clonefileat libc_clonefileat //go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1004,7 +948,6 @@ func Dup(fd int) (nfd int, err error) { func libc_dup_trampoline() -//go:linkname libc_dup libc_dup //go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1019,7 +962,6 @@ func Dup2(from int, to int) (err error) { func libc_dup2_trampoline() -//go:linkname libc_dup2 libc_dup2 //go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1044,7 +986,6 @@ func Exchangedata(path1 string, path2 string, options int) (err error) { func libc_exchangedata_trampoline() -//go:linkname libc_exchangedata libc_exchangedata //go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1056,7 +997,6 @@ func Exit(code int) { func libc_exit_trampoline() -//go:linkname libc_exit libc_exit //go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1076,7 +1016,6 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_faccessat_trampoline() -//go:linkname libc_faccessat libc_faccessat //go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1091,7 +1030,6 @@ func Fchdir(fd int) (err error) { func libc_fchdir_trampoline() -//go:linkname libc_fchdir libc_fchdir //go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1106,7 +1044,6 @@ func Fchflags(fd int, flags int) (err error) { func libc_fchflags_trampoline() -//go:linkname libc_fchflags libc_fchflags //go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1121,7 +1058,6 @@ func Fchmod(fd int, mode uint32) (err error) { func libc_fchmod_trampoline() -//go:linkname libc_fchmod libc_fchmod //go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1141,7 +1077,6 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_fchmodat_trampoline() -//go:linkname libc_fchmodat libc_fchmodat //go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1156,7 +1091,6 @@ func Fchown(fd int, uid int, gid int) (err error) { func libc_fchown_trampoline() -//go:linkname libc_fchown libc_fchown //go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1176,7 +1110,6 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) { func libc_fchownat_trampoline() -//go:linkname libc_fchownat libc_fchownat //go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1196,7 +1129,6 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) func libc_fclonefileat_trampoline() -//go:linkname libc_fclonefileat libc_fclonefileat //go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1211,7 +1143,6 @@ func Flock(fd int, how int) (err error) { func libc_flock_trampoline() -//go:linkname libc_flock libc_flock //go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1227,7 +1158,6 @@ func Fpathconf(fd int, name int) (val int, err error) { func libc_fpathconf_trampoline() -//go:linkname libc_fpathconf libc_fpathconf //go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1242,7 +1172,6 @@ func Fsync(fd int) (err error) { func libc_fsync_trampoline() -//go:linkname libc_fsync libc_fsync //go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1257,7 +1186,6 @@ func Ftruncate(fd int, length int64) (err error) { func libc_ftruncate_trampoline() -//go:linkname libc_ftruncate libc_ftruncate //go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1279,7 +1207,6 @@ func Getcwd(buf []byte) (n int, err error) { func libc_getcwd_trampoline() -//go:linkname libc_getcwd libc_getcwd //go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1292,7 +1219,6 @@ func Getdtablesize() (size int) { func libc_getdtablesize_trampoline() -//go:linkname libc_getdtablesize libc_getdtablesize //go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1305,7 +1231,6 @@ func Getegid() (egid int) { func libc_getegid_trampoline() -//go:linkname libc_getegid libc_getegid //go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1318,7 +1243,6 @@ func Geteuid() (uid int) { func libc_geteuid_trampoline() -//go:linkname libc_geteuid libc_geteuid //go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1331,7 +1255,6 @@ func Getgid() (gid int) { func libc_getgid_trampoline() -//go:linkname libc_getgid libc_getgid //go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1347,7 +1270,6 @@ func Getpgid(pid int) (pgid int, err error) { func libc_getpgid_trampoline() -//go:linkname libc_getpgid libc_getpgid //go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1360,7 +1282,6 @@ func Getpgrp() (pgrp int) { func libc_getpgrp_trampoline() -//go:linkname libc_getpgrp libc_getpgrp //go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1373,7 +1294,6 @@ func Getpid() (pid int) { func libc_getpid_trampoline() -//go:linkname libc_getpid libc_getpid //go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1386,7 +1306,6 @@ func Getppid() (ppid int) { func libc_getppid_trampoline() -//go:linkname libc_getppid libc_getppid //go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1402,7 +1321,6 @@ func Getpriority(which int, who int) (prio int, err error) { func libc_getpriority_trampoline() -//go:linkname libc_getpriority libc_getpriority //go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1417,7 +1335,6 @@ func Getrlimit(which int, lim *Rlimit) (err error) { func libc_getrlimit_trampoline() -//go:linkname libc_getrlimit libc_getrlimit //go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1432,7 +1349,6 @@ func Getrusage(who int, rusage *Rusage) (err error) { func libc_getrusage_trampoline() -//go:linkname libc_getrusage libc_getrusage //go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1448,7 +1364,6 @@ func Getsid(pid int) (sid int, err error) { func libc_getsid_trampoline() -//go:linkname libc_getsid libc_getsid //go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1463,7 +1378,6 @@ func Gettimeofday(tp *Timeval) (err error) { func libc_gettimeofday_trampoline() -//go:linkname libc_gettimeofday libc_gettimeofday //go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1476,7 +1390,6 @@ func Getuid() (uid int) { func libc_getuid_trampoline() -//go:linkname libc_getuid libc_getuid //go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1489,7 +1402,6 @@ func Issetugid() (tainted bool) { func libc_issetugid_trampoline() -//go:linkname libc_issetugid libc_issetugid //go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1505,7 +1417,6 @@ func Kqueue() (fd int, err error) { func libc_kqueue_trampoline() -//go:linkname libc_kqueue libc_kqueue //go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1525,7 +1436,6 @@ func Lchown(path string, uid int, gid int) (err error) { func libc_lchown_trampoline() -//go:linkname libc_lchown libc_lchown //go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1550,7 +1460,6 @@ func Link(path string, link string) (err error) { func libc_link_trampoline() -//go:linkname libc_link libc_link //go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1575,7 +1484,6 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er func libc_linkat_trampoline() -//go:linkname libc_linkat libc_linkat //go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1590,7 +1498,6 @@ func Listen(s int, backlog int) (err error) { func libc_listen_trampoline() -//go:linkname libc_listen libc_listen //go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1610,7 +1517,6 @@ func Mkdir(path string, mode uint32) (err error) { func libc_mkdir_trampoline() -//go:linkname libc_mkdir libc_mkdir //go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1630,7 +1536,6 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) { func libc_mkdirat_trampoline() -//go:linkname libc_mkdirat libc_mkdirat //go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1650,7 +1555,6 @@ func Mkfifo(path string, mode uint32) (err error) { func libc_mkfifo_trampoline() -//go:linkname libc_mkfifo libc_mkfifo //go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1670,7 +1574,6 @@ func Mknod(path string, mode uint32, dev int) (err error) { func libc_mknod_trampoline() -//go:linkname libc_mknod libc_mknod //go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1691,7 +1594,6 @@ func Open(path string, mode int, perm uint32) (fd int, err error) { func libc_open_trampoline() -//go:linkname libc_open libc_open //go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1712,7 +1614,6 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) { func libc_openat_trampoline() -//go:linkname libc_openat libc_openat //go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1733,7 +1634,6 @@ func Pathconf(path string, name int) (val int, err error) { func libc_pathconf_trampoline() -//go:linkname libc_pathconf libc_pathconf //go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1755,7 +1655,6 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) { func libc_pread_trampoline() -//go:linkname libc_pread libc_pread //go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1777,7 +1676,6 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) { func libc_pwrite_trampoline() -//go:linkname libc_pwrite libc_pwrite //go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1799,7 +1697,6 @@ func read(fd int, p []byte) (n int, err error) { func libc_read_trampoline() -//go:linkname libc_read libc_read //go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1826,7 +1723,6 @@ func Readlink(path string, buf []byte) (n int, err error) { func libc_readlink_trampoline() -//go:linkname libc_readlink libc_readlink //go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1853,7 +1749,6 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) { func libc_readlinkat_trampoline() -//go:linkname libc_readlinkat libc_readlinkat //go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1878,7 +1773,6 @@ func Rename(from string, to string) (err error) { func libc_rename_trampoline() -//go:linkname libc_rename libc_rename //go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1903,7 +1797,6 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) { func libc_renameat_trampoline() -//go:linkname libc_renameat libc_renameat //go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1923,7 +1816,6 @@ func Revoke(path string) (err error) { func libc_revoke_trampoline() -//go:linkname libc_revoke libc_revoke //go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1943,7 +1835,6 @@ func Rmdir(path string) (err error) { func libc_rmdir_trampoline() -//go:linkname libc_rmdir libc_rmdir //go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1959,7 +1850,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { func libc_lseek_trampoline() -//go:linkname libc_lseek libc_lseek //go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1975,7 +1865,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err func libc_select_trampoline() -//go:linkname libc_select libc_select //go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1990,7 +1879,6 @@ func Setegid(egid int) (err error) { func libc_setegid_trampoline() -//go:linkname libc_setegid libc_setegid //go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2005,7 +1893,6 @@ func Seteuid(euid int) (err error) { func libc_seteuid_trampoline() -//go:linkname libc_seteuid libc_seteuid //go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2020,7 +1907,6 @@ func Setgid(gid int) (err error) { func libc_setgid_trampoline() -//go:linkname libc_setgid libc_setgid //go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2040,7 +1926,6 @@ func Setlogin(name string) (err error) { func libc_setlogin_trampoline() -//go:linkname libc_setlogin libc_setlogin //go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2055,7 +1940,6 @@ func Setpgid(pid int, pgid int) (err error) { func libc_setpgid_trampoline() -//go:linkname libc_setpgid libc_setpgid //go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2070,7 +1954,6 @@ func Setpriority(which int, who int, prio int) (err error) { func libc_setpriority_trampoline() -//go:linkname libc_setpriority libc_setpriority //go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2085,7 +1968,6 @@ func Setprivexec(flag int) (err error) { func libc_setprivexec_trampoline() -//go:linkname libc_setprivexec libc_setprivexec //go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2100,7 +1982,6 @@ func Setregid(rgid int, egid int) (err error) { func libc_setregid_trampoline() -//go:linkname libc_setregid libc_setregid //go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2115,7 +1996,6 @@ func Setreuid(ruid int, euid int) (err error) { func libc_setreuid_trampoline() -//go:linkname libc_setreuid libc_setreuid //go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2130,7 +2010,6 @@ func Setrlimit(which int, lim *Rlimit) (err error) { func libc_setrlimit_trampoline() -//go:linkname libc_setrlimit libc_setrlimit //go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2146,7 +2025,6 @@ func Setsid() (pid int, err error) { func libc_setsid_trampoline() -//go:linkname libc_setsid libc_setsid //go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2161,7 +2039,6 @@ func Settimeofday(tp *Timeval) (err error) { func libc_settimeofday_trampoline() -//go:linkname libc_settimeofday libc_settimeofday //go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2176,7 +2053,6 @@ func Setuid(uid int) (err error) { func libc_setuid_trampoline() -//go:linkname libc_setuid libc_setuid //go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2201,7 +2077,6 @@ func Symlink(path string, link string) (err error) { func libc_symlink_trampoline() -//go:linkname libc_symlink libc_symlink //go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2226,7 +2101,6 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) { func libc_symlinkat_trampoline() -//go:linkname libc_symlinkat libc_symlinkat //go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2241,7 +2115,6 @@ func Sync() (err error) { func libc_sync_trampoline() -//go:linkname libc_sync libc_sync //go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2261,7 +2134,6 @@ func Truncate(path string, length int64) (err error) { func libc_truncate_trampoline() -//go:linkname libc_truncate libc_truncate //go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2274,7 +2146,6 @@ func Umask(newmask int) (oldmask int) { func libc_umask_trampoline() -//go:linkname libc_umask libc_umask //go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2294,7 +2165,6 @@ func Undelete(path string) (err error) { func libc_undelete_trampoline() -//go:linkname libc_undelete libc_undelete //go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2314,7 +2184,6 @@ func Unlink(path string) (err error) { func libc_unlink_trampoline() -//go:linkname libc_unlink libc_unlink //go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2334,7 +2203,6 @@ func Unlinkat(dirfd int, path string, flags int) (err error) { func libc_unlinkat_trampoline() -//go:linkname libc_unlinkat libc_unlinkat //go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2354,7 +2222,6 @@ func Unmount(path string, flags int) (err error) { func libc_unmount_trampoline() -//go:linkname libc_unmount libc_unmount //go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2376,7 +2243,6 @@ func write(fd int, p []byte) (n int, err error) { func libc_write_trampoline() -//go:linkname libc_write libc_write //go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2392,7 +2258,6 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) ( func libc_mmap_trampoline() -//go:linkname libc_mmap libc_mmap //go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2407,7 +2272,6 @@ func munmap(addr uintptr, length uintptr) (err error) { func libc_munmap_trampoline() -//go:linkname libc_munmap libc_munmap //go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2444,7 +2308,6 @@ func Fstat(fd int, stat *Stat_t) (err error) { func libc_fstat_trampoline() -//go:linkname libc_fstat libc_fstat //go:cgo_import_dynamic libc_fstat fstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2464,7 +2327,6 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) { func libc_fstatat_trampoline() -//go:linkname libc_fstatat libc_fstatat //go:cgo_import_dynamic libc_fstatat fstatat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2479,7 +2341,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) { func libc_fstatfs_trampoline() -//go:linkname libc_fstatfs libc_fstatfs //go:cgo_import_dynamic libc_fstatfs fstatfs "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2495,7 +2356,6 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) { func libc_getfsstat_trampoline() -//go:linkname libc_getfsstat libc_getfsstat //go:cgo_import_dynamic libc_getfsstat getfsstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2515,12 +2375,11 @@ func Lstat(path string, stat *Stat_t) (err error) { func libc_lstat_trampoline() -//go:linkname libc_lstat libc_lstat //go:cgo_import_dynamic libc_lstat lstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { +func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) { _, _, e1 := syscall_syscall6(funcPC(libc_ptrace_trampoline), uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) if e1 != 0 { err = errnoErr(e1) @@ -2530,7 +2389,6 @@ func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { func libc_ptrace_trampoline() -//go:linkname libc_ptrace libc_ptrace //go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2550,7 +2408,6 @@ func Stat(path string, stat *Stat_t) (err error) { func libc_stat_trampoline() -//go:linkname libc_stat libc_stat //go:cgo_import_dynamic libc_stat stat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2570,5 +2427,4 @@ func Statfs(path string, stat *Statfs_t) (err error) { func libc_statfs_trampoline() -//go:linkname libc_statfs libc_statfs //go:cgo_import_dynamic libc_statfs statfs "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go index aebfe511ad52..1aaccd3615ee 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go @@ -362,6 +362,16 @@ func pipe() (r int, w int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func pipe2(p *[2]_C_int, flags int) (err error) { + _, _, e1 := RawSyscall(SYS_PIPE2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func extpread(fd int, p []byte, flags int, offset int64) (n int, err error) { var _p0 unsafe.Pointer if len(p) > 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go index d3af083f4e7c..665dd9e4b49e 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go @@ -14,22 +14,19 @@ import ( //go:cgo_import_dynamic libc_writev writev "libc.so" //go:cgo_import_dynamic libc_pwritev pwritev "libc.so" //go:cgo_import_dynamic libc_accept4 accept4 "libsocket.so" -//go:cgo_import_dynamic libc_pipe2 pipe2 "libc.so" //go:linkname procreadv libc_readv //go:linkname procpreadv libc_preadv //go:linkname procwritev libc_writev //go:linkname procpwritev libc_pwritev //go:linkname procaccept4 libc_accept4 -//go:linkname procpipe2 libc_pipe2 var ( procreadv, procpreadv, procwritev, procpwritev, - procaccept4, - procpipe2 syscallFunc + procaccept4 syscallFunc ) // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,13 +99,3 @@ func accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, } return } - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - -func pipe2(p *[2]_C_int, flags int) (err error) { - _, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procpipe2)), 2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0, 0, 0, 0) - if e1 != 0 { - err = e1 - } - return -} diff --git a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go index a96165d4bf06..6dbb83716c23 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go @@ -11,6 +11,7 @@ import ( ) //go:cgo_import_dynamic libc_pipe pipe "libc.so" +//go:cgo_import_dynamic libc_pipe2 pipe2 "libc.so" //go:cgo_import_dynamic libc_getsockname getsockname "libsocket.so" //go:cgo_import_dynamic libc_getcwd getcwd "libc.so" //go:cgo_import_dynamic libc_getgroups getgroups "libc.so" @@ -140,6 +141,7 @@ import ( //go:cgo_import_dynamic libc_recvfrom recvfrom "libsocket.so" //go:linkname procpipe libc_pipe +//go:linkname procpipe2 libc_pipe2 //go:linkname procgetsockname libc_getsockname //go:linkname procGetcwd libc_getcwd //go:linkname procgetgroups libc_getgroups @@ -270,6 +272,7 @@ import ( var ( procpipe, + procpipe2, procgetsockname, procGetcwd, procgetgroups, @@ -412,6 +415,16 @@ func pipe(p *[2]_C_int) (n int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func pipe2(p *[2]_C_int, flags int) (err error) { + _, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procpipe2)), 2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0, 0, 0, 0) + if e1 != 0 { + err = e1 + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { _, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procgetsockname)), 3, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), 0, 0, 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go new file mode 100644 index 000000000000..ad62324c7c14 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go @@ -0,0 +1,437 @@ +// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.13.sdk/usr/include/sys/syscall.h +// Code generated by the command above; see README.md. DO NOT EDIT. + +// +build 386,darwin + +package unix + +// Deprecated: Use libSystem wrappers instead of direct syscalls. +const ( + SYS_SYSCALL = 0 + SYS_EXIT = 1 + SYS_FORK = 2 + SYS_READ = 3 + SYS_WRITE = 4 + SYS_OPEN = 5 + SYS_CLOSE = 6 + SYS_WAIT4 = 7 + SYS_LINK = 9 + SYS_UNLINK = 10 + SYS_CHDIR = 12 + SYS_FCHDIR = 13 + SYS_MKNOD = 14 + SYS_CHMOD = 15 + SYS_CHOWN = 16 + SYS_GETFSSTAT = 18 + SYS_GETPID = 20 + SYS_SETUID = 23 + SYS_GETUID = 24 + SYS_GETEUID = 25 + SYS_PTRACE = 26 + SYS_RECVMSG = 27 + SYS_SENDMSG = 28 + SYS_RECVFROM = 29 + SYS_ACCEPT = 30 + SYS_GETPEERNAME = 31 + SYS_GETSOCKNAME = 32 + SYS_ACCESS = 33 + SYS_CHFLAGS = 34 + SYS_FCHFLAGS = 35 + SYS_SYNC = 36 + SYS_KILL = 37 + SYS_GETPPID = 39 + SYS_DUP = 41 + SYS_PIPE = 42 + SYS_GETEGID = 43 + SYS_SIGACTION = 46 + SYS_GETGID = 47 + SYS_SIGPROCMASK = 48 + SYS_GETLOGIN = 49 + SYS_SETLOGIN = 50 + SYS_ACCT = 51 + SYS_SIGPENDING = 52 + SYS_SIGALTSTACK = 53 + SYS_IOCTL = 54 + SYS_REBOOT = 55 + SYS_REVOKE = 56 + SYS_SYMLINK = 57 + SYS_READLINK = 58 + SYS_EXECVE = 59 + SYS_UMASK = 60 + SYS_CHROOT = 61 + SYS_MSYNC = 65 + SYS_VFORK = 66 + SYS_MUNMAP = 73 + SYS_MPROTECT = 74 + SYS_MADVISE = 75 + SYS_MINCORE = 78 + SYS_GETGROUPS = 79 + SYS_SETGROUPS = 80 + SYS_GETPGRP = 81 + SYS_SETPGID = 82 + SYS_SETITIMER = 83 + SYS_SWAPON = 85 + SYS_GETITIMER = 86 + SYS_GETDTABLESIZE = 89 + SYS_DUP2 = 90 + SYS_FCNTL = 92 + SYS_SELECT = 93 + SYS_FSYNC = 95 + SYS_SETPRIORITY = 96 + SYS_SOCKET = 97 + SYS_CONNECT = 98 + SYS_GETPRIORITY = 100 + SYS_BIND = 104 + SYS_SETSOCKOPT = 105 + SYS_LISTEN = 106 + SYS_SIGSUSPEND = 111 + SYS_GETTIMEOFDAY = 116 + SYS_GETRUSAGE = 117 + SYS_GETSOCKOPT = 118 + SYS_READV = 120 + SYS_WRITEV = 121 + SYS_SETTIMEOFDAY = 122 + SYS_FCHOWN = 123 + SYS_FCHMOD = 124 + SYS_SETREUID = 126 + SYS_SETREGID = 127 + SYS_RENAME = 128 + SYS_FLOCK = 131 + SYS_MKFIFO = 132 + SYS_SENDTO = 133 + SYS_SHUTDOWN = 134 + SYS_SOCKETPAIR = 135 + SYS_MKDIR = 136 + SYS_RMDIR = 137 + SYS_UTIMES = 138 + SYS_FUTIMES = 139 + SYS_ADJTIME = 140 + SYS_GETHOSTUUID = 142 + SYS_SETSID = 147 + SYS_GETPGID = 151 + SYS_SETPRIVEXEC = 152 + SYS_PREAD = 153 + SYS_PWRITE = 154 + SYS_NFSSVC = 155 + SYS_STATFS = 157 + SYS_FSTATFS = 158 + SYS_UNMOUNT = 159 + SYS_GETFH = 161 + SYS_QUOTACTL = 165 + SYS_MOUNT = 167 + SYS_CSOPS = 169 + SYS_CSOPS_AUDITTOKEN = 170 + SYS_WAITID = 173 + SYS_KDEBUG_TYPEFILTER = 177 + SYS_KDEBUG_TRACE_STRING = 178 + SYS_KDEBUG_TRACE64 = 179 + SYS_KDEBUG_TRACE = 180 + SYS_SETGID = 181 + SYS_SETEGID = 182 + SYS_SETEUID = 183 + SYS_SIGRETURN = 184 + SYS_THREAD_SELFCOUNTS = 186 + SYS_FDATASYNC = 187 + SYS_STAT = 188 + SYS_FSTAT = 189 + SYS_LSTAT = 190 + SYS_PATHCONF = 191 + SYS_FPATHCONF = 192 + SYS_GETRLIMIT = 194 + SYS_SETRLIMIT = 195 + SYS_GETDIRENTRIES = 196 + SYS_MMAP = 197 + SYS_LSEEK = 199 + SYS_TRUNCATE = 200 + SYS_FTRUNCATE = 201 + SYS_SYSCTL = 202 + SYS_MLOCK = 203 + SYS_MUNLOCK = 204 + SYS_UNDELETE = 205 + SYS_OPEN_DPROTECTED_NP = 216 + SYS_GETATTRLIST = 220 + SYS_SETATTRLIST = 221 + SYS_GETDIRENTRIESATTR = 222 + SYS_EXCHANGEDATA = 223 + SYS_SEARCHFS = 225 + SYS_DELETE = 226 + SYS_COPYFILE = 227 + SYS_FGETATTRLIST = 228 + SYS_FSETATTRLIST = 229 + SYS_POLL = 230 + SYS_WATCHEVENT = 231 + SYS_WAITEVENT = 232 + SYS_MODWATCH = 233 + SYS_GETXATTR = 234 + SYS_FGETXATTR = 235 + SYS_SETXATTR = 236 + SYS_FSETXATTR = 237 + SYS_REMOVEXATTR = 238 + SYS_FREMOVEXATTR = 239 + SYS_LISTXATTR = 240 + SYS_FLISTXATTR = 241 + SYS_FSCTL = 242 + SYS_INITGROUPS = 243 + SYS_POSIX_SPAWN = 244 + SYS_FFSCTL = 245 + SYS_NFSCLNT = 247 + SYS_FHOPEN = 248 + SYS_MINHERIT = 250 + SYS_SEMSYS = 251 + SYS_MSGSYS = 252 + SYS_SHMSYS = 253 + SYS_SEMCTL = 254 + SYS_SEMGET = 255 + SYS_SEMOP = 256 + SYS_MSGCTL = 258 + SYS_MSGGET = 259 + SYS_MSGSND = 260 + SYS_MSGRCV = 261 + SYS_SHMAT = 262 + SYS_SHMCTL = 263 + SYS_SHMDT = 264 + SYS_SHMGET = 265 + SYS_SHM_OPEN = 266 + SYS_SHM_UNLINK = 267 + SYS_SEM_OPEN = 268 + SYS_SEM_CLOSE = 269 + SYS_SEM_UNLINK = 270 + SYS_SEM_WAIT = 271 + SYS_SEM_TRYWAIT = 272 + SYS_SEM_POST = 273 + SYS_SYSCTLBYNAME = 274 + SYS_OPEN_EXTENDED = 277 + SYS_UMASK_EXTENDED = 278 + SYS_STAT_EXTENDED = 279 + SYS_LSTAT_EXTENDED = 280 + SYS_FSTAT_EXTENDED = 281 + SYS_CHMOD_EXTENDED = 282 + SYS_FCHMOD_EXTENDED = 283 + SYS_ACCESS_EXTENDED = 284 + SYS_SETTID = 285 + SYS_GETTID = 286 + SYS_SETSGROUPS = 287 + SYS_GETSGROUPS = 288 + SYS_SETWGROUPS = 289 + SYS_GETWGROUPS = 290 + SYS_MKFIFO_EXTENDED = 291 + SYS_MKDIR_EXTENDED = 292 + SYS_IDENTITYSVC = 293 + SYS_SHARED_REGION_CHECK_NP = 294 + SYS_VM_PRESSURE_MONITOR = 296 + SYS_PSYNCH_RW_LONGRDLOCK = 297 + SYS_PSYNCH_RW_YIELDWRLOCK = 298 + SYS_PSYNCH_RW_DOWNGRADE = 299 + SYS_PSYNCH_RW_UPGRADE = 300 + SYS_PSYNCH_MUTEXWAIT = 301 + SYS_PSYNCH_MUTEXDROP = 302 + SYS_PSYNCH_CVBROAD = 303 + SYS_PSYNCH_CVSIGNAL = 304 + SYS_PSYNCH_CVWAIT = 305 + SYS_PSYNCH_RW_RDLOCK = 306 + SYS_PSYNCH_RW_WRLOCK = 307 + SYS_PSYNCH_RW_UNLOCK = 308 + SYS_PSYNCH_RW_UNLOCK2 = 309 + SYS_GETSID = 310 + SYS_SETTID_WITH_PID = 311 + SYS_PSYNCH_CVCLRPREPOST = 312 + SYS_AIO_FSYNC = 313 + SYS_AIO_RETURN = 314 + SYS_AIO_SUSPEND = 315 + SYS_AIO_CANCEL = 316 + SYS_AIO_ERROR = 317 + SYS_AIO_READ = 318 + SYS_AIO_WRITE = 319 + SYS_LIO_LISTIO = 320 + SYS_IOPOLICYSYS = 322 + SYS_PROCESS_POLICY = 323 + SYS_MLOCKALL = 324 + SYS_MUNLOCKALL = 325 + SYS_ISSETUGID = 327 + SYS___PTHREAD_KILL = 328 + SYS___PTHREAD_SIGMASK = 329 + SYS___SIGWAIT = 330 + SYS___DISABLE_THREADSIGNAL = 331 + SYS___PTHREAD_MARKCANCEL = 332 + SYS___PTHREAD_CANCELED = 333 + SYS___SEMWAIT_SIGNAL = 334 + SYS_PROC_INFO = 336 + SYS_SENDFILE = 337 + SYS_STAT64 = 338 + SYS_FSTAT64 = 339 + SYS_LSTAT64 = 340 + SYS_STAT64_EXTENDED = 341 + SYS_LSTAT64_EXTENDED = 342 + SYS_FSTAT64_EXTENDED = 343 + SYS_GETDIRENTRIES64 = 344 + SYS_STATFS64 = 345 + SYS_FSTATFS64 = 346 + SYS_GETFSSTAT64 = 347 + SYS___PTHREAD_CHDIR = 348 + SYS___PTHREAD_FCHDIR = 349 + SYS_AUDIT = 350 + SYS_AUDITON = 351 + SYS_GETAUID = 353 + SYS_SETAUID = 354 + SYS_GETAUDIT_ADDR = 357 + SYS_SETAUDIT_ADDR = 358 + SYS_AUDITCTL = 359 + SYS_BSDTHREAD_CREATE = 360 + SYS_BSDTHREAD_TERMINATE = 361 + SYS_KQUEUE = 362 + SYS_KEVENT = 363 + SYS_LCHOWN = 364 + SYS_BSDTHREAD_REGISTER = 366 + SYS_WORKQ_OPEN = 367 + SYS_WORKQ_KERNRETURN = 368 + SYS_KEVENT64 = 369 + SYS___OLD_SEMWAIT_SIGNAL = 370 + SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371 + SYS_THREAD_SELFID = 372 + SYS_LEDGER = 373 + SYS_KEVENT_QOS = 374 + SYS_KEVENT_ID = 375 + SYS___MAC_EXECVE = 380 + SYS___MAC_SYSCALL = 381 + SYS___MAC_GET_FILE = 382 + SYS___MAC_SET_FILE = 383 + SYS___MAC_GET_LINK = 384 + SYS___MAC_SET_LINK = 385 + SYS___MAC_GET_PROC = 386 + SYS___MAC_SET_PROC = 387 + SYS___MAC_GET_FD = 388 + SYS___MAC_SET_FD = 389 + SYS___MAC_GET_PID = 390 + SYS_PSELECT = 394 + SYS_PSELECT_NOCANCEL = 395 + SYS_READ_NOCANCEL = 396 + SYS_WRITE_NOCANCEL = 397 + SYS_OPEN_NOCANCEL = 398 + SYS_CLOSE_NOCANCEL = 399 + SYS_WAIT4_NOCANCEL = 400 + SYS_RECVMSG_NOCANCEL = 401 + SYS_SENDMSG_NOCANCEL = 402 + SYS_RECVFROM_NOCANCEL = 403 + SYS_ACCEPT_NOCANCEL = 404 + SYS_MSYNC_NOCANCEL = 405 + SYS_FCNTL_NOCANCEL = 406 + SYS_SELECT_NOCANCEL = 407 + SYS_FSYNC_NOCANCEL = 408 + SYS_CONNECT_NOCANCEL = 409 + SYS_SIGSUSPEND_NOCANCEL = 410 + SYS_READV_NOCANCEL = 411 + SYS_WRITEV_NOCANCEL = 412 + SYS_SENDTO_NOCANCEL = 413 + SYS_PREAD_NOCANCEL = 414 + SYS_PWRITE_NOCANCEL = 415 + SYS_WAITID_NOCANCEL = 416 + SYS_POLL_NOCANCEL = 417 + SYS_MSGSND_NOCANCEL = 418 + SYS_MSGRCV_NOCANCEL = 419 + SYS_SEM_WAIT_NOCANCEL = 420 + SYS_AIO_SUSPEND_NOCANCEL = 421 + SYS___SIGWAIT_NOCANCEL = 422 + SYS___SEMWAIT_SIGNAL_NOCANCEL = 423 + SYS___MAC_MOUNT = 424 + SYS___MAC_GET_MOUNT = 425 + SYS___MAC_GETFSSTAT = 426 + SYS_FSGETPATH = 427 + SYS_AUDIT_SESSION_SELF = 428 + SYS_AUDIT_SESSION_JOIN = 429 + SYS_FILEPORT_MAKEPORT = 430 + SYS_FILEPORT_MAKEFD = 431 + SYS_AUDIT_SESSION_PORT = 432 + SYS_PID_SUSPEND = 433 + SYS_PID_RESUME = 434 + SYS_PID_HIBERNATE = 435 + SYS_PID_SHUTDOWN_SOCKETS = 436 + SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438 + SYS_KAS_INFO = 439 + SYS_MEMORYSTATUS_CONTROL = 440 + SYS_GUARDED_OPEN_NP = 441 + SYS_GUARDED_CLOSE_NP = 442 + SYS_GUARDED_KQUEUE_NP = 443 + SYS_CHANGE_FDGUARD_NP = 444 + SYS_USRCTL = 445 + SYS_PROC_RLIMIT_CONTROL = 446 + SYS_CONNECTX = 447 + SYS_DISCONNECTX = 448 + SYS_PEELOFF = 449 + SYS_SOCKET_DELEGATE = 450 + SYS_TELEMETRY = 451 + SYS_PROC_UUID_POLICY = 452 + SYS_MEMORYSTATUS_GET_LEVEL = 453 + SYS_SYSTEM_OVERRIDE = 454 + SYS_VFS_PURGE = 455 + SYS_SFI_CTL = 456 + SYS_SFI_PIDCTL = 457 + SYS_COALITION = 458 + SYS_COALITION_INFO = 459 + SYS_NECP_MATCH_POLICY = 460 + SYS_GETATTRLISTBULK = 461 + SYS_CLONEFILEAT = 462 + SYS_OPENAT = 463 + SYS_OPENAT_NOCANCEL = 464 + SYS_RENAMEAT = 465 + SYS_FACCESSAT = 466 + SYS_FCHMODAT = 467 + SYS_FCHOWNAT = 468 + SYS_FSTATAT = 469 + SYS_FSTATAT64 = 470 + SYS_LINKAT = 471 + SYS_UNLINKAT = 472 + SYS_READLINKAT = 473 + SYS_SYMLINKAT = 474 + SYS_MKDIRAT = 475 + SYS_GETATTRLISTAT = 476 + SYS_PROC_TRACE_LOG = 477 + SYS_BSDTHREAD_CTL = 478 + SYS_OPENBYID_NP = 479 + SYS_RECVMSG_X = 480 + SYS_SENDMSG_X = 481 + SYS_THREAD_SELFUSAGE = 482 + SYS_CSRCTL = 483 + SYS_GUARDED_OPEN_DPROTECTED_NP = 484 + SYS_GUARDED_WRITE_NP = 485 + SYS_GUARDED_PWRITE_NP = 486 + SYS_GUARDED_WRITEV_NP = 487 + SYS_RENAMEATX_NP = 488 + SYS_MREMAP_ENCRYPTED = 489 + SYS_NETAGENT_TRIGGER = 490 + SYS_STACK_SNAPSHOT_WITH_CONFIG = 491 + SYS_MICROSTACKSHOT = 492 + SYS_GRAB_PGO_DATA = 493 + SYS_PERSONA = 494 + SYS_WORK_INTERVAL_CTL = 499 + SYS_GETENTROPY = 500 + SYS_NECP_OPEN = 501 + SYS_NECP_CLIENT_ACTION = 502 + SYS___NEXUS_OPEN = 503 + SYS___NEXUS_REGISTER = 504 + SYS___NEXUS_DEREGISTER = 505 + SYS___NEXUS_CREATE = 506 + SYS___NEXUS_DESTROY = 507 + SYS___NEXUS_GET_OPT = 508 + SYS___NEXUS_SET_OPT = 509 + SYS___CHANNEL_OPEN = 510 + SYS___CHANNEL_GET_INFO = 511 + SYS___CHANNEL_SYNC = 512 + SYS___CHANNEL_GET_OPT = 513 + SYS___CHANNEL_SET_OPT = 514 + SYS_ULOCK_WAIT = 515 + SYS_ULOCK_WAKE = 516 + SYS_FCLONEFILEAT = 517 + SYS_FS_SNAPSHOT = 518 + SYS_TERMINATE_WITH_PAYLOAD = 520 + SYS_ABORT_WITH_PAYLOAD = 521 + SYS_NECP_SESSION_OPEN = 522 + SYS_NECP_SESSION_ACTION = 523 + SYS_SETATTRLISTAT = 524 + SYS_NET_QOS_GUIDELINE = 525 + SYS_FMOUNT = 526 + SYS_NTP_ADJTIME = 527 + SYS_NTP_GETTIME = 528 + SYS_OS_FAULT_WITH_PAYLOAD = 529 + SYS_MAXSYSCALL = 530 + SYS_INVALID = 63 +) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go new file mode 100644 index 000000000000..a2fc91d6a800 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go @@ -0,0 +1,439 @@ +// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk/usr/include/sys/syscall.h +// Code generated by the command above; see README.md. DO NOT EDIT. + +// +build amd64,darwin + +package unix + +// Deprecated: Use libSystem wrappers instead of direct syscalls. +const ( + SYS_SYSCALL = 0 + SYS_EXIT = 1 + SYS_FORK = 2 + SYS_READ = 3 + SYS_WRITE = 4 + SYS_OPEN = 5 + SYS_CLOSE = 6 + SYS_WAIT4 = 7 + SYS_LINK = 9 + SYS_UNLINK = 10 + SYS_CHDIR = 12 + SYS_FCHDIR = 13 + SYS_MKNOD = 14 + SYS_CHMOD = 15 + SYS_CHOWN = 16 + SYS_GETFSSTAT = 18 + SYS_GETPID = 20 + SYS_SETUID = 23 + SYS_GETUID = 24 + SYS_GETEUID = 25 + SYS_PTRACE = 26 + SYS_RECVMSG = 27 + SYS_SENDMSG = 28 + SYS_RECVFROM = 29 + SYS_ACCEPT = 30 + SYS_GETPEERNAME = 31 + SYS_GETSOCKNAME = 32 + SYS_ACCESS = 33 + SYS_CHFLAGS = 34 + SYS_FCHFLAGS = 35 + SYS_SYNC = 36 + SYS_KILL = 37 + SYS_GETPPID = 39 + SYS_DUP = 41 + SYS_PIPE = 42 + SYS_GETEGID = 43 + SYS_SIGACTION = 46 + SYS_GETGID = 47 + SYS_SIGPROCMASK = 48 + SYS_GETLOGIN = 49 + SYS_SETLOGIN = 50 + SYS_ACCT = 51 + SYS_SIGPENDING = 52 + SYS_SIGALTSTACK = 53 + SYS_IOCTL = 54 + SYS_REBOOT = 55 + SYS_REVOKE = 56 + SYS_SYMLINK = 57 + SYS_READLINK = 58 + SYS_EXECVE = 59 + SYS_UMASK = 60 + SYS_CHROOT = 61 + SYS_MSYNC = 65 + SYS_VFORK = 66 + SYS_MUNMAP = 73 + SYS_MPROTECT = 74 + SYS_MADVISE = 75 + SYS_MINCORE = 78 + SYS_GETGROUPS = 79 + SYS_SETGROUPS = 80 + SYS_GETPGRP = 81 + SYS_SETPGID = 82 + SYS_SETITIMER = 83 + SYS_SWAPON = 85 + SYS_GETITIMER = 86 + SYS_GETDTABLESIZE = 89 + SYS_DUP2 = 90 + SYS_FCNTL = 92 + SYS_SELECT = 93 + SYS_FSYNC = 95 + SYS_SETPRIORITY = 96 + SYS_SOCKET = 97 + SYS_CONNECT = 98 + SYS_GETPRIORITY = 100 + SYS_BIND = 104 + SYS_SETSOCKOPT = 105 + SYS_LISTEN = 106 + SYS_SIGSUSPEND = 111 + SYS_GETTIMEOFDAY = 116 + SYS_GETRUSAGE = 117 + SYS_GETSOCKOPT = 118 + SYS_READV = 120 + SYS_WRITEV = 121 + SYS_SETTIMEOFDAY = 122 + SYS_FCHOWN = 123 + SYS_FCHMOD = 124 + SYS_SETREUID = 126 + SYS_SETREGID = 127 + SYS_RENAME = 128 + SYS_FLOCK = 131 + SYS_MKFIFO = 132 + SYS_SENDTO = 133 + SYS_SHUTDOWN = 134 + SYS_SOCKETPAIR = 135 + SYS_MKDIR = 136 + SYS_RMDIR = 137 + SYS_UTIMES = 138 + SYS_FUTIMES = 139 + SYS_ADJTIME = 140 + SYS_GETHOSTUUID = 142 + SYS_SETSID = 147 + SYS_GETPGID = 151 + SYS_SETPRIVEXEC = 152 + SYS_PREAD = 153 + SYS_PWRITE = 154 + SYS_NFSSVC = 155 + SYS_STATFS = 157 + SYS_FSTATFS = 158 + SYS_UNMOUNT = 159 + SYS_GETFH = 161 + SYS_QUOTACTL = 165 + SYS_MOUNT = 167 + SYS_CSOPS = 169 + SYS_CSOPS_AUDITTOKEN = 170 + SYS_WAITID = 173 + SYS_KDEBUG_TYPEFILTER = 177 + SYS_KDEBUG_TRACE_STRING = 178 + SYS_KDEBUG_TRACE64 = 179 + SYS_KDEBUG_TRACE = 180 + SYS_SETGID = 181 + SYS_SETEGID = 182 + SYS_SETEUID = 183 + SYS_SIGRETURN = 184 + SYS_THREAD_SELFCOUNTS = 186 + SYS_FDATASYNC = 187 + SYS_STAT = 188 + SYS_FSTAT = 189 + SYS_LSTAT = 190 + SYS_PATHCONF = 191 + SYS_FPATHCONF = 192 + SYS_GETRLIMIT = 194 + SYS_SETRLIMIT = 195 + SYS_GETDIRENTRIES = 196 + SYS_MMAP = 197 + SYS_LSEEK = 199 + SYS_TRUNCATE = 200 + SYS_FTRUNCATE = 201 + SYS_SYSCTL = 202 + SYS_MLOCK = 203 + SYS_MUNLOCK = 204 + SYS_UNDELETE = 205 + SYS_OPEN_DPROTECTED_NP = 216 + SYS_GETATTRLIST = 220 + SYS_SETATTRLIST = 221 + SYS_GETDIRENTRIESATTR = 222 + SYS_EXCHANGEDATA = 223 + SYS_SEARCHFS = 225 + SYS_DELETE = 226 + SYS_COPYFILE = 227 + SYS_FGETATTRLIST = 228 + SYS_FSETATTRLIST = 229 + SYS_POLL = 230 + SYS_WATCHEVENT = 231 + SYS_WAITEVENT = 232 + SYS_MODWATCH = 233 + SYS_GETXATTR = 234 + SYS_FGETXATTR = 235 + SYS_SETXATTR = 236 + SYS_FSETXATTR = 237 + SYS_REMOVEXATTR = 238 + SYS_FREMOVEXATTR = 239 + SYS_LISTXATTR = 240 + SYS_FLISTXATTR = 241 + SYS_FSCTL = 242 + SYS_INITGROUPS = 243 + SYS_POSIX_SPAWN = 244 + SYS_FFSCTL = 245 + SYS_NFSCLNT = 247 + SYS_FHOPEN = 248 + SYS_MINHERIT = 250 + SYS_SEMSYS = 251 + SYS_MSGSYS = 252 + SYS_SHMSYS = 253 + SYS_SEMCTL = 254 + SYS_SEMGET = 255 + SYS_SEMOP = 256 + SYS_MSGCTL = 258 + SYS_MSGGET = 259 + SYS_MSGSND = 260 + SYS_MSGRCV = 261 + SYS_SHMAT = 262 + SYS_SHMCTL = 263 + SYS_SHMDT = 264 + SYS_SHMGET = 265 + SYS_SHM_OPEN = 266 + SYS_SHM_UNLINK = 267 + SYS_SEM_OPEN = 268 + SYS_SEM_CLOSE = 269 + SYS_SEM_UNLINK = 270 + SYS_SEM_WAIT = 271 + SYS_SEM_TRYWAIT = 272 + SYS_SEM_POST = 273 + SYS_SYSCTLBYNAME = 274 + SYS_OPEN_EXTENDED = 277 + SYS_UMASK_EXTENDED = 278 + SYS_STAT_EXTENDED = 279 + SYS_LSTAT_EXTENDED = 280 + SYS_FSTAT_EXTENDED = 281 + SYS_CHMOD_EXTENDED = 282 + SYS_FCHMOD_EXTENDED = 283 + SYS_ACCESS_EXTENDED = 284 + SYS_SETTID = 285 + SYS_GETTID = 286 + SYS_SETSGROUPS = 287 + SYS_GETSGROUPS = 288 + SYS_SETWGROUPS = 289 + SYS_GETWGROUPS = 290 + SYS_MKFIFO_EXTENDED = 291 + SYS_MKDIR_EXTENDED = 292 + SYS_IDENTITYSVC = 293 + SYS_SHARED_REGION_CHECK_NP = 294 + SYS_VM_PRESSURE_MONITOR = 296 + SYS_PSYNCH_RW_LONGRDLOCK = 297 + SYS_PSYNCH_RW_YIELDWRLOCK = 298 + SYS_PSYNCH_RW_DOWNGRADE = 299 + SYS_PSYNCH_RW_UPGRADE = 300 + SYS_PSYNCH_MUTEXWAIT = 301 + SYS_PSYNCH_MUTEXDROP = 302 + SYS_PSYNCH_CVBROAD = 303 + SYS_PSYNCH_CVSIGNAL = 304 + SYS_PSYNCH_CVWAIT = 305 + SYS_PSYNCH_RW_RDLOCK = 306 + SYS_PSYNCH_RW_WRLOCK = 307 + SYS_PSYNCH_RW_UNLOCK = 308 + SYS_PSYNCH_RW_UNLOCK2 = 309 + SYS_GETSID = 310 + SYS_SETTID_WITH_PID = 311 + SYS_PSYNCH_CVCLRPREPOST = 312 + SYS_AIO_FSYNC = 313 + SYS_AIO_RETURN = 314 + SYS_AIO_SUSPEND = 315 + SYS_AIO_CANCEL = 316 + SYS_AIO_ERROR = 317 + SYS_AIO_READ = 318 + SYS_AIO_WRITE = 319 + SYS_LIO_LISTIO = 320 + SYS_IOPOLICYSYS = 322 + SYS_PROCESS_POLICY = 323 + SYS_MLOCKALL = 324 + SYS_MUNLOCKALL = 325 + SYS_ISSETUGID = 327 + SYS___PTHREAD_KILL = 328 + SYS___PTHREAD_SIGMASK = 329 + SYS___SIGWAIT = 330 + SYS___DISABLE_THREADSIGNAL = 331 + SYS___PTHREAD_MARKCANCEL = 332 + SYS___PTHREAD_CANCELED = 333 + SYS___SEMWAIT_SIGNAL = 334 + SYS_PROC_INFO = 336 + SYS_SENDFILE = 337 + SYS_STAT64 = 338 + SYS_FSTAT64 = 339 + SYS_LSTAT64 = 340 + SYS_STAT64_EXTENDED = 341 + SYS_LSTAT64_EXTENDED = 342 + SYS_FSTAT64_EXTENDED = 343 + SYS_GETDIRENTRIES64 = 344 + SYS_STATFS64 = 345 + SYS_FSTATFS64 = 346 + SYS_GETFSSTAT64 = 347 + SYS___PTHREAD_CHDIR = 348 + SYS___PTHREAD_FCHDIR = 349 + SYS_AUDIT = 350 + SYS_AUDITON = 351 + SYS_GETAUID = 353 + SYS_SETAUID = 354 + SYS_GETAUDIT_ADDR = 357 + SYS_SETAUDIT_ADDR = 358 + SYS_AUDITCTL = 359 + SYS_BSDTHREAD_CREATE = 360 + SYS_BSDTHREAD_TERMINATE = 361 + SYS_KQUEUE = 362 + SYS_KEVENT = 363 + SYS_LCHOWN = 364 + SYS_BSDTHREAD_REGISTER = 366 + SYS_WORKQ_OPEN = 367 + SYS_WORKQ_KERNRETURN = 368 + SYS_KEVENT64 = 369 + SYS___OLD_SEMWAIT_SIGNAL = 370 + SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371 + SYS_THREAD_SELFID = 372 + SYS_LEDGER = 373 + SYS_KEVENT_QOS = 374 + SYS_KEVENT_ID = 375 + SYS___MAC_EXECVE = 380 + SYS___MAC_SYSCALL = 381 + SYS___MAC_GET_FILE = 382 + SYS___MAC_SET_FILE = 383 + SYS___MAC_GET_LINK = 384 + SYS___MAC_SET_LINK = 385 + SYS___MAC_GET_PROC = 386 + SYS___MAC_SET_PROC = 387 + SYS___MAC_GET_FD = 388 + SYS___MAC_SET_FD = 389 + SYS___MAC_GET_PID = 390 + SYS_PSELECT = 394 + SYS_PSELECT_NOCANCEL = 395 + SYS_READ_NOCANCEL = 396 + SYS_WRITE_NOCANCEL = 397 + SYS_OPEN_NOCANCEL = 398 + SYS_CLOSE_NOCANCEL = 399 + SYS_WAIT4_NOCANCEL = 400 + SYS_RECVMSG_NOCANCEL = 401 + SYS_SENDMSG_NOCANCEL = 402 + SYS_RECVFROM_NOCANCEL = 403 + SYS_ACCEPT_NOCANCEL = 404 + SYS_MSYNC_NOCANCEL = 405 + SYS_FCNTL_NOCANCEL = 406 + SYS_SELECT_NOCANCEL = 407 + SYS_FSYNC_NOCANCEL = 408 + SYS_CONNECT_NOCANCEL = 409 + SYS_SIGSUSPEND_NOCANCEL = 410 + SYS_READV_NOCANCEL = 411 + SYS_WRITEV_NOCANCEL = 412 + SYS_SENDTO_NOCANCEL = 413 + SYS_PREAD_NOCANCEL = 414 + SYS_PWRITE_NOCANCEL = 415 + SYS_WAITID_NOCANCEL = 416 + SYS_POLL_NOCANCEL = 417 + SYS_MSGSND_NOCANCEL = 418 + SYS_MSGRCV_NOCANCEL = 419 + SYS_SEM_WAIT_NOCANCEL = 420 + SYS_AIO_SUSPEND_NOCANCEL = 421 + SYS___SIGWAIT_NOCANCEL = 422 + SYS___SEMWAIT_SIGNAL_NOCANCEL = 423 + SYS___MAC_MOUNT = 424 + SYS___MAC_GET_MOUNT = 425 + SYS___MAC_GETFSSTAT = 426 + SYS_FSGETPATH = 427 + SYS_AUDIT_SESSION_SELF = 428 + SYS_AUDIT_SESSION_JOIN = 429 + SYS_FILEPORT_MAKEPORT = 430 + SYS_FILEPORT_MAKEFD = 431 + SYS_AUDIT_SESSION_PORT = 432 + SYS_PID_SUSPEND = 433 + SYS_PID_RESUME = 434 + SYS_PID_HIBERNATE = 435 + SYS_PID_SHUTDOWN_SOCKETS = 436 + SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438 + SYS_KAS_INFO = 439 + SYS_MEMORYSTATUS_CONTROL = 440 + SYS_GUARDED_OPEN_NP = 441 + SYS_GUARDED_CLOSE_NP = 442 + SYS_GUARDED_KQUEUE_NP = 443 + SYS_CHANGE_FDGUARD_NP = 444 + SYS_USRCTL = 445 + SYS_PROC_RLIMIT_CONTROL = 446 + SYS_CONNECTX = 447 + SYS_DISCONNECTX = 448 + SYS_PEELOFF = 449 + SYS_SOCKET_DELEGATE = 450 + SYS_TELEMETRY = 451 + SYS_PROC_UUID_POLICY = 452 + SYS_MEMORYSTATUS_GET_LEVEL = 453 + SYS_SYSTEM_OVERRIDE = 454 + SYS_VFS_PURGE = 455 + SYS_SFI_CTL = 456 + SYS_SFI_PIDCTL = 457 + SYS_COALITION = 458 + SYS_COALITION_INFO = 459 + SYS_NECP_MATCH_POLICY = 460 + SYS_GETATTRLISTBULK = 461 + SYS_CLONEFILEAT = 462 + SYS_OPENAT = 463 + SYS_OPENAT_NOCANCEL = 464 + SYS_RENAMEAT = 465 + SYS_FACCESSAT = 466 + SYS_FCHMODAT = 467 + SYS_FCHOWNAT = 468 + SYS_FSTATAT = 469 + SYS_FSTATAT64 = 470 + SYS_LINKAT = 471 + SYS_UNLINKAT = 472 + SYS_READLINKAT = 473 + SYS_SYMLINKAT = 474 + SYS_MKDIRAT = 475 + SYS_GETATTRLISTAT = 476 + SYS_PROC_TRACE_LOG = 477 + SYS_BSDTHREAD_CTL = 478 + SYS_OPENBYID_NP = 479 + SYS_RECVMSG_X = 480 + SYS_SENDMSG_X = 481 + SYS_THREAD_SELFUSAGE = 482 + SYS_CSRCTL = 483 + SYS_GUARDED_OPEN_DPROTECTED_NP = 484 + SYS_GUARDED_WRITE_NP = 485 + SYS_GUARDED_PWRITE_NP = 486 + SYS_GUARDED_WRITEV_NP = 487 + SYS_RENAMEATX_NP = 488 + SYS_MREMAP_ENCRYPTED = 489 + SYS_NETAGENT_TRIGGER = 490 + SYS_STACK_SNAPSHOT_WITH_CONFIG = 491 + SYS_MICROSTACKSHOT = 492 + SYS_GRAB_PGO_DATA = 493 + SYS_PERSONA = 494 + SYS_WORK_INTERVAL_CTL = 499 + SYS_GETENTROPY = 500 + SYS_NECP_OPEN = 501 + SYS_NECP_CLIENT_ACTION = 502 + SYS___NEXUS_OPEN = 503 + SYS___NEXUS_REGISTER = 504 + SYS___NEXUS_DEREGISTER = 505 + SYS___NEXUS_CREATE = 506 + SYS___NEXUS_DESTROY = 507 + SYS___NEXUS_GET_OPT = 508 + SYS___NEXUS_SET_OPT = 509 + SYS___CHANNEL_OPEN = 510 + SYS___CHANNEL_GET_INFO = 511 + SYS___CHANNEL_SYNC = 512 + SYS___CHANNEL_GET_OPT = 513 + SYS___CHANNEL_SET_OPT = 514 + SYS_ULOCK_WAIT = 515 + SYS_ULOCK_WAKE = 516 + SYS_FCLONEFILEAT = 517 + SYS_FS_SNAPSHOT = 518 + SYS_TERMINATE_WITH_PAYLOAD = 520 + SYS_ABORT_WITH_PAYLOAD = 521 + SYS_NECP_SESSION_OPEN = 522 + SYS_NECP_SESSION_ACTION = 523 + SYS_SETATTRLISTAT = 524 + SYS_NET_QOS_GUIDELINE = 525 + SYS_FMOUNT = 526 + SYS_NTP_ADJTIME = 527 + SYS_NTP_GETTIME = 528 + SYS_OS_FAULT_WITH_PAYLOAD = 529 + SYS_KQUEUE_WORKLOOP_CTL = 530 + SYS___MACH_BRIDGE_REMOTE_TIME = 531 + SYS_MAXSYSCALL = 532 + SYS_INVALID = 63 +) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go new file mode 100644 index 000000000000..20d7808ace3d --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go @@ -0,0 +1,437 @@ +// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS11.1.sdk/usr/include/sys/syscall.h +// Code generated by the command above; see README.md. DO NOT EDIT. + +// +build arm,darwin + +package unix + +// Deprecated: Use libSystem wrappers instead of direct syscalls. +const ( + SYS_SYSCALL = 0 + SYS_EXIT = 1 + SYS_FORK = 2 + SYS_READ = 3 + SYS_WRITE = 4 + SYS_OPEN = 5 + SYS_CLOSE = 6 + SYS_WAIT4 = 7 + SYS_LINK = 9 + SYS_UNLINK = 10 + SYS_CHDIR = 12 + SYS_FCHDIR = 13 + SYS_MKNOD = 14 + SYS_CHMOD = 15 + SYS_CHOWN = 16 + SYS_GETFSSTAT = 18 + SYS_GETPID = 20 + SYS_SETUID = 23 + SYS_GETUID = 24 + SYS_GETEUID = 25 + SYS_PTRACE = 26 + SYS_RECVMSG = 27 + SYS_SENDMSG = 28 + SYS_RECVFROM = 29 + SYS_ACCEPT = 30 + SYS_GETPEERNAME = 31 + SYS_GETSOCKNAME = 32 + SYS_ACCESS = 33 + SYS_CHFLAGS = 34 + SYS_FCHFLAGS = 35 + SYS_SYNC = 36 + SYS_KILL = 37 + SYS_GETPPID = 39 + SYS_DUP = 41 + SYS_PIPE = 42 + SYS_GETEGID = 43 + SYS_SIGACTION = 46 + SYS_GETGID = 47 + SYS_SIGPROCMASK = 48 + SYS_GETLOGIN = 49 + SYS_SETLOGIN = 50 + SYS_ACCT = 51 + SYS_SIGPENDING = 52 + SYS_SIGALTSTACK = 53 + SYS_IOCTL = 54 + SYS_REBOOT = 55 + SYS_REVOKE = 56 + SYS_SYMLINK = 57 + SYS_READLINK = 58 + SYS_EXECVE = 59 + SYS_UMASK = 60 + SYS_CHROOT = 61 + SYS_MSYNC = 65 + SYS_VFORK = 66 + SYS_MUNMAP = 73 + SYS_MPROTECT = 74 + SYS_MADVISE = 75 + SYS_MINCORE = 78 + SYS_GETGROUPS = 79 + SYS_SETGROUPS = 80 + SYS_GETPGRP = 81 + SYS_SETPGID = 82 + SYS_SETITIMER = 83 + SYS_SWAPON = 85 + SYS_GETITIMER = 86 + SYS_GETDTABLESIZE = 89 + SYS_DUP2 = 90 + SYS_FCNTL = 92 + SYS_SELECT = 93 + SYS_FSYNC = 95 + SYS_SETPRIORITY = 96 + SYS_SOCKET = 97 + SYS_CONNECT = 98 + SYS_GETPRIORITY = 100 + SYS_BIND = 104 + SYS_SETSOCKOPT = 105 + SYS_LISTEN = 106 + SYS_SIGSUSPEND = 111 + SYS_GETTIMEOFDAY = 116 + SYS_GETRUSAGE = 117 + SYS_GETSOCKOPT = 118 + SYS_READV = 120 + SYS_WRITEV = 121 + SYS_SETTIMEOFDAY = 122 + SYS_FCHOWN = 123 + SYS_FCHMOD = 124 + SYS_SETREUID = 126 + SYS_SETREGID = 127 + SYS_RENAME = 128 + SYS_FLOCK = 131 + SYS_MKFIFO = 132 + SYS_SENDTO = 133 + SYS_SHUTDOWN = 134 + SYS_SOCKETPAIR = 135 + SYS_MKDIR = 136 + SYS_RMDIR = 137 + SYS_UTIMES = 138 + SYS_FUTIMES = 139 + SYS_ADJTIME = 140 + SYS_GETHOSTUUID = 142 + SYS_SETSID = 147 + SYS_GETPGID = 151 + SYS_SETPRIVEXEC = 152 + SYS_PREAD = 153 + SYS_PWRITE = 154 + SYS_NFSSVC = 155 + SYS_STATFS = 157 + SYS_FSTATFS = 158 + SYS_UNMOUNT = 159 + SYS_GETFH = 161 + SYS_QUOTACTL = 165 + SYS_MOUNT = 167 + SYS_CSOPS = 169 + SYS_CSOPS_AUDITTOKEN = 170 + SYS_WAITID = 173 + SYS_KDEBUG_TYPEFILTER = 177 + SYS_KDEBUG_TRACE_STRING = 178 + SYS_KDEBUG_TRACE64 = 179 + SYS_KDEBUG_TRACE = 180 + SYS_SETGID = 181 + SYS_SETEGID = 182 + SYS_SETEUID = 183 + SYS_SIGRETURN = 184 + SYS_THREAD_SELFCOUNTS = 186 + SYS_FDATASYNC = 187 + SYS_STAT = 188 + SYS_FSTAT = 189 + SYS_LSTAT = 190 + SYS_PATHCONF = 191 + SYS_FPATHCONF = 192 + SYS_GETRLIMIT = 194 + SYS_SETRLIMIT = 195 + SYS_GETDIRENTRIES = 196 + SYS_MMAP = 197 + SYS_LSEEK = 199 + SYS_TRUNCATE = 200 + SYS_FTRUNCATE = 201 + SYS_SYSCTL = 202 + SYS_MLOCK = 203 + SYS_MUNLOCK = 204 + SYS_UNDELETE = 205 + SYS_OPEN_DPROTECTED_NP = 216 + SYS_GETATTRLIST = 220 + SYS_SETATTRLIST = 221 + SYS_GETDIRENTRIESATTR = 222 + SYS_EXCHANGEDATA = 223 + SYS_SEARCHFS = 225 + SYS_DELETE = 226 + SYS_COPYFILE = 227 + SYS_FGETATTRLIST = 228 + SYS_FSETATTRLIST = 229 + SYS_POLL = 230 + SYS_WATCHEVENT = 231 + SYS_WAITEVENT = 232 + SYS_MODWATCH = 233 + SYS_GETXATTR = 234 + SYS_FGETXATTR = 235 + SYS_SETXATTR = 236 + SYS_FSETXATTR = 237 + SYS_REMOVEXATTR = 238 + SYS_FREMOVEXATTR = 239 + SYS_LISTXATTR = 240 + SYS_FLISTXATTR = 241 + SYS_FSCTL = 242 + SYS_INITGROUPS = 243 + SYS_POSIX_SPAWN = 244 + SYS_FFSCTL = 245 + SYS_NFSCLNT = 247 + SYS_FHOPEN = 248 + SYS_MINHERIT = 250 + SYS_SEMSYS = 251 + SYS_MSGSYS = 252 + SYS_SHMSYS = 253 + SYS_SEMCTL = 254 + SYS_SEMGET = 255 + SYS_SEMOP = 256 + SYS_MSGCTL = 258 + SYS_MSGGET = 259 + SYS_MSGSND = 260 + SYS_MSGRCV = 261 + SYS_SHMAT = 262 + SYS_SHMCTL = 263 + SYS_SHMDT = 264 + SYS_SHMGET = 265 + SYS_SHM_OPEN = 266 + SYS_SHM_UNLINK = 267 + SYS_SEM_OPEN = 268 + SYS_SEM_CLOSE = 269 + SYS_SEM_UNLINK = 270 + SYS_SEM_WAIT = 271 + SYS_SEM_TRYWAIT = 272 + SYS_SEM_POST = 273 + SYS_SYSCTLBYNAME = 274 + SYS_OPEN_EXTENDED = 277 + SYS_UMASK_EXTENDED = 278 + SYS_STAT_EXTENDED = 279 + SYS_LSTAT_EXTENDED = 280 + SYS_FSTAT_EXTENDED = 281 + SYS_CHMOD_EXTENDED = 282 + SYS_FCHMOD_EXTENDED = 283 + SYS_ACCESS_EXTENDED = 284 + SYS_SETTID = 285 + SYS_GETTID = 286 + SYS_SETSGROUPS = 287 + SYS_GETSGROUPS = 288 + SYS_SETWGROUPS = 289 + SYS_GETWGROUPS = 290 + SYS_MKFIFO_EXTENDED = 291 + SYS_MKDIR_EXTENDED = 292 + SYS_IDENTITYSVC = 293 + SYS_SHARED_REGION_CHECK_NP = 294 + SYS_VM_PRESSURE_MONITOR = 296 + SYS_PSYNCH_RW_LONGRDLOCK = 297 + SYS_PSYNCH_RW_YIELDWRLOCK = 298 + SYS_PSYNCH_RW_DOWNGRADE = 299 + SYS_PSYNCH_RW_UPGRADE = 300 + SYS_PSYNCH_MUTEXWAIT = 301 + SYS_PSYNCH_MUTEXDROP = 302 + SYS_PSYNCH_CVBROAD = 303 + SYS_PSYNCH_CVSIGNAL = 304 + SYS_PSYNCH_CVWAIT = 305 + SYS_PSYNCH_RW_RDLOCK = 306 + SYS_PSYNCH_RW_WRLOCK = 307 + SYS_PSYNCH_RW_UNLOCK = 308 + SYS_PSYNCH_RW_UNLOCK2 = 309 + SYS_GETSID = 310 + SYS_SETTID_WITH_PID = 311 + SYS_PSYNCH_CVCLRPREPOST = 312 + SYS_AIO_FSYNC = 313 + SYS_AIO_RETURN = 314 + SYS_AIO_SUSPEND = 315 + SYS_AIO_CANCEL = 316 + SYS_AIO_ERROR = 317 + SYS_AIO_READ = 318 + SYS_AIO_WRITE = 319 + SYS_LIO_LISTIO = 320 + SYS_IOPOLICYSYS = 322 + SYS_PROCESS_POLICY = 323 + SYS_MLOCKALL = 324 + SYS_MUNLOCKALL = 325 + SYS_ISSETUGID = 327 + SYS___PTHREAD_KILL = 328 + SYS___PTHREAD_SIGMASK = 329 + SYS___SIGWAIT = 330 + SYS___DISABLE_THREADSIGNAL = 331 + SYS___PTHREAD_MARKCANCEL = 332 + SYS___PTHREAD_CANCELED = 333 + SYS___SEMWAIT_SIGNAL = 334 + SYS_PROC_INFO = 336 + SYS_SENDFILE = 337 + SYS_STAT64 = 338 + SYS_FSTAT64 = 339 + SYS_LSTAT64 = 340 + SYS_STAT64_EXTENDED = 341 + SYS_LSTAT64_EXTENDED = 342 + SYS_FSTAT64_EXTENDED = 343 + SYS_GETDIRENTRIES64 = 344 + SYS_STATFS64 = 345 + SYS_FSTATFS64 = 346 + SYS_GETFSSTAT64 = 347 + SYS___PTHREAD_CHDIR = 348 + SYS___PTHREAD_FCHDIR = 349 + SYS_AUDIT = 350 + SYS_AUDITON = 351 + SYS_GETAUID = 353 + SYS_SETAUID = 354 + SYS_GETAUDIT_ADDR = 357 + SYS_SETAUDIT_ADDR = 358 + SYS_AUDITCTL = 359 + SYS_BSDTHREAD_CREATE = 360 + SYS_BSDTHREAD_TERMINATE = 361 + SYS_KQUEUE = 362 + SYS_KEVENT = 363 + SYS_LCHOWN = 364 + SYS_BSDTHREAD_REGISTER = 366 + SYS_WORKQ_OPEN = 367 + SYS_WORKQ_KERNRETURN = 368 + SYS_KEVENT64 = 369 + SYS___OLD_SEMWAIT_SIGNAL = 370 + SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371 + SYS_THREAD_SELFID = 372 + SYS_LEDGER = 373 + SYS_KEVENT_QOS = 374 + SYS_KEVENT_ID = 375 + SYS___MAC_EXECVE = 380 + SYS___MAC_SYSCALL = 381 + SYS___MAC_GET_FILE = 382 + SYS___MAC_SET_FILE = 383 + SYS___MAC_GET_LINK = 384 + SYS___MAC_SET_LINK = 385 + SYS___MAC_GET_PROC = 386 + SYS___MAC_SET_PROC = 387 + SYS___MAC_GET_FD = 388 + SYS___MAC_SET_FD = 389 + SYS___MAC_GET_PID = 390 + SYS_PSELECT = 394 + SYS_PSELECT_NOCANCEL = 395 + SYS_READ_NOCANCEL = 396 + SYS_WRITE_NOCANCEL = 397 + SYS_OPEN_NOCANCEL = 398 + SYS_CLOSE_NOCANCEL = 399 + SYS_WAIT4_NOCANCEL = 400 + SYS_RECVMSG_NOCANCEL = 401 + SYS_SENDMSG_NOCANCEL = 402 + SYS_RECVFROM_NOCANCEL = 403 + SYS_ACCEPT_NOCANCEL = 404 + SYS_MSYNC_NOCANCEL = 405 + SYS_FCNTL_NOCANCEL = 406 + SYS_SELECT_NOCANCEL = 407 + SYS_FSYNC_NOCANCEL = 408 + SYS_CONNECT_NOCANCEL = 409 + SYS_SIGSUSPEND_NOCANCEL = 410 + SYS_READV_NOCANCEL = 411 + SYS_WRITEV_NOCANCEL = 412 + SYS_SENDTO_NOCANCEL = 413 + SYS_PREAD_NOCANCEL = 414 + SYS_PWRITE_NOCANCEL = 415 + SYS_WAITID_NOCANCEL = 416 + SYS_POLL_NOCANCEL = 417 + SYS_MSGSND_NOCANCEL = 418 + SYS_MSGRCV_NOCANCEL = 419 + SYS_SEM_WAIT_NOCANCEL = 420 + SYS_AIO_SUSPEND_NOCANCEL = 421 + SYS___SIGWAIT_NOCANCEL = 422 + SYS___SEMWAIT_SIGNAL_NOCANCEL = 423 + SYS___MAC_MOUNT = 424 + SYS___MAC_GET_MOUNT = 425 + SYS___MAC_GETFSSTAT = 426 + SYS_FSGETPATH = 427 + SYS_AUDIT_SESSION_SELF = 428 + SYS_AUDIT_SESSION_JOIN = 429 + SYS_FILEPORT_MAKEPORT = 430 + SYS_FILEPORT_MAKEFD = 431 + SYS_AUDIT_SESSION_PORT = 432 + SYS_PID_SUSPEND = 433 + SYS_PID_RESUME = 434 + SYS_PID_HIBERNATE = 435 + SYS_PID_SHUTDOWN_SOCKETS = 436 + SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438 + SYS_KAS_INFO = 439 + SYS_MEMORYSTATUS_CONTROL = 440 + SYS_GUARDED_OPEN_NP = 441 + SYS_GUARDED_CLOSE_NP = 442 + SYS_GUARDED_KQUEUE_NP = 443 + SYS_CHANGE_FDGUARD_NP = 444 + SYS_USRCTL = 445 + SYS_PROC_RLIMIT_CONTROL = 446 + SYS_CONNECTX = 447 + SYS_DISCONNECTX = 448 + SYS_PEELOFF = 449 + SYS_SOCKET_DELEGATE = 450 + SYS_TELEMETRY = 451 + SYS_PROC_UUID_POLICY = 452 + SYS_MEMORYSTATUS_GET_LEVEL = 453 + SYS_SYSTEM_OVERRIDE = 454 + SYS_VFS_PURGE = 455 + SYS_SFI_CTL = 456 + SYS_SFI_PIDCTL = 457 + SYS_COALITION = 458 + SYS_COALITION_INFO = 459 + SYS_NECP_MATCH_POLICY = 460 + SYS_GETATTRLISTBULK = 461 + SYS_CLONEFILEAT = 462 + SYS_OPENAT = 463 + SYS_OPENAT_NOCANCEL = 464 + SYS_RENAMEAT = 465 + SYS_FACCESSAT = 466 + SYS_FCHMODAT = 467 + SYS_FCHOWNAT = 468 + SYS_FSTATAT = 469 + SYS_FSTATAT64 = 470 + SYS_LINKAT = 471 + SYS_UNLINKAT = 472 + SYS_READLINKAT = 473 + SYS_SYMLINKAT = 474 + SYS_MKDIRAT = 475 + SYS_GETATTRLISTAT = 476 + SYS_PROC_TRACE_LOG = 477 + SYS_BSDTHREAD_CTL = 478 + SYS_OPENBYID_NP = 479 + SYS_RECVMSG_X = 480 + SYS_SENDMSG_X = 481 + SYS_THREAD_SELFUSAGE = 482 + SYS_CSRCTL = 483 + SYS_GUARDED_OPEN_DPROTECTED_NP = 484 + SYS_GUARDED_WRITE_NP = 485 + SYS_GUARDED_PWRITE_NP = 486 + SYS_GUARDED_WRITEV_NP = 487 + SYS_RENAMEATX_NP = 488 + SYS_MREMAP_ENCRYPTED = 489 + SYS_NETAGENT_TRIGGER = 490 + SYS_STACK_SNAPSHOT_WITH_CONFIG = 491 + SYS_MICROSTACKSHOT = 492 + SYS_GRAB_PGO_DATA = 493 + SYS_PERSONA = 494 + SYS_WORK_INTERVAL_CTL = 499 + SYS_GETENTROPY = 500 + SYS_NECP_OPEN = 501 + SYS_NECP_CLIENT_ACTION = 502 + SYS___NEXUS_OPEN = 503 + SYS___NEXUS_REGISTER = 504 + SYS___NEXUS_DEREGISTER = 505 + SYS___NEXUS_CREATE = 506 + SYS___NEXUS_DESTROY = 507 + SYS___NEXUS_GET_OPT = 508 + SYS___NEXUS_SET_OPT = 509 + SYS___CHANNEL_OPEN = 510 + SYS___CHANNEL_GET_INFO = 511 + SYS___CHANNEL_SYNC = 512 + SYS___CHANNEL_GET_OPT = 513 + SYS___CHANNEL_SET_OPT = 514 + SYS_ULOCK_WAIT = 515 + SYS_ULOCK_WAKE = 516 + SYS_FCLONEFILEAT = 517 + SYS_FS_SNAPSHOT = 518 + SYS_TERMINATE_WITH_PAYLOAD = 520 + SYS_ABORT_WITH_PAYLOAD = 521 + SYS_NECP_SESSION_OPEN = 522 + SYS_NECP_SESSION_ACTION = 523 + SYS_SETATTRLISTAT = 524 + SYS_NET_QOS_GUIDELINE = 525 + SYS_FMOUNT = 526 + SYS_NTP_ADJTIME = 527 + SYS_NTP_GETTIME = 528 + SYS_OS_FAULT_WITH_PAYLOAD = 529 + SYS_MAXSYSCALL = 530 + SYS_INVALID = 63 +) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go new file mode 100644 index 000000000000..527b9588cc96 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go @@ -0,0 +1,437 @@ +// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS11.1.sdk/usr/include/sys/syscall.h +// Code generated by the command above; see README.md. DO NOT EDIT. + +// +build arm64,darwin + +package unix + +// Deprecated: Use libSystem wrappers instead of direct syscalls. +const ( + SYS_SYSCALL = 0 + SYS_EXIT = 1 + SYS_FORK = 2 + SYS_READ = 3 + SYS_WRITE = 4 + SYS_OPEN = 5 + SYS_CLOSE = 6 + SYS_WAIT4 = 7 + SYS_LINK = 9 + SYS_UNLINK = 10 + SYS_CHDIR = 12 + SYS_FCHDIR = 13 + SYS_MKNOD = 14 + SYS_CHMOD = 15 + SYS_CHOWN = 16 + SYS_GETFSSTAT = 18 + SYS_GETPID = 20 + SYS_SETUID = 23 + SYS_GETUID = 24 + SYS_GETEUID = 25 + SYS_PTRACE = 26 + SYS_RECVMSG = 27 + SYS_SENDMSG = 28 + SYS_RECVFROM = 29 + SYS_ACCEPT = 30 + SYS_GETPEERNAME = 31 + SYS_GETSOCKNAME = 32 + SYS_ACCESS = 33 + SYS_CHFLAGS = 34 + SYS_FCHFLAGS = 35 + SYS_SYNC = 36 + SYS_KILL = 37 + SYS_GETPPID = 39 + SYS_DUP = 41 + SYS_PIPE = 42 + SYS_GETEGID = 43 + SYS_SIGACTION = 46 + SYS_GETGID = 47 + SYS_SIGPROCMASK = 48 + SYS_GETLOGIN = 49 + SYS_SETLOGIN = 50 + SYS_ACCT = 51 + SYS_SIGPENDING = 52 + SYS_SIGALTSTACK = 53 + SYS_IOCTL = 54 + SYS_REBOOT = 55 + SYS_REVOKE = 56 + SYS_SYMLINK = 57 + SYS_READLINK = 58 + SYS_EXECVE = 59 + SYS_UMASK = 60 + SYS_CHROOT = 61 + SYS_MSYNC = 65 + SYS_VFORK = 66 + SYS_MUNMAP = 73 + SYS_MPROTECT = 74 + SYS_MADVISE = 75 + SYS_MINCORE = 78 + SYS_GETGROUPS = 79 + SYS_SETGROUPS = 80 + SYS_GETPGRP = 81 + SYS_SETPGID = 82 + SYS_SETITIMER = 83 + SYS_SWAPON = 85 + SYS_GETITIMER = 86 + SYS_GETDTABLESIZE = 89 + SYS_DUP2 = 90 + SYS_FCNTL = 92 + SYS_SELECT = 93 + SYS_FSYNC = 95 + SYS_SETPRIORITY = 96 + SYS_SOCKET = 97 + SYS_CONNECT = 98 + SYS_GETPRIORITY = 100 + SYS_BIND = 104 + SYS_SETSOCKOPT = 105 + SYS_LISTEN = 106 + SYS_SIGSUSPEND = 111 + SYS_GETTIMEOFDAY = 116 + SYS_GETRUSAGE = 117 + SYS_GETSOCKOPT = 118 + SYS_READV = 120 + SYS_WRITEV = 121 + SYS_SETTIMEOFDAY = 122 + SYS_FCHOWN = 123 + SYS_FCHMOD = 124 + SYS_SETREUID = 126 + SYS_SETREGID = 127 + SYS_RENAME = 128 + SYS_FLOCK = 131 + SYS_MKFIFO = 132 + SYS_SENDTO = 133 + SYS_SHUTDOWN = 134 + SYS_SOCKETPAIR = 135 + SYS_MKDIR = 136 + SYS_RMDIR = 137 + SYS_UTIMES = 138 + SYS_FUTIMES = 139 + SYS_ADJTIME = 140 + SYS_GETHOSTUUID = 142 + SYS_SETSID = 147 + SYS_GETPGID = 151 + SYS_SETPRIVEXEC = 152 + SYS_PREAD = 153 + SYS_PWRITE = 154 + SYS_NFSSVC = 155 + SYS_STATFS = 157 + SYS_FSTATFS = 158 + SYS_UNMOUNT = 159 + SYS_GETFH = 161 + SYS_QUOTACTL = 165 + SYS_MOUNT = 167 + SYS_CSOPS = 169 + SYS_CSOPS_AUDITTOKEN = 170 + SYS_WAITID = 173 + SYS_KDEBUG_TYPEFILTER = 177 + SYS_KDEBUG_TRACE_STRING = 178 + SYS_KDEBUG_TRACE64 = 179 + SYS_KDEBUG_TRACE = 180 + SYS_SETGID = 181 + SYS_SETEGID = 182 + SYS_SETEUID = 183 + SYS_SIGRETURN = 184 + SYS_THREAD_SELFCOUNTS = 186 + SYS_FDATASYNC = 187 + SYS_STAT = 188 + SYS_FSTAT = 189 + SYS_LSTAT = 190 + SYS_PATHCONF = 191 + SYS_FPATHCONF = 192 + SYS_GETRLIMIT = 194 + SYS_SETRLIMIT = 195 + SYS_GETDIRENTRIES = 196 + SYS_MMAP = 197 + SYS_LSEEK = 199 + SYS_TRUNCATE = 200 + SYS_FTRUNCATE = 201 + SYS_SYSCTL = 202 + SYS_MLOCK = 203 + SYS_MUNLOCK = 204 + SYS_UNDELETE = 205 + SYS_OPEN_DPROTECTED_NP = 216 + SYS_GETATTRLIST = 220 + SYS_SETATTRLIST = 221 + SYS_GETDIRENTRIESATTR = 222 + SYS_EXCHANGEDATA = 223 + SYS_SEARCHFS = 225 + SYS_DELETE = 226 + SYS_COPYFILE = 227 + SYS_FGETATTRLIST = 228 + SYS_FSETATTRLIST = 229 + SYS_POLL = 230 + SYS_WATCHEVENT = 231 + SYS_WAITEVENT = 232 + SYS_MODWATCH = 233 + SYS_GETXATTR = 234 + SYS_FGETXATTR = 235 + SYS_SETXATTR = 236 + SYS_FSETXATTR = 237 + SYS_REMOVEXATTR = 238 + SYS_FREMOVEXATTR = 239 + SYS_LISTXATTR = 240 + SYS_FLISTXATTR = 241 + SYS_FSCTL = 242 + SYS_INITGROUPS = 243 + SYS_POSIX_SPAWN = 244 + SYS_FFSCTL = 245 + SYS_NFSCLNT = 247 + SYS_FHOPEN = 248 + SYS_MINHERIT = 250 + SYS_SEMSYS = 251 + SYS_MSGSYS = 252 + SYS_SHMSYS = 253 + SYS_SEMCTL = 254 + SYS_SEMGET = 255 + SYS_SEMOP = 256 + SYS_MSGCTL = 258 + SYS_MSGGET = 259 + SYS_MSGSND = 260 + SYS_MSGRCV = 261 + SYS_SHMAT = 262 + SYS_SHMCTL = 263 + SYS_SHMDT = 264 + SYS_SHMGET = 265 + SYS_SHM_OPEN = 266 + SYS_SHM_UNLINK = 267 + SYS_SEM_OPEN = 268 + SYS_SEM_CLOSE = 269 + SYS_SEM_UNLINK = 270 + SYS_SEM_WAIT = 271 + SYS_SEM_TRYWAIT = 272 + SYS_SEM_POST = 273 + SYS_SYSCTLBYNAME = 274 + SYS_OPEN_EXTENDED = 277 + SYS_UMASK_EXTENDED = 278 + SYS_STAT_EXTENDED = 279 + SYS_LSTAT_EXTENDED = 280 + SYS_FSTAT_EXTENDED = 281 + SYS_CHMOD_EXTENDED = 282 + SYS_FCHMOD_EXTENDED = 283 + SYS_ACCESS_EXTENDED = 284 + SYS_SETTID = 285 + SYS_GETTID = 286 + SYS_SETSGROUPS = 287 + SYS_GETSGROUPS = 288 + SYS_SETWGROUPS = 289 + SYS_GETWGROUPS = 290 + SYS_MKFIFO_EXTENDED = 291 + SYS_MKDIR_EXTENDED = 292 + SYS_IDENTITYSVC = 293 + SYS_SHARED_REGION_CHECK_NP = 294 + SYS_VM_PRESSURE_MONITOR = 296 + SYS_PSYNCH_RW_LONGRDLOCK = 297 + SYS_PSYNCH_RW_YIELDWRLOCK = 298 + SYS_PSYNCH_RW_DOWNGRADE = 299 + SYS_PSYNCH_RW_UPGRADE = 300 + SYS_PSYNCH_MUTEXWAIT = 301 + SYS_PSYNCH_MUTEXDROP = 302 + SYS_PSYNCH_CVBROAD = 303 + SYS_PSYNCH_CVSIGNAL = 304 + SYS_PSYNCH_CVWAIT = 305 + SYS_PSYNCH_RW_RDLOCK = 306 + SYS_PSYNCH_RW_WRLOCK = 307 + SYS_PSYNCH_RW_UNLOCK = 308 + SYS_PSYNCH_RW_UNLOCK2 = 309 + SYS_GETSID = 310 + SYS_SETTID_WITH_PID = 311 + SYS_PSYNCH_CVCLRPREPOST = 312 + SYS_AIO_FSYNC = 313 + SYS_AIO_RETURN = 314 + SYS_AIO_SUSPEND = 315 + SYS_AIO_CANCEL = 316 + SYS_AIO_ERROR = 317 + SYS_AIO_READ = 318 + SYS_AIO_WRITE = 319 + SYS_LIO_LISTIO = 320 + SYS_IOPOLICYSYS = 322 + SYS_PROCESS_POLICY = 323 + SYS_MLOCKALL = 324 + SYS_MUNLOCKALL = 325 + SYS_ISSETUGID = 327 + SYS___PTHREAD_KILL = 328 + SYS___PTHREAD_SIGMASK = 329 + SYS___SIGWAIT = 330 + SYS___DISABLE_THREADSIGNAL = 331 + SYS___PTHREAD_MARKCANCEL = 332 + SYS___PTHREAD_CANCELED = 333 + SYS___SEMWAIT_SIGNAL = 334 + SYS_PROC_INFO = 336 + SYS_SENDFILE = 337 + SYS_STAT64 = 338 + SYS_FSTAT64 = 339 + SYS_LSTAT64 = 340 + SYS_STAT64_EXTENDED = 341 + SYS_LSTAT64_EXTENDED = 342 + SYS_FSTAT64_EXTENDED = 343 + SYS_GETDIRENTRIES64 = 344 + SYS_STATFS64 = 345 + SYS_FSTATFS64 = 346 + SYS_GETFSSTAT64 = 347 + SYS___PTHREAD_CHDIR = 348 + SYS___PTHREAD_FCHDIR = 349 + SYS_AUDIT = 350 + SYS_AUDITON = 351 + SYS_GETAUID = 353 + SYS_SETAUID = 354 + SYS_GETAUDIT_ADDR = 357 + SYS_SETAUDIT_ADDR = 358 + SYS_AUDITCTL = 359 + SYS_BSDTHREAD_CREATE = 360 + SYS_BSDTHREAD_TERMINATE = 361 + SYS_KQUEUE = 362 + SYS_KEVENT = 363 + SYS_LCHOWN = 364 + SYS_BSDTHREAD_REGISTER = 366 + SYS_WORKQ_OPEN = 367 + SYS_WORKQ_KERNRETURN = 368 + SYS_KEVENT64 = 369 + SYS___OLD_SEMWAIT_SIGNAL = 370 + SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371 + SYS_THREAD_SELFID = 372 + SYS_LEDGER = 373 + SYS_KEVENT_QOS = 374 + SYS_KEVENT_ID = 375 + SYS___MAC_EXECVE = 380 + SYS___MAC_SYSCALL = 381 + SYS___MAC_GET_FILE = 382 + SYS___MAC_SET_FILE = 383 + SYS___MAC_GET_LINK = 384 + SYS___MAC_SET_LINK = 385 + SYS___MAC_GET_PROC = 386 + SYS___MAC_SET_PROC = 387 + SYS___MAC_GET_FD = 388 + SYS___MAC_SET_FD = 389 + SYS___MAC_GET_PID = 390 + SYS_PSELECT = 394 + SYS_PSELECT_NOCANCEL = 395 + SYS_READ_NOCANCEL = 396 + SYS_WRITE_NOCANCEL = 397 + SYS_OPEN_NOCANCEL = 398 + SYS_CLOSE_NOCANCEL = 399 + SYS_WAIT4_NOCANCEL = 400 + SYS_RECVMSG_NOCANCEL = 401 + SYS_SENDMSG_NOCANCEL = 402 + SYS_RECVFROM_NOCANCEL = 403 + SYS_ACCEPT_NOCANCEL = 404 + SYS_MSYNC_NOCANCEL = 405 + SYS_FCNTL_NOCANCEL = 406 + SYS_SELECT_NOCANCEL = 407 + SYS_FSYNC_NOCANCEL = 408 + SYS_CONNECT_NOCANCEL = 409 + SYS_SIGSUSPEND_NOCANCEL = 410 + SYS_READV_NOCANCEL = 411 + SYS_WRITEV_NOCANCEL = 412 + SYS_SENDTO_NOCANCEL = 413 + SYS_PREAD_NOCANCEL = 414 + SYS_PWRITE_NOCANCEL = 415 + SYS_WAITID_NOCANCEL = 416 + SYS_POLL_NOCANCEL = 417 + SYS_MSGSND_NOCANCEL = 418 + SYS_MSGRCV_NOCANCEL = 419 + SYS_SEM_WAIT_NOCANCEL = 420 + SYS_AIO_SUSPEND_NOCANCEL = 421 + SYS___SIGWAIT_NOCANCEL = 422 + SYS___SEMWAIT_SIGNAL_NOCANCEL = 423 + SYS___MAC_MOUNT = 424 + SYS___MAC_GET_MOUNT = 425 + SYS___MAC_GETFSSTAT = 426 + SYS_FSGETPATH = 427 + SYS_AUDIT_SESSION_SELF = 428 + SYS_AUDIT_SESSION_JOIN = 429 + SYS_FILEPORT_MAKEPORT = 430 + SYS_FILEPORT_MAKEFD = 431 + SYS_AUDIT_SESSION_PORT = 432 + SYS_PID_SUSPEND = 433 + SYS_PID_RESUME = 434 + SYS_PID_HIBERNATE = 435 + SYS_PID_SHUTDOWN_SOCKETS = 436 + SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438 + SYS_KAS_INFO = 439 + SYS_MEMORYSTATUS_CONTROL = 440 + SYS_GUARDED_OPEN_NP = 441 + SYS_GUARDED_CLOSE_NP = 442 + SYS_GUARDED_KQUEUE_NP = 443 + SYS_CHANGE_FDGUARD_NP = 444 + SYS_USRCTL = 445 + SYS_PROC_RLIMIT_CONTROL = 446 + SYS_CONNECTX = 447 + SYS_DISCONNECTX = 448 + SYS_PEELOFF = 449 + SYS_SOCKET_DELEGATE = 450 + SYS_TELEMETRY = 451 + SYS_PROC_UUID_POLICY = 452 + SYS_MEMORYSTATUS_GET_LEVEL = 453 + SYS_SYSTEM_OVERRIDE = 454 + SYS_VFS_PURGE = 455 + SYS_SFI_CTL = 456 + SYS_SFI_PIDCTL = 457 + SYS_COALITION = 458 + SYS_COALITION_INFO = 459 + SYS_NECP_MATCH_POLICY = 460 + SYS_GETATTRLISTBULK = 461 + SYS_CLONEFILEAT = 462 + SYS_OPENAT = 463 + SYS_OPENAT_NOCANCEL = 464 + SYS_RENAMEAT = 465 + SYS_FACCESSAT = 466 + SYS_FCHMODAT = 467 + SYS_FCHOWNAT = 468 + SYS_FSTATAT = 469 + SYS_FSTATAT64 = 470 + SYS_LINKAT = 471 + SYS_UNLINKAT = 472 + SYS_READLINKAT = 473 + SYS_SYMLINKAT = 474 + SYS_MKDIRAT = 475 + SYS_GETATTRLISTAT = 476 + SYS_PROC_TRACE_LOG = 477 + SYS_BSDTHREAD_CTL = 478 + SYS_OPENBYID_NP = 479 + SYS_RECVMSG_X = 480 + SYS_SENDMSG_X = 481 + SYS_THREAD_SELFUSAGE = 482 + SYS_CSRCTL = 483 + SYS_GUARDED_OPEN_DPROTECTED_NP = 484 + SYS_GUARDED_WRITE_NP = 485 + SYS_GUARDED_PWRITE_NP = 486 + SYS_GUARDED_WRITEV_NP = 487 + SYS_RENAMEATX_NP = 488 + SYS_MREMAP_ENCRYPTED = 489 + SYS_NETAGENT_TRIGGER = 490 + SYS_STACK_SNAPSHOT_WITH_CONFIG = 491 + SYS_MICROSTACKSHOT = 492 + SYS_GRAB_PGO_DATA = 493 + SYS_PERSONA = 494 + SYS_WORK_INTERVAL_CTL = 499 + SYS_GETENTROPY = 500 + SYS_NECP_OPEN = 501 + SYS_NECP_CLIENT_ACTION = 502 + SYS___NEXUS_OPEN = 503 + SYS___NEXUS_REGISTER = 504 + SYS___NEXUS_DEREGISTER = 505 + SYS___NEXUS_CREATE = 506 + SYS___NEXUS_DESTROY = 507 + SYS___NEXUS_GET_OPT = 508 + SYS___NEXUS_SET_OPT = 509 + SYS___CHANNEL_OPEN = 510 + SYS___CHANNEL_GET_INFO = 511 + SYS___CHANNEL_SYNC = 512 + SYS___CHANNEL_GET_OPT = 513 + SYS___CHANNEL_SET_OPT = 514 + SYS_ULOCK_WAIT = 515 + SYS_ULOCK_WAKE = 516 + SYS_FCLONEFILEAT = 517 + SYS_FS_SNAPSHOT = 518 + SYS_TERMINATE_WITH_PAYLOAD = 520 + SYS_ABORT_WITH_PAYLOAD = 521 + SYS_NECP_SESSION_OPEN = 522 + SYS_NECP_SESSION_ACTION = 523 + SYS_SETATTRLISTAT = 524 + SYS_NET_QOS_GUIDELINE = 525 + SYS_FMOUNT = 526 + SYS_NTP_ADJTIME = 527 + SYS_NTP_GETTIME = 528 + SYS_OS_FAULT_WITH_PAYLOAD = 529 + SYS_MAXSYSCALL = 530 + SYS_INVALID = 63 +) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go index 0f5a3f6970a2..f6742bdee090 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go @@ -435,4 +435,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go index 36d5219ef824..f7e525573bf2 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go @@ -357,4 +357,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go index 3622ba14b4e1..3f60977da678 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go @@ -399,4 +399,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go index 6193c3dc07c1..dbedf4cbaccc 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go @@ -302,4 +302,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go index 640b974345f3..eeff7e1dc930 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go @@ -420,4 +420,5 @@ const ( SYS_OPENAT2 = 4437 SYS_PIDFD_GETFD = 4438 SYS_FACCESSAT2 = 4439 + SYS_PROCESS_MADVISE = 4440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go index 3467fbb5ff1c..73cfa535cd69 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go @@ -350,4 +350,5 @@ const ( SYS_OPENAT2 = 5437 SYS_PIDFD_GETFD = 5438 SYS_FACCESSAT2 = 5439 + SYS_PROCESS_MADVISE = 5440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go index 0fc38d5a72f0..be74729e0cb3 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go @@ -350,4 +350,5 @@ const ( SYS_OPENAT2 = 5437 SYS_PIDFD_GETFD = 5438 SYS_FACCESSAT2 = 5439 + SYS_PROCESS_MADVISE = 5440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go index 999fd55bccb7..2a1047c818c8 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go @@ -420,4 +420,5 @@ const ( SYS_OPENAT2 = 4437 SYS_PIDFD_GETFD = 4438 SYS_FACCESSAT2 = 4439 + SYS_PROCESS_MADVISE = 4440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go index 1df0d799355d..32707428ce27 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go @@ -399,4 +399,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go index 4db39cca4da5..a58572f78108 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go @@ -399,4 +399,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go index e6927401446f..72a65b76026a 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go @@ -301,4 +301,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go index a585aec4e797..1fb9ae5d4932 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go @@ -364,4 +364,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go index d047e567afc6..57636e09e41b 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go @@ -378,4 +378,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go index 2c1f815e6f92..295859c503db 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go +++ b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go @@ -219,6 +219,7 @@ const ( SizeofSockaddrUnix = 0x401 SizeofSockaddrDatalink = 0x80 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofIPv6MTUInfo = 0x20 diff --git a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go index b4a069ecbdff..a9ee0ffd44c1 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go @@ -223,6 +223,7 @@ const ( SizeofSockaddrUnix = 0x401 SizeofSockaddrDatalink = 0x80 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofIPv6MTUInfo = 0x20 diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go index 9ea0293aa8bc..725b4bee27db 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go @@ -194,6 +194,15 @@ type RawSockaddrAny struct { Pad [92]int8 } +type RawSockaddrCtl struct { + Sc_len uint8 + Sc_family uint8 + Ss_sysaddr uint16 + Sc_id uint32 + Sc_unit uint32 + Sc_reserved [5]uint32 +} + type _Socklen uint32 type Linger struct { @@ -258,7 +267,9 @@ const ( SizeofSockaddrAny = 0x6c SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 + SizeofSockaddrCtl = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go index 255e6cbb6556..080ffce32550 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go @@ -199,6 +199,15 @@ type RawSockaddrAny struct { Pad [92]int8 } +type RawSockaddrCtl struct { + Sc_len uint8 + Sc_family uint8 + Ss_sysaddr uint16 + Sc_id uint32 + Sc_unit uint32 + Sc_reserved [5]uint32 +} + type _Socklen uint32 type Linger struct { @@ -263,7 +272,9 @@ const ( SizeofSockaddrAny = 0x6c SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 + SizeofSockaddrCtl = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go index e21c828504fd..f2a77bc4e28e 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go @@ -194,6 +194,15 @@ type RawSockaddrAny struct { Pad [92]int8 } +type RawSockaddrCtl struct { + Sc_len uint8 + Sc_family uint8 + Ss_sysaddr uint16 + Sc_id uint32 + Sc_unit uint32 + Sc_reserved [5]uint32 +} + type _Socklen uint32 type Linger struct { @@ -258,7 +267,9 @@ const ( SizeofSockaddrAny = 0x6c SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 + SizeofSockaddrCtl = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go index 5eff2c1c4440..c9492428bfa3 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go @@ -199,6 +199,15 @@ type RawSockaddrAny struct { Pad [92]int8 } +type RawSockaddrCtl struct { + Sc_len uint8 + Sc_family uint8 + Ss_sysaddr uint16 + Sc_id uint32 + Sc_unit uint32 + Sc_reserved [5]uint32 +} + type _Socklen uint32 type Linger struct { @@ -263,7 +272,9 @@ const ( SizeofSockaddrAny = 0x6c SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 + SizeofSockaddrCtl = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go index c4772df23bfd..85506a05d4b8 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go @@ -234,6 +234,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go index 2a3ec615f753..3e9dad33e338 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go @@ -313,6 +313,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPMreqn = 0xc SizeofIPv6Mreq = 0x14 diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go index e11e95499e87..e00e615544c8 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go @@ -309,6 +309,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPMreqn = 0xc SizeofIPv6Mreq = 0x14 diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go index b91c2ae0f015..5da13c871b54 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go @@ -311,6 +311,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPMreqn = 0xc SizeofIPv6Mreq = 0x14 diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go index c6fe1d097d8f..995ecf9d4e2c 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go @@ -309,6 +309,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPMreqn = 0xc SizeofIPv6Mreq = 0x14 diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go index 773fc321b7fd..9f3b1a4e56e3 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -462,170 +462,107 @@ const ( ) const ( - NDA_UNSPEC = 0x0 - NDA_DST = 0x1 - NDA_LLADDR = 0x2 - NDA_CACHEINFO = 0x3 - NDA_PROBES = 0x4 - NDA_VLAN = 0x5 - NDA_PORT = 0x6 - NDA_VNI = 0x7 - NDA_IFINDEX = 0x8 - NDA_MASTER = 0x9 - NDA_LINK_NETNSID = 0xa - NDA_SRC_VNI = 0xb - NTF_USE = 0x1 - NTF_SELF = 0x2 - NTF_MASTER = 0x4 - NTF_PROXY = 0x8 - NTF_EXT_LEARNED = 0x10 - NTF_OFFLOADED = 0x20 - NTF_ROUTER = 0x80 - NUD_INCOMPLETE = 0x1 - NUD_REACHABLE = 0x2 - NUD_STALE = 0x4 - NUD_DELAY = 0x8 - NUD_PROBE = 0x10 - NUD_FAILED = 0x20 - NUD_NOARP = 0x40 - NUD_PERMANENT = 0x80 - NUD_NONE = 0x0 - IFA_UNSPEC = 0x0 - IFA_ADDRESS = 0x1 - IFA_LOCAL = 0x2 - IFA_LABEL = 0x3 - IFA_BROADCAST = 0x4 - IFA_ANYCAST = 0x5 - IFA_CACHEINFO = 0x6 - IFA_MULTICAST = 0x7 - IFA_FLAGS = 0x8 - IFA_RT_PRIORITY = 0x9 - IFA_TARGET_NETNSID = 0xa - IFLA_UNSPEC = 0x0 - IFLA_ADDRESS = 0x1 - IFLA_BROADCAST = 0x2 - IFLA_IFNAME = 0x3 - IFLA_MTU = 0x4 - IFLA_LINK = 0x5 - IFLA_QDISC = 0x6 - IFLA_STATS = 0x7 - IFLA_COST = 0x8 - IFLA_PRIORITY = 0x9 - IFLA_MASTER = 0xa - IFLA_WIRELESS = 0xb - IFLA_PROTINFO = 0xc - IFLA_TXQLEN = 0xd - IFLA_MAP = 0xe - IFLA_WEIGHT = 0xf - IFLA_OPERSTATE = 0x10 - IFLA_LINKMODE = 0x11 - IFLA_LINKINFO = 0x12 - IFLA_NET_NS_PID = 0x13 - IFLA_IFALIAS = 0x14 - IFLA_NUM_VF = 0x15 - IFLA_VFINFO_LIST = 0x16 - IFLA_STATS64 = 0x17 - IFLA_VF_PORTS = 0x18 - IFLA_PORT_SELF = 0x19 - IFLA_AF_SPEC = 0x1a - IFLA_GROUP = 0x1b - IFLA_NET_NS_FD = 0x1c - IFLA_EXT_MASK = 0x1d - IFLA_PROMISCUITY = 0x1e - IFLA_NUM_TX_QUEUES = 0x1f - IFLA_NUM_RX_QUEUES = 0x20 - IFLA_CARRIER = 0x21 - IFLA_PHYS_PORT_ID = 0x22 - IFLA_CARRIER_CHANGES = 0x23 - IFLA_PHYS_SWITCH_ID = 0x24 - IFLA_LINK_NETNSID = 0x25 - IFLA_PHYS_PORT_NAME = 0x26 - IFLA_PROTO_DOWN = 0x27 - IFLA_GSO_MAX_SEGS = 0x28 - IFLA_GSO_MAX_SIZE = 0x29 - IFLA_PAD = 0x2a - IFLA_XDP = 0x2b - IFLA_EVENT = 0x2c - IFLA_NEW_NETNSID = 0x2d - IFLA_IF_NETNSID = 0x2e - IFLA_TARGET_NETNSID = 0x2e - IFLA_CARRIER_UP_COUNT = 0x2f - IFLA_CARRIER_DOWN_COUNT = 0x30 - IFLA_NEW_IFINDEX = 0x31 - IFLA_MIN_MTU = 0x32 - IFLA_MAX_MTU = 0x33 - IFLA_PROP_LIST = 0x34 - IFLA_ALT_IFNAME = 0x35 - IFLA_PERM_ADDRESS = 0x36 - IFLA_PROTO_DOWN_REASON = 0x37 - IFLA_MAX = 0x37 - IFLA_INFO_KIND = 0x1 - IFLA_INFO_DATA = 0x2 - IFLA_INFO_XSTATS = 0x3 - IFLA_INFO_SLAVE_KIND = 0x4 - IFLA_INFO_SLAVE_DATA = 0x5 - RT_SCOPE_UNIVERSE = 0x0 - RT_SCOPE_SITE = 0xc8 - RT_SCOPE_LINK = 0xfd - RT_SCOPE_HOST = 0xfe - RT_SCOPE_NOWHERE = 0xff - RT_TABLE_UNSPEC = 0x0 - RT_TABLE_COMPAT = 0xfc - RT_TABLE_DEFAULT = 0xfd - RT_TABLE_MAIN = 0xfe - RT_TABLE_LOCAL = 0xff - RT_TABLE_MAX = 0xffffffff - RTA_UNSPEC = 0x0 - RTA_DST = 0x1 - RTA_SRC = 0x2 - RTA_IIF = 0x3 - RTA_OIF = 0x4 - RTA_GATEWAY = 0x5 - RTA_PRIORITY = 0x6 - RTA_PREFSRC = 0x7 - RTA_METRICS = 0x8 - RTA_MULTIPATH = 0x9 - RTA_FLOW = 0xb - RTA_CACHEINFO = 0xc - RTA_TABLE = 0xf - RTA_MARK = 0x10 - RTA_MFC_STATS = 0x11 - RTA_VIA = 0x12 - RTA_NEWDST = 0x13 - RTA_PREF = 0x14 - RTA_ENCAP_TYPE = 0x15 - RTA_ENCAP = 0x16 - RTA_EXPIRES = 0x17 - RTA_PAD = 0x18 - RTA_UID = 0x19 - RTA_TTL_PROPAGATE = 0x1a - RTA_IP_PROTO = 0x1b - RTA_SPORT = 0x1c - RTA_DPORT = 0x1d - RTN_UNSPEC = 0x0 - RTN_UNICAST = 0x1 - RTN_LOCAL = 0x2 - RTN_BROADCAST = 0x3 - RTN_ANYCAST = 0x4 - RTN_MULTICAST = 0x5 - RTN_BLACKHOLE = 0x6 - RTN_UNREACHABLE = 0x7 - RTN_PROHIBIT = 0x8 - RTN_THROW = 0x9 - RTN_NAT = 0xa - RTN_XRESOLVE = 0xb - SizeofNlMsghdr = 0x10 - SizeofNlMsgerr = 0x14 - SizeofRtGenmsg = 0x1 - SizeofNlAttr = 0x4 - SizeofRtAttr = 0x4 - SizeofIfInfomsg = 0x10 - SizeofIfAddrmsg = 0x8 - SizeofIfaCacheinfo = 0x10 - SizeofRtMsg = 0xc - SizeofRtNexthop = 0x8 - SizeofNdUseroptmsg = 0x10 - SizeofNdMsg = 0xc + NDA_UNSPEC = 0x0 + NDA_DST = 0x1 + NDA_LLADDR = 0x2 + NDA_CACHEINFO = 0x3 + NDA_PROBES = 0x4 + NDA_VLAN = 0x5 + NDA_PORT = 0x6 + NDA_VNI = 0x7 + NDA_IFINDEX = 0x8 + NDA_MASTER = 0x9 + NDA_LINK_NETNSID = 0xa + NDA_SRC_VNI = 0xb + NTF_USE = 0x1 + NTF_SELF = 0x2 + NTF_MASTER = 0x4 + NTF_PROXY = 0x8 + NTF_EXT_LEARNED = 0x10 + NTF_OFFLOADED = 0x20 + NTF_ROUTER = 0x80 + NUD_INCOMPLETE = 0x1 + NUD_REACHABLE = 0x2 + NUD_STALE = 0x4 + NUD_DELAY = 0x8 + NUD_PROBE = 0x10 + NUD_FAILED = 0x20 + NUD_NOARP = 0x40 + NUD_PERMANENT = 0x80 + NUD_NONE = 0x0 + IFA_UNSPEC = 0x0 + IFA_ADDRESS = 0x1 + IFA_LOCAL = 0x2 + IFA_LABEL = 0x3 + IFA_BROADCAST = 0x4 + IFA_ANYCAST = 0x5 + IFA_CACHEINFO = 0x6 + IFA_MULTICAST = 0x7 + IFA_FLAGS = 0x8 + IFA_RT_PRIORITY = 0x9 + IFA_TARGET_NETNSID = 0xa + RT_SCOPE_UNIVERSE = 0x0 + RT_SCOPE_SITE = 0xc8 + RT_SCOPE_LINK = 0xfd + RT_SCOPE_HOST = 0xfe + RT_SCOPE_NOWHERE = 0xff + RT_TABLE_UNSPEC = 0x0 + RT_TABLE_COMPAT = 0xfc + RT_TABLE_DEFAULT = 0xfd + RT_TABLE_MAIN = 0xfe + RT_TABLE_LOCAL = 0xff + RT_TABLE_MAX = 0xffffffff + RTA_UNSPEC = 0x0 + RTA_DST = 0x1 + RTA_SRC = 0x2 + RTA_IIF = 0x3 + RTA_OIF = 0x4 + RTA_GATEWAY = 0x5 + RTA_PRIORITY = 0x6 + RTA_PREFSRC = 0x7 + RTA_METRICS = 0x8 + RTA_MULTIPATH = 0x9 + RTA_FLOW = 0xb + RTA_CACHEINFO = 0xc + RTA_TABLE = 0xf + RTA_MARK = 0x10 + RTA_MFC_STATS = 0x11 + RTA_VIA = 0x12 + RTA_NEWDST = 0x13 + RTA_PREF = 0x14 + RTA_ENCAP_TYPE = 0x15 + RTA_ENCAP = 0x16 + RTA_EXPIRES = 0x17 + RTA_PAD = 0x18 + RTA_UID = 0x19 + RTA_TTL_PROPAGATE = 0x1a + RTA_IP_PROTO = 0x1b + RTA_SPORT = 0x1c + RTA_DPORT = 0x1d + RTN_UNSPEC = 0x0 + RTN_UNICAST = 0x1 + RTN_LOCAL = 0x2 + RTN_BROADCAST = 0x3 + RTN_ANYCAST = 0x4 + RTN_MULTICAST = 0x5 + RTN_BLACKHOLE = 0x6 + RTN_UNREACHABLE = 0x7 + RTN_PROHIBIT = 0x8 + RTN_THROW = 0x9 + RTN_NAT = 0xa + RTN_XRESOLVE = 0xb + SizeofNlMsghdr = 0x10 + SizeofNlMsgerr = 0x14 + SizeofRtGenmsg = 0x1 + SizeofNlAttr = 0x4 + SizeofRtAttr = 0x4 + SizeofIfInfomsg = 0x10 + SizeofIfAddrmsg = 0x8 + SizeofIfaCacheinfo = 0x10 + SizeofRtMsg = 0xc + SizeofRtNexthop = 0x8 + SizeofNdUseroptmsg = 0x10 + SizeofNdMsg = 0xc ) type NlMsghdr struct { @@ -1387,6 +1324,401 @@ const ( SizeofTpacketStatsV3 = 0xc ) +const ( + IFLA_UNSPEC = 0x0 + IFLA_ADDRESS = 0x1 + IFLA_BROADCAST = 0x2 + IFLA_IFNAME = 0x3 + IFLA_MTU = 0x4 + IFLA_LINK = 0x5 + IFLA_QDISC = 0x6 + IFLA_STATS = 0x7 + IFLA_COST = 0x8 + IFLA_PRIORITY = 0x9 + IFLA_MASTER = 0xa + IFLA_WIRELESS = 0xb + IFLA_PROTINFO = 0xc + IFLA_TXQLEN = 0xd + IFLA_MAP = 0xe + IFLA_WEIGHT = 0xf + IFLA_OPERSTATE = 0x10 + IFLA_LINKMODE = 0x11 + IFLA_LINKINFO = 0x12 + IFLA_NET_NS_PID = 0x13 + IFLA_IFALIAS = 0x14 + IFLA_NUM_VF = 0x15 + IFLA_VFINFO_LIST = 0x16 + IFLA_STATS64 = 0x17 + IFLA_VF_PORTS = 0x18 + IFLA_PORT_SELF = 0x19 + IFLA_AF_SPEC = 0x1a + IFLA_GROUP = 0x1b + IFLA_NET_NS_FD = 0x1c + IFLA_EXT_MASK = 0x1d + IFLA_PROMISCUITY = 0x1e + IFLA_NUM_TX_QUEUES = 0x1f + IFLA_NUM_RX_QUEUES = 0x20 + IFLA_CARRIER = 0x21 + IFLA_PHYS_PORT_ID = 0x22 + IFLA_CARRIER_CHANGES = 0x23 + IFLA_PHYS_SWITCH_ID = 0x24 + IFLA_LINK_NETNSID = 0x25 + IFLA_PHYS_PORT_NAME = 0x26 + IFLA_PROTO_DOWN = 0x27 + IFLA_GSO_MAX_SEGS = 0x28 + IFLA_GSO_MAX_SIZE = 0x29 + IFLA_PAD = 0x2a + IFLA_XDP = 0x2b + IFLA_EVENT = 0x2c + IFLA_NEW_NETNSID = 0x2d + IFLA_IF_NETNSID = 0x2e + IFLA_TARGET_NETNSID = 0x2e + IFLA_CARRIER_UP_COUNT = 0x2f + IFLA_CARRIER_DOWN_COUNT = 0x30 + IFLA_NEW_IFINDEX = 0x31 + IFLA_MIN_MTU = 0x32 + IFLA_MAX_MTU = 0x33 + IFLA_PROP_LIST = 0x34 + IFLA_ALT_IFNAME = 0x35 + IFLA_PERM_ADDRESS = 0x36 + IFLA_PROTO_DOWN_REASON = 0x37 + IFLA_PROTO_DOWN_REASON_UNSPEC = 0x0 + IFLA_PROTO_DOWN_REASON_MASK = 0x1 + IFLA_PROTO_DOWN_REASON_VALUE = 0x2 + IFLA_PROTO_DOWN_REASON_MAX = 0x2 + IFLA_INET_UNSPEC = 0x0 + IFLA_INET_CONF = 0x1 + IFLA_INET6_UNSPEC = 0x0 + IFLA_INET6_FLAGS = 0x1 + IFLA_INET6_CONF = 0x2 + IFLA_INET6_STATS = 0x3 + IFLA_INET6_MCAST = 0x4 + IFLA_INET6_CACHEINFO = 0x5 + IFLA_INET6_ICMP6STATS = 0x6 + IFLA_INET6_TOKEN = 0x7 + IFLA_INET6_ADDR_GEN_MODE = 0x8 + IFLA_BR_UNSPEC = 0x0 + IFLA_BR_FORWARD_DELAY = 0x1 + IFLA_BR_HELLO_TIME = 0x2 + IFLA_BR_MAX_AGE = 0x3 + IFLA_BR_AGEING_TIME = 0x4 + IFLA_BR_STP_STATE = 0x5 + IFLA_BR_PRIORITY = 0x6 + IFLA_BR_VLAN_FILTERING = 0x7 + IFLA_BR_VLAN_PROTOCOL = 0x8 + IFLA_BR_GROUP_FWD_MASK = 0x9 + IFLA_BR_ROOT_ID = 0xa + IFLA_BR_BRIDGE_ID = 0xb + IFLA_BR_ROOT_PORT = 0xc + IFLA_BR_ROOT_PATH_COST = 0xd + IFLA_BR_TOPOLOGY_CHANGE = 0xe + IFLA_BR_TOPOLOGY_CHANGE_DETECTED = 0xf + IFLA_BR_HELLO_TIMER = 0x10 + IFLA_BR_TCN_TIMER = 0x11 + IFLA_BR_TOPOLOGY_CHANGE_TIMER = 0x12 + IFLA_BR_GC_TIMER = 0x13 + IFLA_BR_GROUP_ADDR = 0x14 + IFLA_BR_FDB_FLUSH = 0x15 + IFLA_BR_MCAST_ROUTER = 0x16 + IFLA_BR_MCAST_SNOOPING = 0x17 + IFLA_BR_MCAST_QUERY_USE_IFADDR = 0x18 + IFLA_BR_MCAST_QUERIER = 0x19 + IFLA_BR_MCAST_HASH_ELASTICITY = 0x1a + IFLA_BR_MCAST_HASH_MAX = 0x1b + IFLA_BR_MCAST_LAST_MEMBER_CNT = 0x1c + IFLA_BR_MCAST_STARTUP_QUERY_CNT = 0x1d + IFLA_BR_MCAST_LAST_MEMBER_INTVL = 0x1e + IFLA_BR_MCAST_MEMBERSHIP_INTVL = 0x1f + IFLA_BR_MCAST_QUERIER_INTVL = 0x20 + IFLA_BR_MCAST_QUERY_INTVL = 0x21 + IFLA_BR_MCAST_QUERY_RESPONSE_INTVL = 0x22 + IFLA_BR_MCAST_STARTUP_QUERY_INTVL = 0x23 + IFLA_BR_NF_CALL_IPTABLES = 0x24 + IFLA_BR_NF_CALL_IP6TABLES = 0x25 + IFLA_BR_NF_CALL_ARPTABLES = 0x26 + IFLA_BR_VLAN_DEFAULT_PVID = 0x27 + IFLA_BR_PAD = 0x28 + IFLA_BR_VLAN_STATS_ENABLED = 0x29 + IFLA_BR_MCAST_STATS_ENABLED = 0x2a + IFLA_BR_MCAST_IGMP_VERSION = 0x2b + IFLA_BR_MCAST_MLD_VERSION = 0x2c + IFLA_BR_VLAN_STATS_PER_PORT = 0x2d + IFLA_BR_MULTI_BOOLOPT = 0x2e + IFLA_BRPORT_UNSPEC = 0x0 + IFLA_BRPORT_STATE = 0x1 + IFLA_BRPORT_PRIORITY = 0x2 + IFLA_BRPORT_COST = 0x3 + IFLA_BRPORT_MODE = 0x4 + IFLA_BRPORT_GUARD = 0x5 + IFLA_BRPORT_PROTECT = 0x6 + IFLA_BRPORT_FAST_LEAVE = 0x7 + IFLA_BRPORT_LEARNING = 0x8 + IFLA_BRPORT_UNICAST_FLOOD = 0x9 + IFLA_BRPORT_PROXYARP = 0xa + IFLA_BRPORT_LEARNING_SYNC = 0xb + IFLA_BRPORT_PROXYARP_WIFI = 0xc + IFLA_BRPORT_ROOT_ID = 0xd + IFLA_BRPORT_BRIDGE_ID = 0xe + IFLA_BRPORT_DESIGNATED_PORT = 0xf + IFLA_BRPORT_DESIGNATED_COST = 0x10 + IFLA_BRPORT_ID = 0x11 + IFLA_BRPORT_NO = 0x12 + IFLA_BRPORT_TOPOLOGY_CHANGE_ACK = 0x13 + IFLA_BRPORT_CONFIG_PENDING = 0x14 + IFLA_BRPORT_MESSAGE_AGE_TIMER = 0x15 + IFLA_BRPORT_FORWARD_DELAY_TIMER = 0x16 + IFLA_BRPORT_HOLD_TIMER = 0x17 + IFLA_BRPORT_FLUSH = 0x18 + IFLA_BRPORT_MULTICAST_ROUTER = 0x19 + IFLA_BRPORT_PAD = 0x1a + IFLA_BRPORT_MCAST_FLOOD = 0x1b + IFLA_BRPORT_MCAST_TO_UCAST = 0x1c + IFLA_BRPORT_VLAN_TUNNEL = 0x1d + IFLA_BRPORT_BCAST_FLOOD = 0x1e + IFLA_BRPORT_GROUP_FWD_MASK = 0x1f + IFLA_BRPORT_NEIGH_SUPPRESS = 0x20 + IFLA_BRPORT_ISOLATED = 0x21 + IFLA_BRPORT_BACKUP_PORT = 0x22 + IFLA_BRPORT_MRP_RING_OPEN = 0x23 + IFLA_BRPORT_MRP_IN_OPEN = 0x24 + IFLA_INFO_UNSPEC = 0x0 + IFLA_INFO_KIND = 0x1 + IFLA_INFO_DATA = 0x2 + IFLA_INFO_XSTATS = 0x3 + IFLA_INFO_SLAVE_KIND = 0x4 + IFLA_INFO_SLAVE_DATA = 0x5 + IFLA_VLAN_UNSPEC = 0x0 + IFLA_VLAN_ID = 0x1 + IFLA_VLAN_FLAGS = 0x2 + IFLA_VLAN_EGRESS_QOS = 0x3 + IFLA_VLAN_INGRESS_QOS = 0x4 + IFLA_VLAN_PROTOCOL = 0x5 + IFLA_VLAN_QOS_UNSPEC = 0x0 + IFLA_VLAN_QOS_MAPPING = 0x1 + IFLA_MACVLAN_UNSPEC = 0x0 + IFLA_MACVLAN_MODE = 0x1 + IFLA_MACVLAN_FLAGS = 0x2 + IFLA_MACVLAN_MACADDR_MODE = 0x3 + IFLA_MACVLAN_MACADDR = 0x4 + IFLA_MACVLAN_MACADDR_DATA = 0x5 + IFLA_MACVLAN_MACADDR_COUNT = 0x6 + IFLA_VRF_UNSPEC = 0x0 + IFLA_VRF_TABLE = 0x1 + IFLA_VRF_PORT_UNSPEC = 0x0 + IFLA_VRF_PORT_TABLE = 0x1 + IFLA_MACSEC_UNSPEC = 0x0 + IFLA_MACSEC_SCI = 0x1 + IFLA_MACSEC_PORT = 0x2 + IFLA_MACSEC_ICV_LEN = 0x3 + IFLA_MACSEC_CIPHER_SUITE = 0x4 + IFLA_MACSEC_WINDOW = 0x5 + IFLA_MACSEC_ENCODING_SA = 0x6 + IFLA_MACSEC_ENCRYPT = 0x7 + IFLA_MACSEC_PROTECT = 0x8 + IFLA_MACSEC_INC_SCI = 0x9 + IFLA_MACSEC_ES = 0xa + IFLA_MACSEC_SCB = 0xb + IFLA_MACSEC_REPLAY_PROTECT = 0xc + IFLA_MACSEC_VALIDATION = 0xd + IFLA_MACSEC_PAD = 0xe + IFLA_MACSEC_OFFLOAD = 0xf + IFLA_XFRM_UNSPEC = 0x0 + IFLA_XFRM_LINK = 0x1 + IFLA_XFRM_IF_ID = 0x2 + IFLA_IPVLAN_UNSPEC = 0x0 + IFLA_IPVLAN_MODE = 0x1 + IFLA_IPVLAN_FLAGS = 0x2 + IFLA_VXLAN_UNSPEC = 0x0 + IFLA_VXLAN_ID = 0x1 + IFLA_VXLAN_GROUP = 0x2 + IFLA_VXLAN_LINK = 0x3 + IFLA_VXLAN_LOCAL = 0x4 + IFLA_VXLAN_TTL = 0x5 + IFLA_VXLAN_TOS = 0x6 + IFLA_VXLAN_LEARNING = 0x7 + IFLA_VXLAN_AGEING = 0x8 + IFLA_VXLAN_LIMIT = 0x9 + IFLA_VXLAN_PORT_RANGE = 0xa + IFLA_VXLAN_PROXY = 0xb + IFLA_VXLAN_RSC = 0xc + IFLA_VXLAN_L2MISS = 0xd + IFLA_VXLAN_L3MISS = 0xe + IFLA_VXLAN_PORT = 0xf + IFLA_VXLAN_GROUP6 = 0x10 + IFLA_VXLAN_LOCAL6 = 0x11 + IFLA_VXLAN_UDP_CSUM = 0x12 + IFLA_VXLAN_UDP_ZERO_CSUM6_TX = 0x13 + IFLA_VXLAN_UDP_ZERO_CSUM6_RX = 0x14 + IFLA_VXLAN_REMCSUM_TX = 0x15 + IFLA_VXLAN_REMCSUM_RX = 0x16 + IFLA_VXLAN_GBP = 0x17 + IFLA_VXLAN_REMCSUM_NOPARTIAL = 0x18 + IFLA_VXLAN_COLLECT_METADATA = 0x19 + IFLA_VXLAN_LABEL = 0x1a + IFLA_VXLAN_GPE = 0x1b + IFLA_VXLAN_TTL_INHERIT = 0x1c + IFLA_VXLAN_DF = 0x1d + IFLA_GENEVE_UNSPEC = 0x0 + IFLA_GENEVE_ID = 0x1 + IFLA_GENEVE_REMOTE = 0x2 + IFLA_GENEVE_TTL = 0x3 + IFLA_GENEVE_TOS = 0x4 + IFLA_GENEVE_PORT = 0x5 + IFLA_GENEVE_COLLECT_METADATA = 0x6 + IFLA_GENEVE_REMOTE6 = 0x7 + IFLA_GENEVE_UDP_CSUM = 0x8 + IFLA_GENEVE_UDP_ZERO_CSUM6_TX = 0x9 + IFLA_GENEVE_UDP_ZERO_CSUM6_RX = 0xa + IFLA_GENEVE_LABEL = 0xb + IFLA_GENEVE_TTL_INHERIT = 0xc + IFLA_GENEVE_DF = 0xd + IFLA_BAREUDP_UNSPEC = 0x0 + IFLA_BAREUDP_PORT = 0x1 + IFLA_BAREUDP_ETHERTYPE = 0x2 + IFLA_BAREUDP_SRCPORT_MIN = 0x3 + IFLA_BAREUDP_MULTIPROTO_MODE = 0x4 + IFLA_PPP_UNSPEC = 0x0 + IFLA_PPP_DEV_FD = 0x1 + IFLA_GTP_UNSPEC = 0x0 + IFLA_GTP_FD0 = 0x1 + IFLA_GTP_FD1 = 0x2 + IFLA_GTP_PDP_HASHSIZE = 0x3 + IFLA_GTP_ROLE = 0x4 + IFLA_BOND_UNSPEC = 0x0 + IFLA_BOND_MODE = 0x1 + IFLA_BOND_ACTIVE_SLAVE = 0x2 + IFLA_BOND_MIIMON = 0x3 + IFLA_BOND_UPDELAY = 0x4 + IFLA_BOND_DOWNDELAY = 0x5 + IFLA_BOND_USE_CARRIER = 0x6 + IFLA_BOND_ARP_INTERVAL = 0x7 + IFLA_BOND_ARP_IP_TARGET = 0x8 + IFLA_BOND_ARP_VALIDATE = 0x9 + IFLA_BOND_ARP_ALL_TARGETS = 0xa + IFLA_BOND_PRIMARY = 0xb + IFLA_BOND_PRIMARY_RESELECT = 0xc + IFLA_BOND_FAIL_OVER_MAC = 0xd + IFLA_BOND_XMIT_HASH_POLICY = 0xe + IFLA_BOND_RESEND_IGMP = 0xf + IFLA_BOND_NUM_PEER_NOTIF = 0x10 + IFLA_BOND_ALL_SLAVES_ACTIVE = 0x11 + IFLA_BOND_MIN_LINKS = 0x12 + IFLA_BOND_LP_INTERVAL = 0x13 + IFLA_BOND_PACKETS_PER_SLAVE = 0x14 + IFLA_BOND_AD_LACP_RATE = 0x15 + IFLA_BOND_AD_SELECT = 0x16 + IFLA_BOND_AD_INFO = 0x17 + IFLA_BOND_AD_ACTOR_SYS_PRIO = 0x18 + IFLA_BOND_AD_USER_PORT_KEY = 0x19 + IFLA_BOND_AD_ACTOR_SYSTEM = 0x1a + IFLA_BOND_TLB_DYNAMIC_LB = 0x1b + IFLA_BOND_PEER_NOTIF_DELAY = 0x1c + IFLA_BOND_AD_INFO_UNSPEC = 0x0 + IFLA_BOND_AD_INFO_AGGREGATOR = 0x1 + IFLA_BOND_AD_INFO_NUM_PORTS = 0x2 + IFLA_BOND_AD_INFO_ACTOR_KEY = 0x3 + IFLA_BOND_AD_INFO_PARTNER_KEY = 0x4 + IFLA_BOND_AD_INFO_PARTNER_MAC = 0x5 + IFLA_BOND_SLAVE_UNSPEC = 0x0 + IFLA_BOND_SLAVE_STATE = 0x1 + IFLA_BOND_SLAVE_MII_STATUS = 0x2 + IFLA_BOND_SLAVE_LINK_FAILURE_COUNT = 0x3 + IFLA_BOND_SLAVE_PERM_HWADDR = 0x4 + IFLA_BOND_SLAVE_QUEUE_ID = 0x5 + IFLA_BOND_SLAVE_AD_AGGREGATOR_ID = 0x6 + IFLA_BOND_SLAVE_AD_ACTOR_OPER_PORT_STATE = 0x7 + IFLA_BOND_SLAVE_AD_PARTNER_OPER_PORT_STATE = 0x8 + IFLA_VF_INFO_UNSPEC = 0x0 + IFLA_VF_INFO = 0x1 + IFLA_VF_UNSPEC = 0x0 + IFLA_VF_MAC = 0x1 + IFLA_VF_VLAN = 0x2 + IFLA_VF_TX_RATE = 0x3 + IFLA_VF_SPOOFCHK = 0x4 + IFLA_VF_LINK_STATE = 0x5 + IFLA_VF_RATE = 0x6 + IFLA_VF_RSS_QUERY_EN = 0x7 + IFLA_VF_STATS = 0x8 + IFLA_VF_TRUST = 0x9 + IFLA_VF_IB_NODE_GUID = 0xa + IFLA_VF_IB_PORT_GUID = 0xb + IFLA_VF_VLAN_LIST = 0xc + IFLA_VF_BROADCAST = 0xd + IFLA_VF_VLAN_INFO_UNSPEC = 0x0 + IFLA_VF_VLAN_INFO = 0x1 + IFLA_VF_LINK_STATE_AUTO = 0x0 + IFLA_VF_LINK_STATE_ENABLE = 0x1 + IFLA_VF_LINK_STATE_DISABLE = 0x2 + IFLA_VF_STATS_RX_PACKETS = 0x0 + IFLA_VF_STATS_TX_PACKETS = 0x1 + IFLA_VF_STATS_RX_BYTES = 0x2 + IFLA_VF_STATS_TX_BYTES = 0x3 + IFLA_VF_STATS_BROADCAST = 0x4 + IFLA_VF_STATS_MULTICAST = 0x5 + IFLA_VF_STATS_PAD = 0x6 + IFLA_VF_STATS_RX_DROPPED = 0x7 + IFLA_VF_STATS_TX_DROPPED = 0x8 + IFLA_VF_PORT_UNSPEC = 0x0 + IFLA_VF_PORT = 0x1 + IFLA_PORT_UNSPEC = 0x0 + IFLA_PORT_VF = 0x1 + IFLA_PORT_PROFILE = 0x2 + IFLA_PORT_VSI_TYPE = 0x3 + IFLA_PORT_INSTANCE_UUID = 0x4 + IFLA_PORT_HOST_UUID = 0x5 + IFLA_PORT_REQUEST = 0x6 + IFLA_PORT_RESPONSE = 0x7 + IFLA_IPOIB_UNSPEC = 0x0 + IFLA_IPOIB_PKEY = 0x1 + IFLA_IPOIB_MODE = 0x2 + IFLA_IPOIB_UMCAST = 0x3 + IFLA_HSR_UNSPEC = 0x0 + IFLA_HSR_SLAVE1 = 0x1 + IFLA_HSR_SLAVE2 = 0x2 + IFLA_HSR_MULTICAST_SPEC = 0x3 + IFLA_HSR_SUPERVISION_ADDR = 0x4 + IFLA_HSR_SEQ_NR = 0x5 + IFLA_HSR_VERSION = 0x6 + IFLA_HSR_PROTOCOL = 0x7 + IFLA_STATS_UNSPEC = 0x0 + IFLA_STATS_LINK_64 = 0x1 + IFLA_STATS_LINK_XSTATS = 0x2 + IFLA_STATS_LINK_XSTATS_SLAVE = 0x3 + IFLA_STATS_LINK_OFFLOAD_XSTATS = 0x4 + IFLA_STATS_AF_SPEC = 0x5 + IFLA_OFFLOAD_XSTATS_UNSPEC = 0x0 + IFLA_OFFLOAD_XSTATS_CPU_HIT = 0x1 + IFLA_XDP_UNSPEC = 0x0 + IFLA_XDP_FD = 0x1 + IFLA_XDP_ATTACHED = 0x2 + IFLA_XDP_FLAGS = 0x3 + IFLA_XDP_PROG_ID = 0x4 + IFLA_XDP_DRV_PROG_ID = 0x5 + IFLA_XDP_SKB_PROG_ID = 0x6 + IFLA_XDP_HW_PROG_ID = 0x7 + IFLA_XDP_EXPECTED_FD = 0x8 + IFLA_EVENT_NONE = 0x0 + IFLA_EVENT_REBOOT = 0x1 + IFLA_EVENT_FEATURES = 0x2 + IFLA_EVENT_BONDING_FAILOVER = 0x3 + IFLA_EVENT_NOTIFY_PEERS = 0x4 + IFLA_EVENT_IGMP_RESEND = 0x5 + IFLA_EVENT_BONDING_OPTIONS = 0x6 + IFLA_TUN_UNSPEC = 0x0 + IFLA_TUN_OWNER = 0x1 + IFLA_TUN_GROUP = 0x2 + IFLA_TUN_TYPE = 0x3 + IFLA_TUN_PI = 0x4 + IFLA_TUN_VNET_HDR = 0x5 + IFLA_TUN_PERSIST = 0x6 + IFLA_TUN_MULTI_QUEUE = 0x7 + IFLA_TUN_NUM_QUEUES = 0x8 + IFLA_TUN_NUM_DISABLED_QUEUES = 0x9 + IFLA_RMNET_UNSPEC = 0x0 + IFLA_RMNET_MUX_ID = 0x1 + IFLA_RMNET_FLAGS = 0x2 +) + const ( NF_INET_PRE_ROUTING = 0x0 NF_INET_LOCAL_IN = 0x1 @@ -1892,10 +2224,12 @@ const ( ) const ( - NETNSA_NONE = 0x0 - NETNSA_NSID = 0x1 - NETNSA_PID = 0x2 - NETNSA_FD = 0x3 + NETNSA_NONE = 0x0 + NETNSA_NSID = 0x1 + NETNSA_PID = 0x2 + NETNSA_FD = 0x3 + NETNSA_TARGET_NSID = 0x4 + NETNSA_CURRENT_NSID = 0x5 ) type XDPRingOffset struct { @@ -2045,281 +2379,309 @@ const ( ) const ( - BPF_REG_0 = 0x0 - BPF_REG_1 = 0x1 - BPF_REG_2 = 0x2 - BPF_REG_3 = 0x3 - BPF_REG_4 = 0x4 - BPF_REG_5 = 0x5 - BPF_REG_6 = 0x6 - BPF_REG_7 = 0x7 - BPF_REG_8 = 0x8 - BPF_REG_9 = 0x9 - BPF_REG_10 = 0xa - BPF_MAP_CREATE = 0x0 - BPF_MAP_LOOKUP_ELEM = 0x1 - BPF_MAP_UPDATE_ELEM = 0x2 - BPF_MAP_DELETE_ELEM = 0x3 - BPF_MAP_GET_NEXT_KEY = 0x4 - BPF_PROG_LOAD = 0x5 - BPF_OBJ_PIN = 0x6 - BPF_OBJ_GET = 0x7 - BPF_PROG_ATTACH = 0x8 - BPF_PROG_DETACH = 0x9 - BPF_PROG_TEST_RUN = 0xa - BPF_PROG_GET_NEXT_ID = 0xb - BPF_MAP_GET_NEXT_ID = 0xc - BPF_PROG_GET_FD_BY_ID = 0xd - BPF_MAP_GET_FD_BY_ID = 0xe - BPF_OBJ_GET_INFO_BY_FD = 0xf - BPF_PROG_QUERY = 0x10 - BPF_RAW_TRACEPOINT_OPEN = 0x11 - BPF_BTF_LOAD = 0x12 - BPF_BTF_GET_FD_BY_ID = 0x13 - BPF_TASK_FD_QUERY = 0x14 - BPF_MAP_LOOKUP_AND_DELETE_ELEM = 0x15 - BPF_MAP_FREEZE = 0x16 - BPF_BTF_GET_NEXT_ID = 0x17 - BPF_MAP_LOOKUP_BATCH = 0x18 - BPF_MAP_LOOKUP_AND_DELETE_BATCH = 0x19 - BPF_MAP_UPDATE_BATCH = 0x1a - BPF_MAP_DELETE_BATCH = 0x1b - BPF_LINK_CREATE = 0x1c - BPF_LINK_UPDATE = 0x1d - BPF_LINK_GET_FD_BY_ID = 0x1e - BPF_LINK_GET_NEXT_ID = 0x1f - BPF_ENABLE_STATS = 0x20 - BPF_ITER_CREATE = 0x21 - BPF_MAP_TYPE_UNSPEC = 0x0 - BPF_MAP_TYPE_HASH = 0x1 - BPF_MAP_TYPE_ARRAY = 0x2 - BPF_MAP_TYPE_PROG_ARRAY = 0x3 - BPF_MAP_TYPE_PERF_EVENT_ARRAY = 0x4 - BPF_MAP_TYPE_PERCPU_HASH = 0x5 - BPF_MAP_TYPE_PERCPU_ARRAY = 0x6 - BPF_MAP_TYPE_STACK_TRACE = 0x7 - BPF_MAP_TYPE_CGROUP_ARRAY = 0x8 - BPF_MAP_TYPE_LRU_HASH = 0x9 - BPF_MAP_TYPE_LRU_PERCPU_HASH = 0xa - BPF_MAP_TYPE_LPM_TRIE = 0xb - BPF_MAP_TYPE_ARRAY_OF_MAPS = 0xc - BPF_MAP_TYPE_HASH_OF_MAPS = 0xd - BPF_MAP_TYPE_DEVMAP = 0xe - BPF_MAP_TYPE_SOCKMAP = 0xf - BPF_MAP_TYPE_CPUMAP = 0x10 - BPF_MAP_TYPE_XSKMAP = 0x11 - BPF_MAP_TYPE_SOCKHASH = 0x12 - BPF_MAP_TYPE_CGROUP_STORAGE = 0x13 - BPF_MAP_TYPE_REUSEPORT_SOCKARRAY = 0x14 - BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE = 0x15 - BPF_MAP_TYPE_QUEUE = 0x16 - BPF_MAP_TYPE_STACK = 0x17 - BPF_MAP_TYPE_SK_STORAGE = 0x18 - BPF_MAP_TYPE_DEVMAP_HASH = 0x19 - BPF_MAP_TYPE_STRUCT_OPS = 0x1a - BPF_MAP_TYPE_RINGBUF = 0x1b - BPF_PROG_TYPE_UNSPEC = 0x0 - BPF_PROG_TYPE_SOCKET_FILTER = 0x1 - BPF_PROG_TYPE_KPROBE = 0x2 - BPF_PROG_TYPE_SCHED_CLS = 0x3 - BPF_PROG_TYPE_SCHED_ACT = 0x4 - BPF_PROG_TYPE_TRACEPOINT = 0x5 - BPF_PROG_TYPE_XDP = 0x6 - BPF_PROG_TYPE_PERF_EVENT = 0x7 - BPF_PROG_TYPE_CGROUP_SKB = 0x8 - BPF_PROG_TYPE_CGROUP_SOCK = 0x9 - BPF_PROG_TYPE_LWT_IN = 0xa - BPF_PROG_TYPE_LWT_OUT = 0xb - BPF_PROG_TYPE_LWT_XMIT = 0xc - BPF_PROG_TYPE_SOCK_OPS = 0xd - BPF_PROG_TYPE_SK_SKB = 0xe - BPF_PROG_TYPE_CGROUP_DEVICE = 0xf - BPF_PROG_TYPE_SK_MSG = 0x10 - BPF_PROG_TYPE_RAW_TRACEPOINT = 0x11 - BPF_PROG_TYPE_CGROUP_SOCK_ADDR = 0x12 - BPF_PROG_TYPE_LWT_SEG6LOCAL = 0x13 - BPF_PROG_TYPE_LIRC_MODE2 = 0x14 - BPF_PROG_TYPE_SK_REUSEPORT = 0x15 - BPF_PROG_TYPE_FLOW_DISSECTOR = 0x16 - BPF_PROG_TYPE_CGROUP_SYSCTL = 0x17 - BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE = 0x18 - BPF_PROG_TYPE_CGROUP_SOCKOPT = 0x19 - BPF_PROG_TYPE_TRACING = 0x1a - BPF_PROG_TYPE_STRUCT_OPS = 0x1b - BPF_PROG_TYPE_EXT = 0x1c - BPF_PROG_TYPE_LSM = 0x1d - BPF_CGROUP_INET_INGRESS = 0x0 - BPF_CGROUP_INET_EGRESS = 0x1 - BPF_CGROUP_INET_SOCK_CREATE = 0x2 - BPF_CGROUP_SOCK_OPS = 0x3 - BPF_SK_SKB_STREAM_PARSER = 0x4 - BPF_SK_SKB_STREAM_VERDICT = 0x5 - BPF_CGROUP_DEVICE = 0x6 - BPF_SK_MSG_VERDICT = 0x7 - BPF_CGROUP_INET4_BIND = 0x8 - BPF_CGROUP_INET6_BIND = 0x9 - BPF_CGROUP_INET4_CONNECT = 0xa - BPF_CGROUP_INET6_CONNECT = 0xb - BPF_CGROUP_INET4_POST_BIND = 0xc - BPF_CGROUP_INET6_POST_BIND = 0xd - BPF_CGROUP_UDP4_SENDMSG = 0xe - BPF_CGROUP_UDP6_SENDMSG = 0xf - BPF_LIRC_MODE2 = 0x10 - BPF_FLOW_DISSECTOR = 0x11 - BPF_CGROUP_SYSCTL = 0x12 - BPF_CGROUP_UDP4_RECVMSG = 0x13 - BPF_CGROUP_UDP6_RECVMSG = 0x14 - BPF_CGROUP_GETSOCKOPT = 0x15 - BPF_CGROUP_SETSOCKOPT = 0x16 - BPF_TRACE_RAW_TP = 0x17 - BPF_TRACE_FENTRY = 0x18 - BPF_TRACE_FEXIT = 0x19 - BPF_MODIFY_RETURN = 0x1a - BPF_LSM_MAC = 0x1b - BPF_TRACE_ITER = 0x1c - BPF_CGROUP_INET4_GETPEERNAME = 0x1d - BPF_CGROUP_INET6_GETPEERNAME = 0x1e - BPF_CGROUP_INET4_GETSOCKNAME = 0x1f - BPF_CGROUP_INET6_GETSOCKNAME = 0x20 - BPF_XDP_DEVMAP = 0x21 - BPF_LINK_TYPE_UNSPEC = 0x0 - BPF_LINK_TYPE_RAW_TRACEPOINT = 0x1 - BPF_LINK_TYPE_TRACING = 0x2 - BPF_LINK_TYPE_CGROUP = 0x3 - BPF_LINK_TYPE_ITER = 0x4 - BPF_LINK_TYPE_NETNS = 0x5 - BPF_ANY = 0x0 - BPF_NOEXIST = 0x1 - BPF_EXIST = 0x2 - BPF_F_LOCK = 0x4 - BPF_F_NO_PREALLOC = 0x1 - BPF_F_NO_COMMON_LRU = 0x2 - BPF_F_NUMA_NODE = 0x4 - BPF_F_RDONLY = 0x8 - BPF_F_WRONLY = 0x10 - BPF_F_STACK_BUILD_ID = 0x20 - BPF_F_ZERO_SEED = 0x40 - BPF_F_RDONLY_PROG = 0x80 - BPF_F_WRONLY_PROG = 0x100 - BPF_F_CLONE = 0x200 - BPF_F_MMAPABLE = 0x400 - BPF_STATS_RUN_TIME = 0x0 - BPF_STACK_BUILD_ID_EMPTY = 0x0 - BPF_STACK_BUILD_ID_VALID = 0x1 - BPF_STACK_BUILD_ID_IP = 0x2 - BPF_F_RECOMPUTE_CSUM = 0x1 - BPF_F_INVALIDATE_HASH = 0x2 - BPF_F_HDR_FIELD_MASK = 0xf - BPF_F_PSEUDO_HDR = 0x10 - BPF_F_MARK_MANGLED_0 = 0x20 - BPF_F_MARK_ENFORCE = 0x40 - BPF_F_INGRESS = 0x1 - BPF_F_TUNINFO_IPV6 = 0x1 - BPF_F_SKIP_FIELD_MASK = 0xff - BPF_F_USER_STACK = 0x100 - BPF_F_FAST_STACK_CMP = 0x200 - BPF_F_REUSE_STACKID = 0x400 - BPF_F_USER_BUILD_ID = 0x800 - BPF_F_ZERO_CSUM_TX = 0x2 - BPF_F_DONT_FRAGMENT = 0x4 - BPF_F_SEQ_NUMBER = 0x8 - BPF_F_INDEX_MASK = 0xffffffff - BPF_F_CURRENT_CPU = 0xffffffff - BPF_F_CTXLEN_MASK = 0xfffff00000000 - BPF_F_CURRENT_NETNS = -0x1 - BPF_CSUM_LEVEL_QUERY = 0x0 - BPF_CSUM_LEVEL_INC = 0x1 - BPF_CSUM_LEVEL_DEC = 0x2 - BPF_CSUM_LEVEL_RESET = 0x3 - BPF_F_ADJ_ROOM_FIXED_GSO = 0x1 - BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 = 0x2 - BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 = 0x4 - BPF_F_ADJ_ROOM_ENCAP_L4_GRE = 0x8 - BPF_F_ADJ_ROOM_ENCAP_L4_UDP = 0x10 - BPF_F_ADJ_ROOM_NO_CSUM_RESET = 0x20 - BPF_ADJ_ROOM_ENCAP_L2_MASK = 0xff - BPF_ADJ_ROOM_ENCAP_L2_SHIFT = 0x38 - BPF_F_SYSCTL_BASE_NAME = 0x1 - BPF_SK_STORAGE_GET_F_CREATE = 0x1 - BPF_F_GET_BRANCH_RECORDS_SIZE = 0x1 - BPF_RB_NO_WAKEUP = 0x1 - BPF_RB_FORCE_WAKEUP = 0x2 - BPF_RB_AVAIL_DATA = 0x0 - BPF_RB_RING_SIZE = 0x1 - BPF_RB_CONS_POS = 0x2 - BPF_RB_PROD_POS = 0x3 - BPF_RINGBUF_BUSY_BIT = 0x80000000 - BPF_RINGBUF_DISCARD_BIT = 0x40000000 - BPF_RINGBUF_HDR_SZ = 0x8 - BPF_ADJ_ROOM_NET = 0x0 - BPF_ADJ_ROOM_MAC = 0x1 - BPF_HDR_START_MAC = 0x0 - BPF_HDR_START_NET = 0x1 - BPF_LWT_ENCAP_SEG6 = 0x0 - BPF_LWT_ENCAP_SEG6_INLINE = 0x1 - BPF_LWT_ENCAP_IP = 0x2 - BPF_OK = 0x0 - BPF_DROP = 0x2 - BPF_REDIRECT = 0x7 - BPF_LWT_REROUTE = 0x80 - BPF_SOCK_OPS_RTO_CB_FLAG = 0x1 - BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2 - BPF_SOCK_OPS_STATE_CB_FLAG = 0x4 - BPF_SOCK_OPS_RTT_CB_FLAG = 0x8 - BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf - BPF_SOCK_OPS_VOID = 0x0 - BPF_SOCK_OPS_TIMEOUT_INIT = 0x1 - BPF_SOCK_OPS_RWND_INIT = 0x2 - BPF_SOCK_OPS_TCP_CONNECT_CB = 0x3 - BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB = 0x4 - BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB = 0x5 - BPF_SOCK_OPS_NEEDS_ECN = 0x6 - BPF_SOCK_OPS_BASE_RTT = 0x7 - BPF_SOCK_OPS_RTO_CB = 0x8 - BPF_SOCK_OPS_RETRANS_CB = 0x9 - BPF_SOCK_OPS_STATE_CB = 0xa - BPF_SOCK_OPS_TCP_LISTEN_CB = 0xb - BPF_SOCK_OPS_RTT_CB = 0xc - BPF_TCP_ESTABLISHED = 0x1 - BPF_TCP_SYN_SENT = 0x2 - BPF_TCP_SYN_RECV = 0x3 - BPF_TCP_FIN_WAIT1 = 0x4 - BPF_TCP_FIN_WAIT2 = 0x5 - BPF_TCP_TIME_WAIT = 0x6 - BPF_TCP_CLOSE = 0x7 - BPF_TCP_CLOSE_WAIT = 0x8 - BPF_TCP_LAST_ACK = 0x9 - BPF_TCP_LISTEN = 0xa - BPF_TCP_CLOSING = 0xb - BPF_TCP_NEW_SYN_RECV = 0xc - BPF_TCP_MAX_STATES = 0xd - TCP_BPF_IW = 0x3e9 - TCP_BPF_SNDCWND_CLAMP = 0x3ea - BPF_DEVCG_ACC_MKNOD = 0x1 - BPF_DEVCG_ACC_READ = 0x2 - BPF_DEVCG_ACC_WRITE = 0x4 - BPF_DEVCG_DEV_BLOCK = 0x1 - BPF_DEVCG_DEV_CHAR = 0x2 - BPF_FIB_LOOKUP_DIRECT = 0x1 - BPF_FIB_LOOKUP_OUTPUT = 0x2 - BPF_FIB_LKUP_RET_SUCCESS = 0x0 - BPF_FIB_LKUP_RET_BLACKHOLE = 0x1 - BPF_FIB_LKUP_RET_UNREACHABLE = 0x2 - BPF_FIB_LKUP_RET_PROHIBIT = 0x3 - BPF_FIB_LKUP_RET_NOT_FWDED = 0x4 - BPF_FIB_LKUP_RET_FWD_DISABLED = 0x5 - BPF_FIB_LKUP_RET_UNSUPP_LWT = 0x6 - BPF_FIB_LKUP_RET_NO_NEIGH = 0x7 - BPF_FIB_LKUP_RET_FRAG_NEEDED = 0x8 - BPF_FD_TYPE_RAW_TRACEPOINT = 0x0 - BPF_FD_TYPE_TRACEPOINT = 0x1 - BPF_FD_TYPE_KPROBE = 0x2 - BPF_FD_TYPE_KRETPROBE = 0x3 - BPF_FD_TYPE_UPROBE = 0x4 - BPF_FD_TYPE_URETPROBE = 0x5 - BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG = 0x1 - BPF_FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL = 0x2 - BPF_FLOW_DISSECTOR_F_STOP_AT_ENCAP = 0x4 + BPF_REG_0 = 0x0 + BPF_REG_1 = 0x1 + BPF_REG_2 = 0x2 + BPF_REG_3 = 0x3 + BPF_REG_4 = 0x4 + BPF_REG_5 = 0x5 + BPF_REG_6 = 0x6 + BPF_REG_7 = 0x7 + BPF_REG_8 = 0x8 + BPF_REG_9 = 0x9 + BPF_REG_10 = 0xa + BPF_MAP_CREATE = 0x0 + BPF_MAP_LOOKUP_ELEM = 0x1 + BPF_MAP_UPDATE_ELEM = 0x2 + BPF_MAP_DELETE_ELEM = 0x3 + BPF_MAP_GET_NEXT_KEY = 0x4 + BPF_PROG_LOAD = 0x5 + BPF_OBJ_PIN = 0x6 + BPF_OBJ_GET = 0x7 + BPF_PROG_ATTACH = 0x8 + BPF_PROG_DETACH = 0x9 + BPF_PROG_TEST_RUN = 0xa + BPF_PROG_GET_NEXT_ID = 0xb + BPF_MAP_GET_NEXT_ID = 0xc + BPF_PROG_GET_FD_BY_ID = 0xd + BPF_MAP_GET_FD_BY_ID = 0xe + BPF_OBJ_GET_INFO_BY_FD = 0xf + BPF_PROG_QUERY = 0x10 + BPF_RAW_TRACEPOINT_OPEN = 0x11 + BPF_BTF_LOAD = 0x12 + BPF_BTF_GET_FD_BY_ID = 0x13 + BPF_TASK_FD_QUERY = 0x14 + BPF_MAP_LOOKUP_AND_DELETE_ELEM = 0x15 + BPF_MAP_FREEZE = 0x16 + BPF_BTF_GET_NEXT_ID = 0x17 + BPF_MAP_LOOKUP_BATCH = 0x18 + BPF_MAP_LOOKUP_AND_DELETE_BATCH = 0x19 + BPF_MAP_UPDATE_BATCH = 0x1a + BPF_MAP_DELETE_BATCH = 0x1b + BPF_LINK_CREATE = 0x1c + BPF_LINK_UPDATE = 0x1d + BPF_LINK_GET_FD_BY_ID = 0x1e + BPF_LINK_GET_NEXT_ID = 0x1f + BPF_ENABLE_STATS = 0x20 + BPF_ITER_CREATE = 0x21 + BPF_LINK_DETACH = 0x22 + BPF_PROG_BIND_MAP = 0x23 + BPF_MAP_TYPE_UNSPEC = 0x0 + BPF_MAP_TYPE_HASH = 0x1 + BPF_MAP_TYPE_ARRAY = 0x2 + BPF_MAP_TYPE_PROG_ARRAY = 0x3 + BPF_MAP_TYPE_PERF_EVENT_ARRAY = 0x4 + BPF_MAP_TYPE_PERCPU_HASH = 0x5 + BPF_MAP_TYPE_PERCPU_ARRAY = 0x6 + BPF_MAP_TYPE_STACK_TRACE = 0x7 + BPF_MAP_TYPE_CGROUP_ARRAY = 0x8 + BPF_MAP_TYPE_LRU_HASH = 0x9 + BPF_MAP_TYPE_LRU_PERCPU_HASH = 0xa + BPF_MAP_TYPE_LPM_TRIE = 0xb + BPF_MAP_TYPE_ARRAY_OF_MAPS = 0xc + BPF_MAP_TYPE_HASH_OF_MAPS = 0xd + BPF_MAP_TYPE_DEVMAP = 0xe + BPF_MAP_TYPE_SOCKMAP = 0xf + BPF_MAP_TYPE_CPUMAP = 0x10 + BPF_MAP_TYPE_XSKMAP = 0x11 + BPF_MAP_TYPE_SOCKHASH = 0x12 + BPF_MAP_TYPE_CGROUP_STORAGE = 0x13 + BPF_MAP_TYPE_REUSEPORT_SOCKARRAY = 0x14 + BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE = 0x15 + BPF_MAP_TYPE_QUEUE = 0x16 + BPF_MAP_TYPE_STACK = 0x17 + BPF_MAP_TYPE_SK_STORAGE = 0x18 + BPF_MAP_TYPE_DEVMAP_HASH = 0x19 + BPF_MAP_TYPE_STRUCT_OPS = 0x1a + BPF_MAP_TYPE_RINGBUF = 0x1b + BPF_MAP_TYPE_INODE_STORAGE = 0x1c + BPF_PROG_TYPE_UNSPEC = 0x0 + BPF_PROG_TYPE_SOCKET_FILTER = 0x1 + BPF_PROG_TYPE_KPROBE = 0x2 + BPF_PROG_TYPE_SCHED_CLS = 0x3 + BPF_PROG_TYPE_SCHED_ACT = 0x4 + BPF_PROG_TYPE_TRACEPOINT = 0x5 + BPF_PROG_TYPE_XDP = 0x6 + BPF_PROG_TYPE_PERF_EVENT = 0x7 + BPF_PROG_TYPE_CGROUP_SKB = 0x8 + BPF_PROG_TYPE_CGROUP_SOCK = 0x9 + BPF_PROG_TYPE_LWT_IN = 0xa + BPF_PROG_TYPE_LWT_OUT = 0xb + BPF_PROG_TYPE_LWT_XMIT = 0xc + BPF_PROG_TYPE_SOCK_OPS = 0xd + BPF_PROG_TYPE_SK_SKB = 0xe + BPF_PROG_TYPE_CGROUP_DEVICE = 0xf + BPF_PROG_TYPE_SK_MSG = 0x10 + BPF_PROG_TYPE_RAW_TRACEPOINT = 0x11 + BPF_PROG_TYPE_CGROUP_SOCK_ADDR = 0x12 + BPF_PROG_TYPE_LWT_SEG6LOCAL = 0x13 + BPF_PROG_TYPE_LIRC_MODE2 = 0x14 + BPF_PROG_TYPE_SK_REUSEPORT = 0x15 + BPF_PROG_TYPE_FLOW_DISSECTOR = 0x16 + BPF_PROG_TYPE_CGROUP_SYSCTL = 0x17 + BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE = 0x18 + BPF_PROG_TYPE_CGROUP_SOCKOPT = 0x19 + BPF_PROG_TYPE_TRACING = 0x1a + BPF_PROG_TYPE_STRUCT_OPS = 0x1b + BPF_PROG_TYPE_EXT = 0x1c + BPF_PROG_TYPE_LSM = 0x1d + BPF_PROG_TYPE_SK_LOOKUP = 0x1e + BPF_CGROUP_INET_INGRESS = 0x0 + BPF_CGROUP_INET_EGRESS = 0x1 + BPF_CGROUP_INET_SOCK_CREATE = 0x2 + BPF_CGROUP_SOCK_OPS = 0x3 + BPF_SK_SKB_STREAM_PARSER = 0x4 + BPF_SK_SKB_STREAM_VERDICT = 0x5 + BPF_CGROUP_DEVICE = 0x6 + BPF_SK_MSG_VERDICT = 0x7 + BPF_CGROUP_INET4_BIND = 0x8 + BPF_CGROUP_INET6_BIND = 0x9 + BPF_CGROUP_INET4_CONNECT = 0xa + BPF_CGROUP_INET6_CONNECT = 0xb + BPF_CGROUP_INET4_POST_BIND = 0xc + BPF_CGROUP_INET6_POST_BIND = 0xd + BPF_CGROUP_UDP4_SENDMSG = 0xe + BPF_CGROUP_UDP6_SENDMSG = 0xf + BPF_LIRC_MODE2 = 0x10 + BPF_FLOW_DISSECTOR = 0x11 + BPF_CGROUP_SYSCTL = 0x12 + BPF_CGROUP_UDP4_RECVMSG = 0x13 + BPF_CGROUP_UDP6_RECVMSG = 0x14 + BPF_CGROUP_GETSOCKOPT = 0x15 + BPF_CGROUP_SETSOCKOPT = 0x16 + BPF_TRACE_RAW_TP = 0x17 + BPF_TRACE_FENTRY = 0x18 + BPF_TRACE_FEXIT = 0x19 + BPF_MODIFY_RETURN = 0x1a + BPF_LSM_MAC = 0x1b + BPF_TRACE_ITER = 0x1c + BPF_CGROUP_INET4_GETPEERNAME = 0x1d + BPF_CGROUP_INET6_GETPEERNAME = 0x1e + BPF_CGROUP_INET4_GETSOCKNAME = 0x1f + BPF_CGROUP_INET6_GETSOCKNAME = 0x20 + BPF_XDP_DEVMAP = 0x21 + BPF_CGROUP_INET_SOCK_RELEASE = 0x22 + BPF_XDP_CPUMAP = 0x23 + BPF_SK_LOOKUP = 0x24 + BPF_XDP = 0x25 + BPF_LINK_TYPE_UNSPEC = 0x0 + BPF_LINK_TYPE_RAW_TRACEPOINT = 0x1 + BPF_LINK_TYPE_TRACING = 0x2 + BPF_LINK_TYPE_CGROUP = 0x3 + BPF_LINK_TYPE_ITER = 0x4 + BPF_LINK_TYPE_NETNS = 0x5 + BPF_LINK_TYPE_XDP = 0x6 + BPF_ANY = 0x0 + BPF_NOEXIST = 0x1 + BPF_EXIST = 0x2 + BPF_F_LOCK = 0x4 + BPF_F_NO_PREALLOC = 0x1 + BPF_F_NO_COMMON_LRU = 0x2 + BPF_F_NUMA_NODE = 0x4 + BPF_F_RDONLY = 0x8 + BPF_F_WRONLY = 0x10 + BPF_F_STACK_BUILD_ID = 0x20 + BPF_F_ZERO_SEED = 0x40 + BPF_F_RDONLY_PROG = 0x80 + BPF_F_WRONLY_PROG = 0x100 + BPF_F_CLONE = 0x200 + BPF_F_MMAPABLE = 0x400 + BPF_F_PRESERVE_ELEMS = 0x800 + BPF_F_INNER_MAP = 0x1000 + BPF_STATS_RUN_TIME = 0x0 + BPF_STACK_BUILD_ID_EMPTY = 0x0 + BPF_STACK_BUILD_ID_VALID = 0x1 + BPF_STACK_BUILD_ID_IP = 0x2 + BPF_F_RECOMPUTE_CSUM = 0x1 + BPF_F_INVALIDATE_HASH = 0x2 + BPF_F_HDR_FIELD_MASK = 0xf + BPF_F_PSEUDO_HDR = 0x10 + BPF_F_MARK_MANGLED_0 = 0x20 + BPF_F_MARK_ENFORCE = 0x40 + BPF_F_INGRESS = 0x1 + BPF_F_TUNINFO_IPV6 = 0x1 + BPF_F_SKIP_FIELD_MASK = 0xff + BPF_F_USER_STACK = 0x100 + BPF_F_FAST_STACK_CMP = 0x200 + BPF_F_REUSE_STACKID = 0x400 + BPF_F_USER_BUILD_ID = 0x800 + BPF_F_ZERO_CSUM_TX = 0x2 + BPF_F_DONT_FRAGMENT = 0x4 + BPF_F_SEQ_NUMBER = 0x8 + BPF_F_INDEX_MASK = 0xffffffff + BPF_F_CURRENT_CPU = 0xffffffff + BPF_F_CTXLEN_MASK = 0xfffff00000000 + BPF_F_CURRENT_NETNS = -0x1 + BPF_CSUM_LEVEL_QUERY = 0x0 + BPF_CSUM_LEVEL_INC = 0x1 + BPF_CSUM_LEVEL_DEC = 0x2 + BPF_CSUM_LEVEL_RESET = 0x3 + BPF_F_ADJ_ROOM_FIXED_GSO = 0x1 + BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 = 0x2 + BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 = 0x4 + BPF_F_ADJ_ROOM_ENCAP_L4_GRE = 0x8 + BPF_F_ADJ_ROOM_ENCAP_L4_UDP = 0x10 + BPF_F_ADJ_ROOM_NO_CSUM_RESET = 0x20 + BPF_ADJ_ROOM_ENCAP_L2_MASK = 0xff + BPF_ADJ_ROOM_ENCAP_L2_SHIFT = 0x38 + BPF_F_SYSCTL_BASE_NAME = 0x1 + BPF_LOCAL_STORAGE_GET_F_CREATE = 0x1 + BPF_SK_STORAGE_GET_F_CREATE = 0x1 + BPF_F_GET_BRANCH_RECORDS_SIZE = 0x1 + BPF_RB_NO_WAKEUP = 0x1 + BPF_RB_FORCE_WAKEUP = 0x2 + BPF_RB_AVAIL_DATA = 0x0 + BPF_RB_RING_SIZE = 0x1 + BPF_RB_CONS_POS = 0x2 + BPF_RB_PROD_POS = 0x3 + BPF_RINGBUF_BUSY_BIT = 0x80000000 + BPF_RINGBUF_DISCARD_BIT = 0x40000000 + BPF_RINGBUF_HDR_SZ = 0x8 + BPF_SK_LOOKUP_F_REPLACE = 0x1 + BPF_SK_LOOKUP_F_NO_REUSEPORT = 0x2 + BPF_ADJ_ROOM_NET = 0x0 + BPF_ADJ_ROOM_MAC = 0x1 + BPF_HDR_START_MAC = 0x0 + BPF_HDR_START_NET = 0x1 + BPF_LWT_ENCAP_SEG6 = 0x0 + BPF_LWT_ENCAP_SEG6_INLINE = 0x1 + BPF_LWT_ENCAP_IP = 0x2 + BPF_OK = 0x0 + BPF_DROP = 0x2 + BPF_REDIRECT = 0x7 + BPF_LWT_REROUTE = 0x80 + BPF_SOCK_OPS_RTO_CB_FLAG = 0x1 + BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2 + BPF_SOCK_OPS_STATE_CB_FLAG = 0x4 + BPF_SOCK_OPS_RTT_CB_FLAG = 0x8 + BPF_SOCK_OPS_PARSE_ALL_HDR_OPT_CB_FLAG = 0x10 + BPF_SOCK_OPS_PARSE_UNKNOWN_HDR_OPT_CB_FLAG = 0x20 + BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG = 0x40 + BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7f + BPF_SOCK_OPS_VOID = 0x0 + BPF_SOCK_OPS_TIMEOUT_INIT = 0x1 + BPF_SOCK_OPS_RWND_INIT = 0x2 + BPF_SOCK_OPS_TCP_CONNECT_CB = 0x3 + BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB = 0x4 + BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB = 0x5 + BPF_SOCK_OPS_NEEDS_ECN = 0x6 + BPF_SOCK_OPS_BASE_RTT = 0x7 + BPF_SOCK_OPS_RTO_CB = 0x8 + BPF_SOCK_OPS_RETRANS_CB = 0x9 + BPF_SOCK_OPS_STATE_CB = 0xa + BPF_SOCK_OPS_TCP_LISTEN_CB = 0xb + BPF_SOCK_OPS_RTT_CB = 0xc + BPF_SOCK_OPS_PARSE_HDR_OPT_CB = 0xd + BPF_SOCK_OPS_HDR_OPT_LEN_CB = 0xe + BPF_SOCK_OPS_WRITE_HDR_OPT_CB = 0xf + BPF_TCP_ESTABLISHED = 0x1 + BPF_TCP_SYN_SENT = 0x2 + BPF_TCP_SYN_RECV = 0x3 + BPF_TCP_FIN_WAIT1 = 0x4 + BPF_TCP_FIN_WAIT2 = 0x5 + BPF_TCP_TIME_WAIT = 0x6 + BPF_TCP_CLOSE = 0x7 + BPF_TCP_CLOSE_WAIT = 0x8 + BPF_TCP_LAST_ACK = 0x9 + BPF_TCP_LISTEN = 0xa + BPF_TCP_CLOSING = 0xb + BPF_TCP_NEW_SYN_RECV = 0xc + BPF_TCP_MAX_STATES = 0xd + TCP_BPF_IW = 0x3e9 + TCP_BPF_SNDCWND_CLAMP = 0x3ea + TCP_BPF_DELACK_MAX = 0x3eb + TCP_BPF_RTO_MIN = 0x3ec + TCP_BPF_SYN = 0x3ed + TCP_BPF_SYN_IP = 0x3ee + TCP_BPF_SYN_MAC = 0x3ef + BPF_LOAD_HDR_OPT_TCP_SYN = 0x1 + BPF_WRITE_HDR_TCP_CURRENT_MSS = 0x1 + BPF_WRITE_HDR_TCP_SYNACK_COOKIE = 0x2 + BPF_DEVCG_ACC_MKNOD = 0x1 + BPF_DEVCG_ACC_READ = 0x2 + BPF_DEVCG_ACC_WRITE = 0x4 + BPF_DEVCG_DEV_BLOCK = 0x1 + BPF_DEVCG_DEV_CHAR = 0x2 + BPF_FIB_LOOKUP_DIRECT = 0x1 + BPF_FIB_LOOKUP_OUTPUT = 0x2 + BPF_FIB_LKUP_RET_SUCCESS = 0x0 + BPF_FIB_LKUP_RET_BLACKHOLE = 0x1 + BPF_FIB_LKUP_RET_UNREACHABLE = 0x2 + BPF_FIB_LKUP_RET_PROHIBIT = 0x3 + BPF_FIB_LKUP_RET_NOT_FWDED = 0x4 + BPF_FIB_LKUP_RET_FWD_DISABLED = 0x5 + BPF_FIB_LKUP_RET_UNSUPP_LWT = 0x6 + BPF_FIB_LKUP_RET_NO_NEIGH = 0x7 + BPF_FIB_LKUP_RET_FRAG_NEEDED = 0x8 + BPF_FD_TYPE_RAW_TRACEPOINT = 0x0 + BPF_FD_TYPE_TRACEPOINT = 0x1 + BPF_FD_TYPE_KPROBE = 0x2 + BPF_FD_TYPE_KRETPROBE = 0x3 + BPF_FD_TYPE_UPROBE = 0x4 + BPF_FD_TYPE_URETPROBE = 0x5 + BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG = 0x1 + BPF_FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL = 0x2 + BPF_FLOW_DISSECTOR_F_STOP_AT_ENCAP = 0x4 ) const ( @@ -2356,6 +2718,7 @@ const ( RTNLGRP_IPV4_MROUTE_R = 0x1e RTNLGRP_IPV6_MROUTE_R = 0x1f RTNLGRP_NEXTHOP = 0x20 + RTNLGRP_BRVLAN = 0x21 ) type CapUserHeader struct { @@ -2450,132 +2813,317 @@ const ( ) const ( - DEVLINK_CMD_UNSPEC = 0x0 - DEVLINK_CMD_GET = 0x1 - DEVLINK_CMD_SET = 0x2 - DEVLINK_CMD_NEW = 0x3 - DEVLINK_CMD_DEL = 0x4 - DEVLINK_CMD_PORT_GET = 0x5 - DEVLINK_CMD_PORT_SET = 0x6 - DEVLINK_CMD_PORT_NEW = 0x7 - DEVLINK_CMD_PORT_DEL = 0x8 - DEVLINK_CMD_PORT_SPLIT = 0x9 - DEVLINK_CMD_PORT_UNSPLIT = 0xa - DEVLINK_CMD_SB_GET = 0xb - DEVLINK_CMD_SB_SET = 0xc - DEVLINK_CMD_SB_NEW = 0xd - DEVLINK_CMD_SB_DEL = 0xe - DEVLINK_CMD_SB_POOL_GET = 0xf - DEVLINK_CMD_SB_POOL_SET = 0x10 - DEVLINK_CMD_SB_POOL_NEW = 0x11 - DEVLINK_CMD_SB_POOL_DEL = 0x12 - DEVLINK_CMD_SB_PORT_POOL_GET = 0x13 - DEVLINK_CMD_SB_PORT_POOL_SET = 0x14 - DEVLINK_CMD_SB_PORT_POOL_NEW = 0x15 - DEVLINK_CMD_SB_PORT_POOL_DEL = 0x16 - DEVLINK_CMD_SB_TC_POOL_BIND_GET = 0x17 - DEVLINK_CMD_SB_TC_POOL_BIND_SET = 0x18 - DEVLINK_CMD_SB_TC_POOL_BIND_NEW = 0x19 - DEVLINK_CMD_SB_TC_POOL_BIND_DEL = 0x1a - DEVLINK_CMD_SB_OCC_SNAPSHOT = 0x1b - DEVLINK_CMD_SB_OCC_MAX_CLEAR = 0x1c - DEVLINK_CMD_ESWITCH_GET = 0x1d - DEVLINK_CMD_ESWITCH_SET = 0x1e - DEVLINK_CMD_DPIPE_TABLE_GET = 0x1f - DEVLINK_CMD_DPIPE_ENTRIES_GET = 0x20 - DEVLINK_CMD_DPIPE_HEADERS_GET = 0x21 - DEVLINK_CMD_DPIPE_TABLE_COUNTERS_SET = 0x22 - DEVLINK_CMD_MAX = 0x48 - DEVLINK_PORT_TYPE_NOTSET = 0x0 - DEVLINK_PORT_TYPE_AUTO = 0x1 - DEVLINK_PORT_TYPE_ETH = 0x2 - DEVLINK_PORT_TYPE_IB = 0x3 - DEVLINK_SB_POOL_TYPE_INGRESS = 0x0 - DEVLINK_SB_POOL_TYPE_EGRESS = 0x1 - DEVLINK_SB_THRESHOLD_TYPE_STATIC = 0x0 - DEVLINK_SB_THRESHOLD_TYPE_DYNAMIC = 0x1 - DEVLINK_ESWITCH_MODE_LEGACY = 0x0 - DEVLINK_ESWITCH_MODE_SWITCHDEV = 0x1 - DEVLINK_ESWITCH_INLINE_MODE_NONE = 0x0 - DEVLINK_ESWITCH_INLINE_MODE_LINK = 0x1 - DEVLINK_ESWITCH_INLINE_MODE_NETWORK = 0x2 - DEVLINK_ESWITCH_INLINE_MODE_TRANSPORT = 0x3 - DEVLINK_ESWITCH_ENCAP_MODE_NONE = 0x0 - DEVLINK_ESWITCH_ENCAP_MODE_BASIC = 0x1 - DEVLINK_ATTR_UNSPEC = 0x0 - DEVLINK_ATTR_BUS_NAME = 0x1 - DEVLINK_ATTR_DEV_NAME = 0x2 - DEVLINK_ATTR_PORT_INDEX = 0x3 - DEVLINK_ATTR_PORT_TYPE = 0x4 - DEVLINK_ATTR_PORT_DESIRED_TYPE = 0x5 - DEVLINK_ATTR_PORT_NETDEV_IFINDEX = 0x6 - DEVLINK_ATTR_PORT_NETDEV_NAME = 0x7 - DEVLINK_ATTR_PORT_IBDEV_NAME = 0x8 - DEVLINK_ATTR_PORT_SPLIT_COUNT = 0x9 - DEVLINK_ATTR_PORT_SPLIT_GROUP = 0xa - DEVLINK_ATTR_SB_INDEX = 0xb - DEVLINK_ATTR_SB_SIZE = 0xc - DEVLINK_ATTR_SB_INGRESS_POOL_COUNT = 0xd - DEVLINK_ATTR_SB_EGRESS_POOL_COUNT = 0xe - DEVLINK_ATTR_SB_INGRESS_TC_COUNT = 0xf - DEVLINK_ATTR_SB_EGRESS_TC_COUNT = 0x10 - DEVLINK_ATTR_SB_POOL_INDEX = 0x11 - DEVLINK_ATTR_SB_POOL_TYPE = 0x12 - DEVLINK_ATTR_SB_POOL_SIZE = 0x13 - DEVLINK_ATTR_SB_POOL_THRESHOLD_TYPE = 0x14 - DEVLINK_ATTR_SB_THRESHOLD = 0x15 - DEVLINK_ATTR_SB_TC_INDEX = 0x16 - DEVLINK_ATTR_SB_OCC_CUR = 0x17 - DEVLINK_ATTR_SB_OCC_MAX = 0x18 - DEVLINK_ATTR_ESWITCH_MODE = 0x19 - DEVLINK_ATTR_ESWITCH_INLINE_MODE = 0x1a - DEVLINK_ATTR_DPIPE_TABLES = 0x1b - DEVLINK_ATTR_DPIPE_TABLE = 0x1c - DEVLINK_ATTR_DPIPE_TABLE_NAME = 0x1d - DEVLINK_ATTR_DPIPE_TABLE_SIZE = 0x1e - DEVLINK_ATTR_DPIPE_TABLE_MATCHES = 0x1f - DEVLINK_ATTR_DPIPE_TABLE_ACTIONS = 0x20 - DEVLINK_ATTR_DPIPE_TABLE_COUNTERS_ENABLED = 0x21 - DEVLINK_ATTR_DPIPE_ENTRIES = 0x22 - DEVLINK_ATTR_DPIPE_ENTRY = 0x23 - DEVLINK_ATTR_DPIPE_ENTRY_INDEX = 0x24 - DEVLINK_ATTR_DPIPE_ENTRY_MATCH_VALUES = 0x25 - DEVLINK_ATTR_DPIPE_ENTRY_ACTION_VALUES = 0x26 - DEVLINK_ATTR_DPIPE_ENTRY_COUNTER = 0x27 - DEVLINK_ATTR_DPIPE_MATCH = 0x28 - DEVLINK_ATTR_DPIPE_MATCH_VALUE = 0x29 - DEVLINK_ATTR_DPIPE_MATCH_TYPE = 0x2a - DEVLINK_ATTR_DPIPE_ACTION = 0x2b - DEVLINK_ATTR_DPIPE_ACTION_VALUE = 0x2c - DEVLINK_ATTR_DPIPE_ACTION_TYPE = 0x2d - DEVLINK_ATTR_DPIPE_VALUE = 0x2e - DEVLINK_ATTR_DPIPE_VALUE_MASK = 0x2f - DEVLINK_ATTR_DPIPE_VALUE_MAPPING = 0x30 - DEVLINK_ATTR_DPIPE_HEADERS = 0x31 - DEVLINK_ATTR_DPIPE_HEADER = 0x32 - DEVLINK_ATTR_DPIPE_HEADER_NAME = 0x33 - DEVLINK_ATTR_DPIPE_HEADER_ID = 0x34 - DEVLINK_ATTR_DPIPE_HEADER_FIELDS = 0x35 - DEVLINK_ATTR_DPIPE_HEADER_GLOBAL = 0x36 - DEVLINK_ATTR_DPIPE_HEADER_INDEX = 0x37 - DEVLINK_ATTR_DPIPE_FIELD = 0x38 - DEVLINK_ATTR_DPIPE_FIELD_NAME = 0x39 - DEVLINK_ATTR_DPIPE_FIELD_ID = 0x3a - DEVLINK_ATTR_DPIPE_FIELD_BITWIDTH = 0x3b - DEVLINK_ATTR_DPIPE_FIELD_MAPPING_TYPE = 0x3c - DEVLINK_ATTR_PAD = 0x3d - DEVLINK_ATTR_ESWITCH_ENCAP_MODE = 0x3e - DEVLINK_ATTR_MAX = 0x94 - DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE = 0x0 - DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX = 0x1 - DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT = 0x0 - DEVLINK_DPIPE_ACTION_TYPE_FIELD_MODIFY = 0x0 - DEVLINK_DPIPE_FIELD_ETHERNET_DST_MAC = 0x0 - DEVLINK_DPIPE_FIELD_IPV4_DST_IP = 0x0 - DEVLINK_DPIPE_FIELD_IPV6_DST_IP = 0x0 - DEVLINK_DPIPE_HEADER_ETHERNET = 0x0 - DEVLINK_DPIPE_HEADER_IPV4 = 0x1 - DEVLINK_DPIPE_HEADER_IPV6 = 0x2 + DEVLINK_CMD_UNSPEC = 0x0 + DEVLINK_CMD_GET = 0x1 + DEVLINK_CMD_SET = 0x2 + DEVLINK_CMD_NEW = 0x3 + DEVLINK_CMD_DEL = 0x4 + DEVLINK_CMD_PORT_GET = 0x5 + DEVLINK_CMD_PORT_SET = 0x6 + DEVLINK_CMD_PORT_NEW = 0x7 + DEVLINK_CMD_PORT_DEL = 0x8 + DEVLINK_CMD_PORT_SPLIT = 0x9 + DEVLINK_CMD_PORT_UNSPLIT = 0xa + DEVLINK_CMD_SB_GET = 0xb + DEVLINK_CMD_SB_SET = 0xc + DEVLINK_CMD_SB_NEW = 0xd + DEVLINK_CMD_SB_DEL = 0xe + DEVLINK_CMD_SB_POOL_GET = 0xf + DEVLINK_CMD_SB_POOL_SET = 0x10 + DEVLINK_CMD_SB_POOL_NEW = 0x11 + DEVLINK_CMD_SB_POOL_DEL = 0x12 + DEVLINK_CMD_SB_PORT_POOL_GET = 0x13 + DEVLINK_CMD_SB_PORT_POOL_SET = 0x14 + DEVLINK_CMD_SB_PORT_POOL_NEW = 0x15 + DEVLINK_CMD_SB_PORT_POOL_DEL = 0x16 + DEVLINK_CMD_SB_TC_POOL_BIND_GET = 0x17 + DEVLINK_CMD_SB_TC_POOL_BIND_SET = 0x18 + DEVLINK_CMD_SB_TC_POOL_BIND_NEW = 0x19 + DEVLINK_CMD_SB_TC_POOL_BIND_DEL = 0x1a + DEVLINK_CMD_SB_OCC_SNAPSHOT = 0x1b + DEVLINK_CMD_SB_OCC_MAX_CLEAR = 0x1c + DEVLINK_CMD_ESWITCH_GET = 0x1d + DEVLINK_CMD_ESWITCH_SET = 0x1e + DEVLINK_CMD_DPIPE_TABLE_GET = 0x1f + DEVLINK_CMD_DPIPE_ENTRIES_GET = 0x20 + DEVLINK_CMD_DPIPE_HEADERS_GET = 0x21 + DEVLINK_CMD_DPIPE_TABLE_COUNTERS_SET = 0x22 + DEVLINK_CMD_RESOURCE_SET = 0x23 + DEVLINK_CMD_RESOURCE_DUMP = 0x24 + DEVLINK_CMD_RELOAD = 0x25 + DEVLINK_CMD_PARAM_GET = 0x26 + DEVLINK_CMD_PARAM_SET = 0x27 + DEVLINK_CMD_PARAM_NEW = 0x28 + DEVLINK_CMD_PARAM_DEL = 0x29 + DEVLINK_CMD_REGION_GET = 0x2a + DEVLINK_CMD_REGION_SET = 0x2b + DEVLINK_CMD_REGION_NEW = 0x2c + DEVLINK_CMD_REGION_DEL = 0x2d + DEVLINK_CMD_REGION_READ = 0x2e + DEVLINK_CMD_PORT_PARAM_GET = 0x2f + DEVLINK_CMD_PORT_PARAM_SET = 0x30 + DEVLINK_CMD_PORT_PARAM_NEW = 0x31 + DEVLINK_CMD_PORT_PARAM_DEL = 0x32 + DEVLINK_CMD_INFO_GET = 0x33 + DEVLINK_CMD_HEALTH_REPORTER_GET = 0x34 + DEVLINK_CMD_HEALTH_REPORTER_SET = 0x35 + DEVLINK_CMD_HEALTH_REPORTER_RECOVER = 0x36 + DEVLINK_CMD_HEALTH_REPORTER_DIAGNOSE = 0x37 + DEVLINK_CMD_HEALTH_REPORTER_DUMP_GET = 0x38 + DEVLINK_CMD_HEALTH_REPORTER_DUMP_CLEAR = 0x39 + DEVLINK_CMD_FLASH_UPDATE = 0x3a + DEVLINK_CMD_FLASH_UPDATE_END = 0x3b + DEVLINK_CMD_FLASH_UPDATE_STATUS = 0x3c + DEVLINK_CMD_TRAP_GET = 0x3d + DEVLINK_CMD_TRAP_SET = 0x3e + DEVLINK_CMD_TRAP_NEW = 0x3f + DEVLINK_CMD_TRAP_DEL = 0x40 + DEVLINK_CMD_TRAP_GROUP_GET = 0x41 + DEVLINK_CMD_TRAP_GROUP_SET = 0x42 + DEVLINK_CMD_TRAP_GROUP_NEW = 0x43 + DEVLINK_CMD_TRAP_GROUP_DEL = 0x44 + DEVLINK_CMD_TRAP_POLICER_GET = 0x45 + DEVLINK_CMD_TRAP_POLICER_SET = 0x46 + DEVLINK_CMD_TRAP_POLICER_NEW = 0x47 + DEVLINK_CMD_TRAP_POLICER_DEL = 0x48 + DEVLINK_CMD_HEALTH_REPORTER_TEST = 0x49 + DEVLINK_CMD_MAX = 0x49 + DEVLINK_PORT_TYPE_NOTSET = 0x0 + DEVLINK_PORT_TYPE_AUTO = 0x1 + DEVLINK_PORT_TYPE_ETH = 0x2 + DEVLINK_PORT_TYPE_IB = 0x3 + DEVLINK_SB_POOL_TYPE_INGRESS = 0x0 + DEVLINK_SB_POOL_TYPE_EGRESS = 0x1 + DEVLINK_SB_THRESHOLD_TYPE_STATIC = 0x0 + DEVLINK_SB_THRESHOLD_TYPE_DYNAMIC = 0x1 + DEVLINK_ESWITCH_MODE_LEGACY = 0x0 + DEVLINK_ESWITCH_MODE_SWITCHDEV = 0x1 + DEVLINK_ESWITCH_INLINE_MODE_NONE = 0x0 + DEVLINK_ESWITCH_INLINE_MODE_LINK = 0x1 + DEVLINK_ESWITCH_INLINE_MODE_NETWORK = 0x2 + DEVLINK_ESWITCH_INLINE_MODE_TRANSPORT = 0x3 + DEVLINK_ESWITCH_ENCAP_MODE_NONE = 0x0 + DEVLINK_ESWITCH_ENCAP_MODE_BASIC = 0x1 + DEVLINK_PORT_FLAVOUR_PHYSICAL = 0x0 + DEVLINK_PORT_FLAVOUR_CPU = 0x1 + DEVLINK_PORT_FLAVOUR_DSA = 0x2 + DEVLINK_PORT_FLAVOUR_PCI_PF = 0x3 + DEVLINK_PORT_FLAVOUR_PCI_VF = 0x4 + DEVLINK_PORT_FLAVOUR_VIRTUAL = 0x5 + DEVLINK_PORT_FLAVOUR_UNUSED = 0x6 + DEVLINK_PARAM_CMODE_RUNTIME = 0x0 + DEVLINK_PARAM_CMODE_DRIVERINIT = 0x1 + DEVLINK_PARAM_CMODE_PERMANENT = 0x2 + DEVLINK_PARAM_CMODE_MAX = 0x2 + DEVLINK_PARAM_FW_LOAD_POLICY_VALUE_DRIVER = 0x0 + DEVLINK_PARAM_FW_LOAD_POLICY_VALUE_FLASH = 0x1 + DEVLINK_PARAM_FW_LOAD_POLICY_VALUE_DISK = 0x2 + DEVLINK_PARAM_FW_LOAD_POLICY_VALUE_UNKNOWN = 0x3 + DEVLINK_PARAM_RESET_DEV_ON_DRV_PROBE_VALUE_UNKNOWN = 0x0 + DEVLINK_PARAM_RESET_DEV_ON_DRV_PROBE_VALUE_ALWAYS = 0x1 + DEVLINK_PARAM_RESET_DEV_ON_DRV_PROBE_VALUE_NEVER = 0x2 + DEVLINK_PARAM_RESET_DEV_ON_DRV_PROBE_VALUE_DISK = 0x3 + DEVLINK_ATTR_STATS_RX_PACKETS = 0x0 + DEVLINK_ATTR_STATS_RX_BYTES = 0x1 + DEVLINK_ATTR_STATS_RX_DROPPED = 0x2 + DEVLINK_ATTR_STATS_MAX = 0x2 + DEVLINK_FLASH_OVERWRITE_SETTINGS_BIT = 0x0 + DEVLINK_FLASH_OVERWRITE_IDENTIFIERS_BIT = 0x1 + DEVLINK_FLASH_OVERWRITE_MAX_BIT = 0x1 + DEVLINK_TRAP_ACTION_DROP = 0x0 + DEVLINK_TRAP_ACTION_TRAP = 0x1 + DEVLINK_TRAP_ACTION_MIRROR = 0x2 + DEVLINK_TRAP_TYPE_DROP = 0x0 + DEVLINK_TRAP_TYPE_EXCEPTION = 0x1 + DEVLINK_TRAP_TYPE_CONTROL = 0x2 + DEVLINK_ATTR_TRAP_METADATA_TYPE_IN_PORT = 0x0 + DEVLINK_ATTR_TRAP_METADATA_TYPE_FA_COOKIE = 0x1 + DEVLINK_RELOAD_ACTION_UNSPEC = 0x0 + DEVLINK_RELOAD_ACTION_DRIVER_REINIT = 0x1 + DEVLINK_RELOAD_ACTION_FW_ACTIVATE = 0x2 + DEVLINK_RELOAD_ACTION_MAX = 0x2 + DEVLINK_RELOAD_LIMIT_UNSPEC = 0x0 + DEVLINK_RELOAD_LIMIT_NO_RESET = 0x1 + DEVLINK_RELOAD_LIMIT_MAX = 0x1 + DEVLINK_ATTR_UNSPEC = 0x0 + DEVLINK_ATTR_BUS_NAME = 0x1 + DEVLINK_ATTR_DEV_NAME = 0x2 + DEVLINK_ATTR_PORT_INDEX = 0x3 + DEVLINK_ATTR_PORT_TYPE = 0x4 + DEVLINK_ATTR_PORT_DESIRED_TYPE = 0x5 + DEVLINK_ATTR_PORT_NETDEV_IFINDEX = 0x6 + DEVLINK_ATTR_PORT_NETDEV_NAME = 0x7 + DEVLINK_ATTR_PORT_IBDEV_NAME = 0x8 + DEVLINK_ATTR_PORT_SPLIT_COUNT = 0x9 + DEVLINK_ATTR_PORT_SPLIT_GROUP = 0xa + DEVLINK_ATTR_SB_INDEX = 0xb + DEVLINK_ATTR_SB_SIZE = 0xc + DEVLINK_ATTR_SB_INGRESS_POOL_COUNT = 0xd + DEVLINK_ATTR_SB_EGRESS_POOL_COUNT = 0xe + DEVLINK_ATTR_SB_INGRESS_TC_COUNT = 0xf + DEVLINK_ATTR_SB_EGRESS_TC_COUNT = 0x10 + DEVLINK_ATTR_SB_POOL_INDEX = 0x11 + DEVLINK_ATTR_SB_POOL_TYPE = 0x12 + DEVLINK_ATTR_SB_POOL_SIZE = 0x13 + DEVLINK_ATTR_SB_POOL_THRESHOLD_TYPE = 0x14 + DEVLINK_ATTR_SB_THRESHOLD = 0x15 + DEVLINK_ATTR_SB_TC_INDEX = 0x16 + DEVLINK_ATTR_SB_OCC_CUR = 0x17 + DEVLINK_ATTR_SB_OCC_MAX = 0x18 + DEVLINK_ATTR_ESWITCH_MODE = 0x19 + DEVLINK_ATTR_ESWITCH_INLINE_MODE = 0x1a + DEVLINK_ATTR_DPIPE_TABLES = 0x1b + DEVLINK_ATTR_DPIPE_TABLE = 0x1c + DEVLINK_ATTR_DPIPE_TABLE_NAME = 0x1d + DEVLINK_ATTR_DPIPE_TABLE_SIZE = 0x1e + DEVLINK_ATTR_DPIPE_TABLE_MATCHES = 0x1f + DEVLINK_ATTR_DPIPE_TABLE_ACTIONS = 0x20 + DEVLINK_ATTR_DPIPE_TABLE_COUNTERS_ENABLED = 0x21 + DEVLINK_ATTR_DPIPE_ENTRIES = 0x22 + DEVLINK_ATTR_DPIPE_ENTRY = 0x23 + DEVLINK_ATTR_DPIPE_ENTRY_INDEX = 0x24 + DEVLINK_ATTR_DPIPE_ENTRY_MATCH_VALUES = 0x25 + DEVLINK_ATTR_DPIPE_ENTRY_ACTION_VALUES = 0x26 + DEVLINK_ATTR_DPIPE_ENTRY_COUNTER = 0x27 + DEVLINK_ATTR_DPIPE_MATCH = 0x28 + DEVLINK_ATTR_DPIPE_MATCH_VALUE = 0x29 + DEVLINK_ATTR_DPIPE_MATCH_TYPE = 0x2a + DEVLINK_ATTR_DPIPE_ACTION = 0x2b + DEVLINK_ATTR_DPIPE_ACTION_VALUE = 0x2c + DEVLINK_ATTR_DPIPE_ACTION_TYPE = 0x2d + DEVLINK_ATTR_DPIPE_VALUE = 0x2e + DEVLINK_ATTR_DPIPE_VALUE_MASK = 0x2f + DEVLINK_ATTR_DPIPE_VALUE_MAPPING = 0x30 + DEVLINK_ATTR_DPIPE_HEADERS = 0x31 + DEVLINK_ATTR_DPIPE_HEADER = 0x32 + DEVLINK_ATTR_DPIPE_HEADER_NAME = 0x33 + DEVLINK_ATTR_DPIPE_HEADER_ID = 0x34 + DEVLINK_ATTR_DPIPE_HEADER_FIELDS = 0x35 + DEVLINK_ATTR_DPIPE_HEADER_GLOBAL = 0x36 + DEVLINK_ATTR_DPIPE_HEADER_INDEX = 0x37 + DEVLINK_ATTR_DPIPE_FIELD = 0x38 + DEVLINK_ATTR_DPIPE_FIELD_NAME = 0x39 + DEVLINK_ATTR_DPIPE_FIELD_ID = 0x3a + DEVLINK_ATTR_DPIPE_FIELD_BITWIDTH = 0x3b + DEVLINK_ATTR_DPIPE_FIELD_MAPPING_TYPE = 0x3c + DEVLINK_ATTR_PAD = 0x3d + DEVLINK_ATTR_ESWITCH_ENCAP_MODE = 0x3e + DEVLINK_ATTR_RESOURCE_LIST = 0x3f + DEVLINK_ATTR_RESOURCE = 0x40 + DEVLINK_ATTR_RESOURCE_NAME = 0x41 + DEVLINK_ATTR_RESOURCE_ID = 0x42 + DEVLINK_ATTR_RESOURCE_SIZE = 0x43 + DEVLINK_ATTR_RESOURCE_SIZE_NEW = 0x44 + DEVLINK_ATTR_RESOURCE_SIZE_VALID = 0x45 + DEVLINK_ATTR_RESOURCE_SIZE_MIN = 0x46 + DEVLINK_ATTR_RESOURCE_SIZE_MAX = 0x47 + DEVLINK_ATTR_RESOURCE_SIZE_GRAN = 0x48 + DEVLINK_ATTR_RESOURCE_UNIT = 0x49 + DEVLINK_ATTR_RESOURCE_OCC = 0x4a + DEVLINK_ATTR_DPIPE_TABLE_RESOURCE_ID = 0x4b + DEVLINK_ATTR_DPIPE_TABLE_RESOURCE_UNITS = 0x4c + DEVLINK_ATTR_PORT_FLAVOUR = 0x4d + DEVLINK_ATTR_PORT_NUMBER = 0x4e + DEVLINK_ATTR_PORT_SPLIT_SUBPORT_NUMBER = 0x4f + DEVLINK_ATTR_PARAM = 0x50 + DEVLINK_ATTR_PARAM_NAME = 0x51 + DEVLINK_ATTR_PARAM_GENERIC = 0x52 + DEVLINK_ATTR_PARAM_TYPE = 0x53 + DEVLINK_ATTR_PARAM_VALUES_LIST = 0x54 + DEVLINK_ATTR_PARAM_VALUE = 0x55 + DEVLINK_ATTR_PARAM_VALUE_DATA = 0x56 + DEVLINK_ATTR_PARAM_VALUE_CMODE = 0x57 + DEVLINK_ATTR_REGION_NAME = 0x58 + DEVLINK_ATTR_REGION_SIZE = 0x59 + DEVLINK_ATTR_REGION_SNAPSHOTS = 0x5a + DEVLINK_ATTR_REGION_SNAPSHOT = 0x5b + DEVLINK_ATTR_REGION_SNAPSHOT_ID = 0x5c + DEVLINK_ATTR_REGION_CHUNKS = 0x5d + DEVLINK_ATTR_REGION_CHUNK = 0x5e + DEVLINK_ATTR_REGION_CHUNK_DATA = 0x5f + DEVLINK_ATTR_REGION_CHUNK_ADDR = 0x60 + DEVLINK_ATTR_REGION_CHUNK_LEN = 0x61 + DEVLINK_ATTR_INFO_DRIVER_NAME = 0x62 + DEVLINK_ATTR_INFO_SERIAL_NUMBER = 0x63 + DEVLINK_ATTR_INFO_VERSION_FIXED = 0x64 + DEVLINK_ATTR_INFO_VERSION_RUNNING = 0x65 + DEVLINK_ATTR_INFO_VERSION_STORED = 0x66 + DEVLINK_ATTR_INFO_VERSION_NAME = 0x67 + DEVLINK_ATTR_INFO_VERSION_VALUE = 0x68 + DEVLINK_ATTR_SB_POOL_CELL_SIZE = 0x69 + DEVLINK_ATTR_FMSG = 0x6a + DEVLINK_ATTR_FMSG_OBJ_NEST_START = 0x6b + DEVLINK_ATTR_FMSG_PAIR_NEST_START = 0x6c + DEVLINK_ATTR_FMSG_ARR_NEST_START = 0x6d + DEVLINK_ATTR_FMSG_NEST_END = 0x6e + DEVLINK_ATTR_FMSG_OBJ_NAME = 0x6f + DEVLINK_ATTR_FMSG_OBJ_VALUE_TYPE = 0x70 + DEVLINK_ATTR_FMSG_OBJ_VALUE_DATA = 0x71 + DEVLINK_ATTR_HEALTH_REPORTER = 0x72 + DEVLINK_ATTR_HEALTH_REPORTER_NAME = 0x73 + DEVLINK_ATTR_HEALTH_REPORTER_STATE = 0x74 + DEVLINK_ATTR_HEALTH_REPORTER_ERR_COUNT = 0x75 + DEVLINK_ATTR_HEALTH_REPORTER_RECOVER_COUNT = 0x76 + DEVLINK_ATTR_HEALTH_REPORTER_DUMP_TS = 0x77 + DEVLINK_ATTR_HEALTH_REPORTER_GRACEFUL_PERIOD = 0x78 + DEVLINK_ATTR_HEALTH_REPORTER_AUTO_RECOVER = 0x79 + DEVLINK_ATTR_FLASH_UPDATE_FILE_NAME = 0x7a + DEVLINK_ATTR_FLASH_UPDATE_COMPONENT = 0x7b + DEVLINK_ATTR_FLASH_UPDATE_STATUS_MSG = 0x7c + DEVLINK_ATTR_FLASH_UPDATE_STATUS_DONE = 0x7d + DEVLINK_ATTR_FLASH_UPDATE_STATUS_TOTAL = 0x7e + DEVLINK_ATTR_PORT_PCI_PF_NUMBER = 0x7f + DEVLINK_ATTR_PORT_PCI_VF_NUMBER = 0x80 + DEVLINK_ATTR_STATS = 0x81 + DEVLINK_ATTR_TRAP_NAME = 0x82 + DEVLINK_ATTR_TRAP_ACTION = 0x83 + DEVLINK_ATTR_TRAP_TYPE = 0x84 + DEVLINK_ATTR_TRAP_GENERIC = 0x85 + DEVLINK_ATTR_TRAP_METADATA = 0x86 + DEVLINK_ATTR_TRAP_GROUP_NAME = 0x87 + DEVLINK_ATTR_RELOAD_FAILED = 0x88 + DEVLINK_ATTR_HEALTH_REPORTER_DUMP_TS_NS = 0x89 + DEVLINK_ATTR_NETNS_FD = 0x8a + DEVLINK_ATTR_NETNS_PID = 0x8b + DEVLINK_ATTR_NETNS_ID = 0x8c + DEVLINK_ATTR_HEALTH_REPORTER_AUTO_DUMP = 0x8d + DEVLINK_ATTR_TRAP_POLICER_ID = 0x8e + DEVLINK_ATTR_TRAP_POLICER_RATE = 0x8f + DEVLINK_ATTR_TRAP_POLICER_BURST = 0x90 + DEVLINK_ATTR_PORT_FUNCTION = 0x91 + DEVLINK_ATTR_INFO_BOARD_SERIAL_NUMBER = 0x92 + DEVLINK_ATTR_PORT_LANES = 0x93 + DEVLINK_ATTR_PORT_SPLITTABLE = 0x94 + DEVLINK_ATTR_PORT_EXTERNAL = 0x95 + DEVLINK_ATTR_PORT_CONTROLLER_NUMBER = 0x96 + DEVLINK_ATTR_FLASH_UPDATE_STATUS_TIMEOUT = 0x97 + DEVLINK_ATTR_FLASH_UPDATE_OVERWRITE_MASK = 0x98 + DEVLINK_ATTR_RELOAD_ACTION = 0x99 + DEVLINK_ATTR_RELOAD_ACTIONS_PERFORMED = 0x9a + DEVLINK_ATTR_RELOAD_LIMITS = 0x9b + DEVLINK_ATTR_DEV_STATS = 0x9c + DEVLINK_ATTR_RELOAD_STATS = 0x9d + DEVLINK_ATTR_RELOAD_STATS_ENTRY = 0x9e + DEVLINK_ATTR_RELOAD_STATS_LIMIT = 0x9f + DEVLINK_ATTR_RELOAD_STATS_VALUE = 0xa0 + DEVLINK_ATTR_REMOTE_RELOAD_STATS = 0xa1 + DEVLINK_ATTR_RELOAD_ACTION_INFO = 0xa2 + DEVLINK_ATTR_RELOAD_ACTION_STATS = 0xa3 + DEVLINK_ATTR_MAX = 0xa3 + DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE = 0x0 + DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX = 0x1 + DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT = 0x0 + DEVLINK_DPIPE_ACTION_TYPE_FIELD_MODIFY = 0x0 + DEVLINK_DPIPE_FIELD_ETHERNET_DST_MAC = 0x0 + DEVLINK_DPIPE_FIELD_IPV4_DST_IP = 0x0 + DEVLINK_DPIPE_FIELD_IPV6_DST_IP = 0x0 + DEVLINK_DPIPE_HEADER_ETHERNET = 0x0 + DEVLINK_DPIPE_HEADER_IPV4 = 0x1 + DEVLINK_DPIPE_HEADER_IPV6 = 0x2 + DEVLINK_RESOURCE_UNIT_ENTRY = 0x0 + DEVLINK_PORT_FUNCTION_ATTR_UNSPEC = 0x0 + DEVLINK_PORT_FUNCTION_ATTR_HW_ADDR = 0x1 + DEVLINK_PORT_FUNCTION_ATTR_MAX = 0x1 ) type FsverityDigest struct { @@ -2638,3 +3186,497 @@ type WatchdogInfo struct { Version uint32 Identity [32]uint8 } + +type PPSFData struct { + Info PPSKInfo + Timeout PPSKTime +} + +type PPSKParams struct { + Api_version int32 + Mode int32 + Assert_off_tu PPSKTime + Clear_off_tu PPSKTime +} + +type PPSKTime struct { + Sec int64 + Nsec int32 + Flags uint32 +} + +const ( + LWTUNNEL_ENCAP_NONE = 0x0 + LWTUNNEL_ENCAP_MPLS = 0x1 + LWTUNNEL_ENCAP_IP = 0x2 + LWTUNNEL_ENCAP_ILA = 0x3 + LWTUNNEL_ENCAP_IP6 = 0x4 + LWTUNNEL_ENCAP_SEG6 = 0x5 + LWTUNNEL_ENCAP_BPF = 0x6 + LWTUNNEL_ENCAP_SEG6_LOCAL = 0x7 + LWTUNNEL_ENCAP_RPL = 0x8 + LWTUNNEL_ENCAP_MAX = 0x8 + + MPLS_IPTUNNEL_UNSPEC = 0x0 + MPLS_IPTUNNEL_DST = 0x1 + MPLS_IPTUNNEL_TTL = 0x2 + MPLS_IPTUNNEL_MAX = 0x2 +) + +const ( + ETHTOOL_ID_UNSPEC = 0x0 + ETHTOOL_RX_COPYBREAK = 0x1 + ETHTOOL_TX_COPYBREAK = 0x2 + ETHTOOL_PFC_PREVENTION_TOUT = 0x3 + ETHTOOL_TUNABLE_UNSPEC = 0x0 + ETHTOOL_TUNABLE_U8 = 0x1 + ETHTOOL_TUNABLE_U16 = 0x2 + ETHTOOL_TUNABLE_U32 = 0x3 + ETHTOOL_TUNABLE_U64 = 0x4 + ETHTOOL_TUNABLE_STRING = 0x5 + ETHTOOL_TUNABLE_S8 = 0x6 + ETHTOOL_TUNABLE_S16 = 0x7 + ETHTOOL_TUNABLE_S32 = 0x8 + ETHTOOL_TUNABLE_S64 = 0x9 + ETHTOOL_PHY_ID_UNSPEC = 0x0 + ETHTOOL_PHY_DOWNSHIFT = 0x1 + ETHTOOL_PHY_FAST_LINK_DOWN = 0x2 + ETHTOOL_PHY_EDPD = 0x3 + ETHTOOL_LINK_EXT_STATE_AUTONEG = 0x0 + ETHTOOL_LINK_EXT_STATE_LINK_TRAINING_FAILURE = 0x1 + ETHTOOL_LINK_EXT_STATE_LINK_LOGICAL_MISMATCH = 0x2 + ETHTOOL_LINK_EXT_STATE_BAD_SIGNAL_INTEGRITY = 0x3 + ETHTOOL_LINK_EXT_STATE_NO_CABLE = 0x4 + ETHTOOL_LINK_EXT_STATE_CABLE_ISSUE = 0x5 + ETHTOOL_LINK_EXT_STATE_EEPROM_ISSUE = 0x6 + ETHTOOL_LINK_EXT_STATE_CALIBRATION_FAILURE = 0x7 + ETHTOOL_LINK_EXT_STATE_POWER_BUDGET_EXCEEDED = 0x8 + ETHTOOL_LINK_EXT_STATE_OVERHEAT = 0x9 + ETHTOOL_LINK_EXT_SUBSTATE_AN_NO_PARTNER_DETECTED = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_AN_ACK_NOT_RECEIVED = 0x2 + ETHTOOL_LINK_EXT_SUBSTATE_AN_NEXT_PAGE_EXCHANGE_FAILED = 0x3 + ETHTOOL_LINK_EXT_SUBSTATE_AN_NO_PARTNER_DETECTED_FORCE_MODE = 0x4 + ETHTOOL_LINK_EXT_SUBSTATE_AN_FEC_MISMATCH_DURING_OVERRIDE = 0x5 + ETHTOOL_LINK_EXT_SUBSTATE_AN_NO_HCD = 0x6 + ETHTOOL_LINK_EXT_SUBSTATE_LT_KR_FRAME_LOCK_NOT_ACQUIRED = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_LT_KR_LINK_INHIBIT_TIMEOUT = 0x2 + ETHTOOL_LINK_EXT_SUBSTATE_LT_KR_LINK_PARTNER_DID_NOT_SET_RECEIVER_READY = 0x3 + ETHTOOL_LINK_EXT_SUBSTATE_LT_REMOTE_FAULT = 0x4 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_PCS_DID_NOT_ACQUIRE_BLOCK_LOCK = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_PCS_DID_NOT_ACQUIRE_AM_LOCK = 0x2 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_PCS_DID_NOT_GET_ALIGN_STATUS = 0x3 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_FC_FEC_IS_NOT_LOCKED = 0x4 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_RS_FEC_IS_NOT_LOCKED = 0x5 + ETHTOOL_LINK_EXT_SUBSTATE_BSI_LARGE_NUMBER_OF_PHYSICAL_ERRORS = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_BSI_UNSUPPORTED_RATE = 0x2 + ETHTOOL_LINK_EXT_SUBSTATE_CI_UNSUPPORTED_CABLE = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_CI_CABLE_TEST_FAILURE = 0x2 + ETHTOOL_FLASH_ALL_REGIONS = 0x0 + ETHTOOL_F_UNSUPPORTED__BIT = 0x0 + ETHTOOL_F_WISH__BIT = 0x1 + ETHTOOL_F_COMPAT__BIT = 0x2 + ETHTOOL_FEC_NONE_BIT = 0x0 + ETHTOOL_FEC_AUTO_BIT = 0x1 + ETHTOOL_FEC_OFF_BIT = 0x2 + ETHTOOL_FEC_RS_BIT = 0x3 + ETHTOOL_FEC_BASER_BIT = 0x4 + ETHTOOL_FEC_LLRS_BIT = 0x5 + ETHTOOL_LINK_MODE_10baseT_Half_BIT = 0x0 + ETHTOOL_LINK_MODE_10baseT_Full_BIT = 0x1 + ETHTOOL_LINK_MODE_100baseT_Half_BIT = 0x2 + ETHTOOL_LINK_MODE_100baseT_Full_BIT = 0x3 + ETHTOOL_LINK_MODE_1000baseT_Half_BIT = 0x4 + ETHTOOL_LINK_MODE_1000baseT_Full_BIT = 0x5 + ETHTOOL_LINK_MODE_Autoneg_BIT = 0x6 + ETHTOOL_LINK_MODE_TP_BIT = 0x7 + ETHTOOL_LINK_MODE_AUI_BIT = 0x8 + ETHTOOL_LINK_MODE_MII_BIT = 0x9 + ETHTOOL_LINK_MODE_FIBRE_BIT = 0xa + ETHTOOL_LINK_MODE_BNC_BIT = 0xb + ETHTOOL_LINK_MODE_10000baseT_Full_BIT = 0xc + ETHTOOL_LINK_MODE_Pause_BIT = 0xd + ETHTOOL_LINK_MODE_Asym_Pause_BIT = 0xe + ETHTOOL_LINK_MODE_2500baseX_Full_BIT = 0xf + ETHTOOL_LINK_MODE_Backplane_BIT = 0x10 + ETHTOOL_LINK_MODE_1000baseKX_Full_BIT = 0x11 + ETHTOOL_LINK_MODE_10000baseKX4_Full_BIT = 0x12 + ETHTOOL_LINK_MODE_10000baseKR_Full_BIT = 0x13 + ETHTOOL_LINK_MODE_10000baseR_FEC_BIT = 0x14 + ETHTOOL_LINK_MODE_20000baseMLD2_Full_BIT = 0x15 + ETHTOOL_LINK_MODE_20000baseKR2_Full_BIT = 0x16 + ETHTOOL_LINK_MODE_40000baseKR4_Full_BIT = 0x17 + ETHTOOL_LINK_MODE_40000baseCR4_Full_BIT = 0x18 + ETHTOOL_LINK_MODE_40000baseSR4_Full_BIT = 0x19 + ETHTOOL_LINK_MODE_40000baseLR4_Full_BIT = 0x1a + ETHTOOL_LINK_MODE_56000baseKR4_Full_BIT = 0x1b + ETHTOOL_LINK_MODE_56000baseCR4_Full_BIT = 0x1c + ETHTOOL_LINK_MODE_56000baseSR4_Full_BIT = 0x1d + ETHTOOL_LINK_MODE_56000baseLR4_Full_BIT = 0x1e + ETHTOOL_LINK_MODE_25000baseCR_Full_BIT = 0x1f + ETHTOOL_LINK_MODE_25000baseKR_Full_BIT = 0x20 + ETHTOOL_LINK_MODE_25000baseSR_Full_BIT = 0x21 + ETHTOOL_LINK_MODE_50000baseCR2_Full_BIT = 0x22 + ETHTOOL_LINK_MODE_50000baseKR2_Full_BIT = 0x23 + ETHTOOL_LINK_MODE_100000baseKR4_Full_BIT = 0x24 + ETHTOOL_LINK_MODE_100000baseSR4_Full_BIT = 0x25 + ETHTOOL_LINK_MODE_100000baseCR4_Full_BIT = 0x26 + ETHTOOL_LINK_MODE_100000baseLR4_ER4_Full_BIT = 0x27 + ETHTOOL_LINK_MODE_50000baseSR2_Full_BIT = 0x28 + ETHTOOL_LINK_MODE_1000baseX_Full_BIT = 0x29 + ETHTOOL_LINK_MODE_10000baseCR_Full_BIT = 0x2a + ETHTOOL_LINK_MODE_10000baseSR_Full_BIT = 0x2b + ETHTOOL_LINK_MODE_10000baseLR_Full_BIT = 0x2c + ETHTOOL_LINK_MODE_10000baseLRM_Full_BIT = 0x2d + ETHTOOL_LINK_MODE_10000baseER_Full_BIT = 0x2e + ETHTOOL_LINK_MODE_2500baseT_Full_BIT = 0x2f + ETHTOOL_LINK_MODE_5000baseT_Full_BIT = 0x30 + ETHTOOL_LINK_MODE_FEC_NONE_BIT = 0x31 + ETHTOOL_LINK_MODE_FEC_RS_BIT = 0x32 + ETHTOOL_LINK_MODE_FEC_BASER_BIT = 0x33 + ETHTOOL_LINK_MODE_50000baseKR_Full_BIT = 0x34 + ETHTOOL_LINK_MODE_50000baseSR_Full_BIT = 0x35 + ETHTOOL_LINK_MODE_50000baseCR_Full_BIT = 0x36 + ETHTOOL_LINK_MODE_50000baseLR_ER_FR_Full_BIT = 0x37 + ETHTOOL_LINK_MODE_50000baseDR_Full_BIT = 0x38 + ETHTOOL_LINK_MODE_100000baseKR2_Full_BIT = 0x39 + ETHTOOL_LINK_MODE_100000baseSR2_Full_BIT = 0x3a + ETHTOOL_LINK_MODE_100000baseCR2_Full_BIT = 0x3b + ETHTOOL_LINK_MODE_100000baseLR2_ER2_FR2_Full_BIT = 0x3c + ETHTOOL_LINK_MODE_100000baseDR2_Full_BIT = 0x3d + ETHTOOL_LINK_MODE_200000baseKR4_Full_BIT = 0x3e + ETHTOOL_LINK_MODE_200000baseSR4_Full_BIT = 0x3f + ETHTOOL_LINK_MODE_200000baseLR4_ER4_FR4_Full_BIT = 0x40 + ETHTOOL_LINK_MODE_200000baseDR4_Full_BIT = 0x41 + ETHTOOL_LINK_MODE_200000baseCR4_Full_BIT = 0x42 + ETHTOOL_LINK_MODE_100baseT1_Full_BIT = 0x43 + ETHTOOL_LINK_MODE_1000baseT1_Full_BIT = 0x44 + ETHTOOL_LINK_MODE_400000baseKR8_Full_BIT = 0x45 + ETHTOOL_LINK_MODE_400000baseSR8_Full_BIT = 0x46 + ETHTOOL_LINK_MODE_400000baseLR8_ER8_FR8_Full_BIT = 0x47 + ETHTOOL_LINK_MODE_400000baseDR8_Full_BIT = 0x48 + ETHTOOL_LINK_MODE_400000baseCR8_Full_BIT = 0x49 + ETHTOOL_LINK_MODE_FEC_LLRS_BIT = 0x4a + ETHTOOL_LINK_MODE_100000baseKR_Full_BIT = 0x4b + ETHTOOL_LINK_MODE_100000baseSR_Full_BIT = 0x4c + ETHTOOL_LINK_MODE_100000baseLR_ER_FR_Full_BIT = 0x4d + ETHTOOL_LINK_MODE_100000baseCR_Full_BIT = 0x4e + ETHTOOL_LINK_MODE_100000baseDR_Full_BIT = 0x4f + ETHTOOL_LINK_MODE_200000baseKR2_Full_BIT = 0x50 + ETHTOOL_LINK_MODE_200000baseSR2_Full_BIT = 0x51 + ETHTOOL_LINK_MODE_200000baseLR2_ER2_FR2_Full_BIT = 0x52 + ETHTOOL_LINK_MODE_200000baseDR2_Full_BIT = 0x53 + ETHTOOL_LINK_MODE_200000baseCR2_Full_BIT = 0x54 + ETHTOOL_LINK_MODE_400000baseKR4_Full_BIT = 0x55 + ETHTOOL_LINK_MODE_400000baseSR4_Full_BIT = 0x56 + ETHTOOL_LINK_MODE_400000baseLR4_ER4_FR4_Full_BIT = 0x57 + ETHTOOL_LINK_MODE_400000baseDR4_Full_BIT = 0x58 + ETHTOOL_LINK_MODE_400000baseCR4_Full_BIT = 0x59 + ETHTOOL_LINK_MODE_100baseFX_Half_BIT = 0x5a + ETHTOOL_LINK_MODE_100baseFX_Full_BIT = 0x5b + + ETHTOOL_MSG_USER_NONE = 0x0 + ETHTOOL_MSG_STRSET_GET = 0x1 + ETHTOOL_MSG_LINKINFO_GET = 0x2 + ETHTOOL_MSG_LINKINFO_SET = 0x3 + ETHTOOL_MSG_LINKMODES_GET = 0x4 + ETHTOOL_MSG_LINKMODES_SET = 0x5 + ETHTOOL_MSG_LINKSTATE_GET = 0x6 + ETHTOOL_MSG_DEBUG_GET = 0x7 + ETHTOOL_MSG_DEBUG_SET = 0x8 + ETHTOOL_MSG_WOL_GET = 0x9 + ETHTOOL_MSG_WOL_SET = 0xa + ETHTOOL_MSG_FEATURES_GET = 0xb + ETHTOOL_MSG_FEATURES_SET = 0xc + ETHTOOL_MSG_PRIVFLAGS_GET = 0xd + ETHTOOL_MSG_PRIVFLAGS_SET = 0xe + ETHTOOL_MSG_RINGS_GET = 0xf + ETHTOOL_MSG_RINGS_SET = 0x10 + ETHTOOL_MSG_CHANNELS_GET = 0x11 + ETHTOOL_MSG_CHANNELS_SET = 0x12 + ETHTOOL_MSG_COALESCE_GET = 0x13 + ETHTOOL_MSG_COALESCE_SET = 0x14 + ETHTOOL_MSG_PAUSE_GET = 0x15 + ETHTOOL_MSG_PAUSE_SET = 0x16 + ETHTOOL_MSG_EEE_GET = 0x17 + ETHTOOL_MSG_EEE_SET = 0x18 + ETHTOOL_MSG_TSINFO_GET = 0x19 + ETHTOOL_MSG_CABLE_TEST_ACT = 0x1a + ETHTOOL_MSG_CABLE_TEST_TDR_ACT = 0x1b + ETHTOOL_MSG_TUNNEL_INFO_GET = 0x1c + ETHTOOL_MSG_USER_MAX = 0x1c + ETHTOOL_MSG_KERNEL_NONE = 0x0 + ETHTOOL_MSG_STRSET_GET_REPLY = 0x1 + ETHTOOL_MSG_LINKINFO_GET_REPLY = 0x2 + ETHTOOL_MSG_LINKINFO_NTF = 0x3 + ETHTOOL_MSG_LINKMODES_GET_REPLY = 0x4 + ETHTOOL_MSG_LINKMODES_NTF = 0x5 + ETHTOOL_MSG_LINKSTATE_GET_REPLY = 0x6 + ETHTOOL_MSG_DEBUG_GET_REPLY = 0x7 + ETHTOOL_MSG_DEBUG_NTF = 0x8 + ETHTOOL_MSG_WOL_GET_REPLY = 0x9 + ETHTOOL_MSG_WOL_NTF = 0xa + ETHTOOL_MSG_FEATURES_GET_REPLY = 0xb + ETHTOOL_MSG_FEATURES_SET_REPLY = 0xc + ETHTOOL_MSG_FEATURES_NTF = 0xd + ETHTOOL_MSG_PRIVFLAGS_GET_REPLY = 0xe + ETHTOOL_MSG_PRIVFLAGS_NTF = 0xf + ETHTOOL_MSG_RINGS_GET_REPLY = 0x10 + ETHTOOL_MSG_RINGS_NTF = 0x11 + ETHTOOL_MSG_CHANNELS_GET_REPLY = 0x12 + ETHTOOL_MSG_CHANNELS_NTF = 0x13 + ETHTOOL_MSG_COALESCE_GET_REPLY = 0x14 + ETHTOOL_MSG_COALESCE_NTF = 0x15 + ETHTOOL_MSG_PAUSE_GET_REPLY = 0x16 + ETHTOOL_MSG_PAUSE_NTF = 0x17 + ETHTOOL_MSG_EEE_GET_REPLY = 0x18 + ETHTOOL_MSG_EEE_NTF = 0x19 + ETHTOOL_MSG_TSINFO_GET_REPLY = 0x1a + ETHTOOL_MSG_CABLE_TEST_NTF = 0x1b + ETHTOOL_MSG_CABLE_TEST_TDR_NTF = 0x1c + ETHTOOL_MSG_TUNNEL_INFO_GET_REPLY = 0x1d + ETHTOOL_MSG_KERNEL_MAX = 0x1d + ETHTOOL_A_HEADER_UNSPEC = 0x0 + ETHTOOL_A_HEADER_DEV_INDEX = 0x1 + ETHTOOL_A_HEADER_DEV_NAME = 0x2 + ETHTOOL_A_HEADER_FLAGS = 0x3 + ETHTOOL_A_HEADER_MAX = 0x3 + ETHTOOL_A_BITSET_BIT_UNSPEC = 0x0 + ETHTOOL_A_BITSET_BIT_INDEX = 0x1 + ETHTOOL_A_BITSET_BIT_NAME = 0x2 + ETHTOOL_A_BITSET_BIT_VALUE = 0x3 + ETHTOOL_A_BITSET_BIT_MAX = 0x3 + ETHTOOL_A_BITSET_BITS_UNSPEC = 0x0 + ETHTOOL_A_BITSET_BITS_BIT = 0x1 + ETHTOOL_A_BITSET_BITS_MAX = 0x1 + ETHTOOL_A_BITSET_UNSPEC = 0x0 + ETHTOOL_A_BITSET_NOMASK = 0x1 + ETHTOOL_A_BITSET_SIZE = 0x2 + ETHTOOL_A_BITSET_BITS = 0x3 + ETHTOOL_A_BITSET_VALUE = 0x4 + ETHTOOL_A_BITSET_MASK = 0x5 + ETHTOOL_A_BITSET_MAX = 0x5 + ETHTOOL_A_STRING_UNSPEC = 0x0 + ETHTOOL_A_STRING_INDEX = 0x1 + ETHTOOL_A_STRING_VALUE = 0x2 + ETHTOOL_A_STRING_MAX = 0x2 + ETHTOOL_A_STRINGS_UNSPEC = 0x0 + ETHTOOL_A_STRINGS_STRING = 0x1 + ETHTOOL_A_STRINGS_MAX = 0x1 + ETHTOOL_A_STRINGSET_UNSPEC = 0x0 + ETHTOOL_A_STRINGSET_ID = 0x1 + ETHTOOL_A_STRINGSET_COUNT = 0x2 + ETHTOOL_A_STRINGSET_STRINGS = 0x3 + ETHTOOL_A_STRINGSET_MAX = 0x3 + ETHTOOL_A_STRINGSETS_UNSPEC = 0x0 + ETHTOOL_A_STRINGSETS_STRINGSET = 0x1 + ETHTOOL_A_STRINGSETS_MAX = 0x1 + ETHTOOL_A_STRSET_UNSPEC = 0x0 + ETHTOOL_A_STRSET_HEADER = 0x1 + ETHTOOL_A_STRSET_STRINGSETS = 0x2 + ETHTOOL_A_STRSET_COUNTS_ONLY = 0x3 + ETHTOOL_A_STRSET_MAX = 0x3 + ETHTOOL_A_LINKINFO_UNSPEC = 0x0 + ETHTOOL_A_LINKINFO_HEADER = 0x1 + ETHTOOL_A_LINKINFO_PORT = 0x2 + ETHTOOL_A_LINKINFO_PHYADDR = 0x3 + ETHTOOL_A_LINKINFO_TP_MDIX = 0x4 + ETHTOOL_A_LINKINFO_TP_MDIX_CTRL = 0x5 + ETHTOOL_A_LINKINFO_TRANSCEIVER = 0x6 + ETHTOOL_A_LINKINFO_MAX = 0x6 + ETHTOOL_A_LINKMODES_UNSPEC = 0x0 + ETHTOOL_A_LINKMODES_HEADER = 0x1 + ETHTOOL_A_LINKMODES_AUTONEG = 0x2 + ETHTOOL_A_LINKMODES_OURS = 0x3 + ETHTOOL_A_LINKMODES_PEER = 0x4 + ETHTOOL_A_LINKMODES_SPEED = 0x5 + ETHTOOL_A_LINKMODES_DUPLEX = 0x6 + ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG = 0x7 + ETHTOOL_A_LINKMODES_MASTER_SLAVE_STATE = 0x8 + ETHTOOL_A_LINKMODES_MAX = 0x8 + ETHTOOL_A_LINKSTATE_UNSPEC = 0x0 + ETHTOOL_A_LINKSTATE_HEADER = 0x1 + ETHTOOL_A_LINKSTATE_LINK = 0x2 + ETHTOOL_A_LINKSTATE_SQI = 0x3 + ETHTOOL_A_LINKSTATE_SQI_MAX = 0x4 + ETHTOOL_A_LINKSTATE_EXT_STATE = 0x5 + ETHTOOL_A_LINKSTATE_EXT_SUBSTATE = 0x6 + ETHTOOL_A_LINKSTATE_MAX = 0x6 + ETHTOOL_A_DEBUG_UNSPEC = 0x0 + ETHTOOL_A_DEBUG_HEADER = 0x1 + ETHTOOL_A_DEBUG_MSGMASK = 0x2 + ETHTOOL_A_DEBUG_MAX = 0x2 + ETHTOOL_A_WOL_UNSPEC = 0x0 + ETHTOOL_A_WOL_HEADER = 0x1 + ETHTOOL_A_WOL_MODES = 0x2 + ETHTOOL_A_WOL_SOPASS = 0x3 + ETHTOOL_A_WOL_MAX = 0x3 + ETHTOOL_A_FEATURES_UNSPEC = 0x0 + ETHTOOL_A_FEATURES_HEADER = 0x1 + ETHTOOL_A_FEATURES_HW = 0x2 + ETHTOOL_A_FEATURES_WANTED = 0x3 + ETHTOOL_A_FEATURES_ACTIVE = 0x4 + ETHTOOL_A_FEATURES_NOCHANGE = 0x5 + ETHTOOL_A_FEATURES_MAX = 0x5 + ETHTOOL_A_PRIVFLAGS_UNSPEC = 0x0 + ETHTOOL_A_PRIVFLAGS_HEADER = 0x1 + ETHTOOL_A_PRIVFLAGS_FLAGS = 0x2 + ETHTOOL_A_PRIVFLAGS_MAX = 0x2 + ETHTOOL_A_RINGS_UNSPEC = 0x0 + ETHTOOL_A_RINGS_HEADER = 0x1 + ETHTOOL_A_RINGS_RX_MAX = 0x2 + ETHTOOL_A_RINGS_RX_MINI_MAX = 0x3 + ETHTOOL_A_RINGS_RX_JUMBO_MAX = 0x4 + ETHTOOL_A_RINGS_TX_MAX = 0x5 + ETHTOOL_A_RINGS_RX = 0x6 + ETHTOOL_A_RINGS_RX_MINI = 0x7 + ETHTOOL_A_RINGS_RX_JUMBO = 0x8 + ETHTOOL_A_RINGS_TX = 0x9 + ETHTOOL_A_RINGS_MAX = 0x9 + ETHTOOL_A_CHANNELS_UNSPEC = 0x0 + ETHTOOL_A_CHANNELS_HEADER = 0x1 + ETHTOOL_A_CHANNELS_RX_MAX = 0x2 + ETHTOOL_A_CHANNELS_TX_MAX = 0x3 + ETHTOOL_A_CHANNELS_OTHER_MAX = 0x4 + ETHTOOL_A_CHANNELS_COMBINED_MAX = 0x5 + ETHTOOL_A_CHANNELS_RX_COUNT = 0x6 + ETHTOOL_A_CHANNELS_TX_COUNT = 0x7 + ETHTOOL_A_CHANNELS_OTHER_COUNT = 0x8 + ETHTOOL_A_CHANNELS_COMBINED_COUNT = 0x9 + ETHTOOL_A_CHANNELS_MAX = 0x9 + ETHTOOL_A_COALESCE_UNSPEC = 0x0 + ETHTOOL_A_COALESCE_HEADER = 0x1 + ETHTOOL_A_COALESCE_RX_USECS = 0x2 + ETHTOOL_A_COALESCE_RX_MAX_FRAMES = 0x3 + ETHTOOL_A_COALESCE_RX_USECS_IRQ = 0x4 + ETHTOOL_A_COALESCE_RX_MAX_FRAMES_IRQ = 0x5 + ETHTOOL_A_COALESCE_TX_USECS = 0x6 + ETHTOOL_A_COALESCE_TX_MAX_FRAMES = 0x7 + ETHTOOL_A_COALESCE_TX_USECS_IRQ = 0x8 + ETHTOOL_A_COALESCE_TX_MAX_FRAMES_IRQ = 0x9 + ETHTOOL_A_COALESCE_STATS_BLOCK_USECS = 0xa + ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX = 0xb + ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX = 0xc + ETHTOOL_A_COALESCE_PKT_RATE_LOW = 0xd + ETHTOOL_A_COALESCE_RX_USECS_LOW = 0xe + ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW = 0xf + ETHTOOL_A_COALESCE_TX_USECS_LOW = 0x10 + ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW = 0x11 + ETHTOOL_A_COALESCE_PKT_RATE_HIGH = 0x12 + ETHTOOL_A_COALESCE_RX_USECS_HIGH = 0x13 + ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH = 0x14 + ETHTOOL_A_COALESCE_TX_USECS_HIGH = 0x15 + ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH = 0x16 + ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL = 0x17 + ETHTOOL_A_COALESCE_MAX = 0x17 + ETHTOOL_A_PAUSE_UNSPEC = 0x0 + ETHTOOL_A_PAUSE_HEADER = 0x1 + ETHTOOL_A_PAUSE_AUTONEG = 0x2 + ETHTOOL_A_PAUSE_RX = 0x3 + ETHTOOL_A_PAUSE_TX = 0x4 + ETHTOOL_A_PAUSE_STATS = 0x5 + ETHTOOL_A_PAUSE_MAX = 0x5 + ETHTOOL_A_PAUSE_STAT_UNSPEC = 0x0 + ETHTOOL_A_PAUSE_STAT_PAD = 0x1 + ETHTOOL_A_PAUSE_STAT_TX_FRAMES = 0x2 + ETHTOOL_A_PAUSE_STAT_RX_FRAMES = 0x3 + ETHTOOL_A_PAUSE_STAT_MAX = 0x3 + ETHTOOL_A_EEE_UNSPEC = 0x0 + ETHTOOL_A_EEE_HEADER = 0x1 + ETHTOOL_A_EEE_MODES_OURS = 0x2 + ETHTOOL_A_EEE_MODES_PEER = 0x3 + ETHTOOL_A_EEE_ACTIVE = 0x4 + ETHTOOL_A_EEE_ENABLED = 0x5 + ETHTOOL_A_EEE_TX_LPI_ENABLED = 0x6 + ETHTOOL_A_EEE_TX_LPI_TIMER = 0x7 + ETHTOOL_A_EEE_MAX = 0x7 + ETHTOOL_A_TSINFO_UNSPEC = 0x0 + ETHTOOL_A_TSINFO_HEADER = 0x1 + ETHTOOL_A_TSINFO_TIMESTAMPING = 0x2 + ETHTOOL_A_TSINFO_TX_TYPES = 0x3 + ETHTOOL_A_TSINFO_RX_FILTERS = 0x4 + ETHTOOL_A_TSINFO_PHC_INDEX = 0x5 + ETHTOOL_A_TSINFO_MAX = 0x5 + ETHTOOL_A_CABLE_TEST_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_HEADER = 0x1 + ETHTOOL_A_CABLE_TEST_MAX = 0x1 + ETHTOOL_A_CABLE_RESULT_CODE_UNSPEC = 0x0 + ETHTOOL_A_CABLE_RESULT_CODE_OK = 0x1 + ETHTOOL_A_CABLE_RESULT_CODE_OPEN = 0x2 + ETHTOOL_A_CABLE_RESULT_CODE_SAME_SHORT = 0x3 + ETHTOOL_A_CABLE_RESULT_CODE_CROSS_SHORT = 0x4 + ETHTOOL_A_CABLE_PAIR_A = 0x0 + ETHTOOL_A_CABLE_PAIR_B = 0x1 + ETHTOOL_A_CABLE_PAIR_C = 0x2 + ETHTOOL_A_CABLE_PAIR_D = 0x3 + ETHTOOL_A_CABLE_RESULT_UNSPEC = 0x0 + ETHTOOL_A_CABLE_RESULT_PAIR = 0x1 + ETHTOOL_A_CABLE_RESULT_CODE = 0x2 + ETHTOOL_A_CABLE_RESULT_MAX = 0x2 + ETHTOOL_A_CABLE_FAULT_LENGTH_UNSPEC = 0x0 + ETHTOOL_A_CABLE_FAULT_LENGTH_PAIR = 0x1 + ETHTOOL_A_CABLE_FAULT_LENGTH_CM = 0x2 + ETHTOOL_A_CABLE_FAULT_LENGTH_MAX = 0x2 + ETHTOOL_A_CABLE_TEST_NTF_STATUS_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_NTF_STATUS_STARTED = 0x1 + ETHTOOL_A_CABLE_TEST_NTF_STATUS_COMPLETED = 0x2 + ETHTOOL_A_CABLE_NEST_UNSPEC = 0x0 + ETHTOOL_A_CABLE_NEST_RESULT = 0x1 + ETHTOOL_A_CABLE_NEST_FAULT_LENGTH = 0x2 + ETHTOOL_A_CABLE_NEST_MAX = 0x2 + ETHTOOL_A_CABLE_TEST_NTF_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_NTF_HEADER = 0x1 + ETHTOOL_A_CABLE_TEST_NTF_STATUS = 0x2 + ETHTOOL_A_CABLE_TEST_NTF_NEST = 0x3 + ETHTOOL_A_CABLE_TEST_NTF_MAX = 0x3 + ETHTOOL_A_CABLE_TEST_TDR_CFG_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_TDR_CFG_FIRST = 0x1 + ETHTOOL_A_CABLE_TEST_TDR_CFG_LAST = 0x2 + ETHTOOL_A_CABLE_TEST_TDR_CFG_STEP = 0x3 + ETHTOOL_A_CABLE_TEST_TDR_CFG_PAIR = 0x4 + ETHTOOL_A_CABLE_TEST_TDR_CFG_MAX = 0x4 + ETHTOOL_A_CABLE_TEST_TDR_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_TDR_HEADER = 0x1 + ETHTOOL_A_CABLE_TEST_TDR_CFG = 0x2 + ETHTOOL_A_CABLE_TEST_TDR_MAX = 0x2 + ETHTOOL_A_CABLE_AMPLITUDE_UNSPEC = 0x0 + ETHTOOL_A_CABLE_AMPLITUDE_PAIR = 0x1 + ETHTOOL_A_CABLE_AMPLITUDE_mV = 0x2 + ETHTOOL_A_CABLE_AMPLITUDE_MAX = 0x2 + ETHTOOL_A_CABLE_PULSE_UNSPEC = 0x0 + ETHTOOL_A_CABLE_PULSE_mV = 0x1 + ETHTOOL_A_CABLE_PULSE_MAX = 0x1 + ETHTOOL_A_CABLE_STEP_UNSPEC = 0x0 + ETHTOOL_A_CABLE_STEP_FIRST_DISTANCE = 0x1 + ETHTOOL_A_CABLE_STEP_LAST_DISTANCE = 0x2 + ETHTOOL_A_CABLE_STEP_STEP_DISTANCE = 0x3 + ETHTOOL_A_CABLE_STEP_MAX = 0x3 + ETHTOOL_A_CABLE_TDR_NEST_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TDR_NEST_STEP = 0x1 + ETHTOOL_A_CABLE_TDR_NEST_AMPLITUDE = 0x2 + ETHTOOL_A_CABLE_TDR_NEST_PULSE = 0x3 + ETHTOOL_A_CABLE_TDR_NEST_MAX = 0x3 + ETHTOOL_A_CABLE_TEST_TDR_NTF_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_TDR_NTF_HEADER = 0x1 + ETHTOOL_A_CABLE_TEST_TDR_NTF_STATUS = 0x2 + ETHTOOL_A_CABLE_TEST_TDR_NTF_NEST = 0x3 + ETHTOOL_A_CABLE_TEST_TDR_NTF_MAX = 0x3 + ETHTOOL_UDP_TUNNEL_TYPE_VXLAN = 0x0 + ETHTOOL_UDP_TUNNEL_TYPE_GENEVE = 0x1 + ETHTOOL_UDP_TUNNEL_TYPE_VXLAN_GPE = 0x2 + ETHTOOL_A_TUNNEL_UDP_ENTRY_UNSPEC = 0x0 + ETHTOOL_A_TUNNEL_UDP_ENTRY_PORT = 0x1 + ETHTOOL_A_TUNNEL_UDP_ENTRY_TYPE = 0x2 + ETHTOOL_A_TUNNEL_UDP_ENTRY_MAX = 0x2 + ETHTOOL_A_TUNNEL_UDP_TABLE_UNSPEC = 0x0 + ETHTOOL_A_TUNNEL_UDP_TABLE_SIZE = 0x1 + ETHTOOL_A_TUNNEL_UDP_TABLE_TYPES = 0x2 + ETHTOOL_A_TUNNEL_UDP_TABLE_ENTRY = 0x3 + ETHTOOL_A_TUNNEL_UDP_TABLE_MAX = 0x3 + ETHTOOL_A_TUNNEL_UDP_UNSPEC = 0x0 + ETHTOOL_A_TUNNEL_UDP_TABLE = 0x1 + ETHTOOL_A_TUNNEL_UDP_MAX = 0x1 + ETHTOOL_A_TUNNEL_INFO_UNSPEC = 0x0 + ETHTOOL_A_TUNNEL_INFO_HEADER = 0x1 + ETHTOOL_A_TUNNEL_INFO_UDP_PORTS = 0x2 + ETHTOOL_A_TUNNEL_INFO_MAX = 0x2 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go index 73509d896a2a..088bd77e3be3 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build 386,linux @@ -602,3 +602,18 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 +} + +const ( + PPS_GETPARAMS = 0x800470a1 + PPS_SETPARAMS = 0x400470a2 + PPS_GETCAP = 0x800470a3 + PPS_FETCH = 0xc00470a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go index 45eb8738b0df..078d958ec956 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build amd64,linux @@ -619,3 +619,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800870a1 + PPS_SETPARAMS = 0x400870a2 + PPS_GETCAP = 0x800870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go index 8f6b453aba5b..2d39122f410c 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build arm,linux @@ -596,3 +596,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]uint8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800470a1 + PPS_SETPARAMS = 0x400470a2 + PPS_GETCAP = 0x800470a3 + PPS_FETCH = 0xc00470a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go index b1e0c24f192f..304cbd04536e 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build arm64,linux @@ -598,3 +598,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800870a1 + PPS_SETPARAMS = 0x400870a2 + PPS_GETCAP = 0x800870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go index fb802c3ec9b3..7d9d57006aa8 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build mips,linux @@ -602,3 +602,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400470a1 + PPS_SETPARAMS = 0x800470a2 + PPS_GETCAP = 0x400470a3 + PPS_FETCH = 0xc00470a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go index 30abcf3bb8e3..a1eb2577b089 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build mips64,linux @@ -601,3 +601,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go index 99761aa9a78a..2e5ce3b6a69f 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build mips64le,linux @@ -601,3 +601,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go index 293690348f6e..bbaa1200b6a6 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build mipsle,linux @@ -602,3 +602,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400470a1 + PPS_SETPARAMS = 0x800470a2 + PPS_GETCAP = 0x400470a3 + PPS_FETCH = 0xc00470a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go index 0ca856e559b6..0e6e8a774839 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build ppc64,linux @@ -608,3 +608,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]uint8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go index f50f6482eee7..7382f385faf6 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build ppc64le,linux @@ -608,3 +608,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]uint8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go index 4d3ac8d7b409..28d552216656 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build riscv64,linux @@ -626,3 +626,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]uint8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800870a1 + PPS_SETPARAMS = 0x400870a2 + PPS_GETCAP = 0x800870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go index 349f483a80ea..a91a7a44bd39 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build s390x,linux @@ -622,3 +622,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800870a1 + PPS_SETPARAMS = 0x400870a2 + PPS_GETCAP = 0x800870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go index 80c73beaa155..f824b2358dc7 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build sparc64,linux @@ -603,3 +603,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go index a89100c08aec..3f11f88e3c65 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go @@ -248,6 +248,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go index 289184e0b3a8..0bed83af57b3 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go @@ -255,6 +255,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go index 428c450e4ce0..e4e3bf736d86 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go @@ -253,6 +253,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go index 6f1f2842cc37..efac861bb7fa 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go @@ -255,6 +255,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go index 61ea0019a298..80fa295f1dfc 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go @@ -231,6 +231,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go index 87a493f68fd3..560dd6d08af1 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go @@ -235,6 +235,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go index d80836efaba3..0c1700fa4356 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go @@ -235,6 +235,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go index 4e158746f115..5b3e46633e9b 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go @@ -231,6 +231,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go index 992a1f8c0188..62bff1670979 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go @@ -231,6 +231,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go index db817f3ba828..ca512aff7f86 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go @@ -234,6 +234,7 @@ const ( SizeofSockaddrUnix = 0x6e SizeofSockaddrDatalink = 0xfc SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/windows/dll_windows.go b/vendor/golang.org/x/sys/windows/dll_windows.go index 82076fb74ff9..115341fba66d 100644 --- a/vendor/golang.org/x/sys/windows/dll_windows.go +++ b/vendor/golang.org/x/sys/windows/dll_windows.go @@ -32,6 +32,8 @@ type DLLError struct { func (e *DLLError) Error() string { return e.Msg } +func (e *DLLError) Unwrap() error { return e.Err } + // A DLL implements access to a single DLL. type DLL struct { Name string @@ -389,7 +391,6 @@ func loadLibraryEx(name string, system bool) (*DLL, error) { var flags uintptr if system { if canDoSearchSystem32() { - const LOAD_LIBRARY_SEARCH_SYSTEM32 = 0x00000800 flags = LOAD_LIBRARY_SEARCH_SYSTEM32 } else if isBaseName(name) { // WindowsXP or unpatched Windows machine diff --git a/vendor/golang.org/x/sys/windows/memory_windows.go b/vendor/golang.org/x/sys/windows/memory_windows.go index e409d76f0fde..1adb60739a34 100644 --- a/vendor/golang.org/x/sys/windows/memory_windows.go +++ b/vendor/golang.org/x/sys/windows/memory_windows.go @@ -16,13 +16,19 @@ const ( MEM_RESET_UNDO = 0x01000000 MEM_LARGE_PAGES = 0x20000000 - PAGE_NOACCESS = 0x01 - PAGE_READONLY = 0x02 - PAGE_READWRITE = 0x04 - PAGE_WRITECOPY = 0x08 - PAGE_EXECUTE_READ = 0x20 - PAGE_EXECUTE_READWRITE = 0x40 - PAGE_EXECUTE_WRITECOPY = 0x80 + PAGE_NOACCESS = 0x00000001 + PAGE_READONLY = 0x00000002 + PAGE_READWRITE = 0x00000004 + PAGE_WRITECOPY = 0x00000008 + PAGE_EXECUTE = 0x00000010 + PAGE_EXECUTE_READ = 0x00000020 + PAGE_EXECUTE_READWRITE = 0x00000040 + PAGE_EXECUTE_WRITECOPY = 0x00000080 + PAGE_GUARD = 0x00000100 + PAGE_NOCACHE = 0x00000200 + PAGE_WRITECOMBINE = 0x00000400 + PAGE_TARGETS_INVALID = 0x40000000 + PAGE_TARGETS_NO_UPDATE = 0x40000000 QUOTA_LIMITS_HARDWS_MIN_DISABLE = 0x00000002 QUOTA_LIMITS_HARDWS_MIN_ENABLE = 0x00000001 diff --git a/vendor/golang.org/x/sys/windows/security_windows.go b/vendor/golang.org/x/sys/windows/security_windows.go index 9e3c44a85570..69eb462c59a8 100644 --- a/vendor/golang.org/x/sys/windows/security_windows.go +++ b/vendor/golang.org/x/sys/windows/security_windows.go @@ -624,6 +624,7 @@ func (tml *Tokenmandatorylabel) Size() uint32 { // Authorization Functions //sys checkTokenMembership(tokenHandle Token, sidToCheck *SID, isMember *int32) (err error) = advapi32.CheckTokenMembership +//sys isTokenRestricted(tokenHandle Token) (ret bool, err error) [!failretval] = advapi32.IsTokenRestricted //sys OpenProcessToken(process Handle, access uint32, token *Token) (err error) = advapi32.OpenProcessToken //sys OpenThreadToken(thread Handle, access uint32, openAsSelf bool, token *Token) (err error) = advapi32.OpenThreadToken //sys ImpersonateSelf(impersonationlevel uint32) (err error) = advapi32.ImpersonateSelf @@ -837,6 +838,16 @@ func (t Token) IsMember(sid *SID) (bool, error) { return b != 0, nil } +// IsRestricted reports whether the access token t is a restricted token. +func (t Token) IsRestricted() (isRestricted bool, err error) { + isRestricted, err = isTokenRestricted(t) + if !isRestricted && err == syscall.EINVAL { + // If err is EINVAL, this returned ERROR_SUCCESS indicating a non-restricted token. + err = nil + } + return +} + const ( WTS_CONSOLE_CONNECT = 0x1 WTS_CONSOLE_DISCONNECT = 0x2 @@ -1103,9 +1114,10 @@ type OBJECTS_AND_NAME struct { } //sys getSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) = advapi32.GetSecurityInfo -//sys SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) = advapi32.SetSecurityInfo +//sys SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) = advapi32.SetSecurityInfo //sys getNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) = advapi32.GetNamedSecurityInfoW //sys SetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) = advapi32.SetNamedSecurityInfoW +//sys SetKernelObjectSecurity(handle Handle, securityInformation SECURITY_INFORMATION, securityDescriptor *SECURITY_DESCRIPTOR) (err error) = advapi32.SetKernelObjectSecurity //sys buildSecurityDescriptor(owner *TRUSTEE, group *TRUSTEE, countAccessEntries uint32, accessEntries *EXPLICIT_ACCESS, countAuditEntries uint32, auditEntries *EXPLICIT_ACCESS, oldSecurityDescriptor *SECURITY_DESCRIPTOR, sizeNewSecurityDescriptor *uint32, newSecurityDescriptor **SECURITY_DESCRIPTOR) (ret error) = advapi32.BuildSecurityDescriptorW //sys initializeSecurityDescriptor(absoluteSD *SECURITY_DESCRIPTOR, revision uint32) (err error) = advapi32.InitializeSecurityDescriptor diff --git a/vendor/golang.org/x/sys/windows/service.go b/vendor/golang.org/x/sys/windows/service.go index f54ff90aacda..b269850d0666 100644 --- a/vendor/golang.org/x/sys/windows/service.go +++ b/vendor/golang.org/x/sys/windows/service.go @@ -128,6 +128,10 @@ const ( SERVICE_NOTIFY_CREATED = 0x00000080 SERVICE_NOTIFY_DELETED = 0x00000100 SERVICE_NOTIFY_DELETE_PENDING = 0x00000200 + + SC_EVENT_DATABASE_CHANGE = 0 + SC_EVENT_PROPERTY_CHANGE = 1 + SC_EVENT_STATUS_CHANGE = 2 ) type SERVICE_STATUS struct { @@ -229,3 +233,5 @@ type QUERY_SERVICE_LOCK_STATUS struct { //sys EnumServicesStatusEx(mgr Handle, infoLevel uint32, serviceType uint32, serviceState uint32, services *byte, bufSize uint32, bytesNeeded *uint32, servicesReturned *uint32, resumeHandle *uint32, groupName *uint16) (err error) = advapi32.EnumServicesStatusExW //sys QueryServiceStatusEx(service Handle, infoLevel uint32, buff *byte, buffSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceStatusEx //sys NotifyServiceStatusChange(service Handle, notifyMask uint32, notifier *SERVICE_NOTIFY) (ret error) = advapi32.NotifyServiceStatusChangeW +//sys SubscribeServiceChangeNotifications(service Handle, eventType uint32, callback uintptr, callbackCtx uintptr, subscription *uintptr) (ret error) = sechost.SubscribeServiceChangeNotifications? +//sys UnsubscribeServiceChangeNotifications(subscription uintptr) = sechost.UnsubscribeServiceChangeNotifications? diff --git a/vendor/golang.org/x/sys/windows/setupapierrors_windows.go b/vendor/golang.org/x/sys/windows/setupapierrors_windows.go new file mode 100644 index 000000000000..1681810e0488 --- /dev/null +++ b/vendor/golang.org/x/sys/windows/setupapierrors_windows.go @@ -0,0 +1,100 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package windows + +import "syscall" + +const ( + ERROR_EXPECTED_SECTION_NAME syscall.Errno = 0x20000000 | 0xC0000000 | 0 + ERROR_BAD_SECTION_NAME_LINE syscall.Errno = 0x20000000 | 0xC0000000 | 1 + ERROR_SECTION_NAME_TOO_LONG syscall.Errno = 0x20000000 | 0xC0000000 | 2 + ERROR_GENERAL_SYNTAX syscall.Errno = 0x20000000 | 0xC0000000 | 3 + ERROR_WRONG_INF_STYLE syscall.Errno = 0x20000000 | 0xC0000000 | 0x100 + ERROR_SECTION_NOT_FOUND syscall.Errno = 0x20000000 | 0xC0000000 | 0x101 + ERROR_LINE_NOT_FOUND syscall.Errno = 0x20000000 | 0xC0000000 | 0x102 + ERROR_NO_BACKUP syscall.Errno = 0x20000000 | 0xC0000000 | 0x103 + ERROR_NO_ASSOCIATED_CLASS syscall.Errno = 0x20000000 | 0xC0000000 | 0x200 + ERROR_CLASS_MISMATCH syscall.Errno = 0x20000000 | 0xC0000000 | 0x201 + ERROR_DUPLICATE_FOUND syscall.Errno = 0x20000000 | 0xC0000000 | 0x202 + ERROR_NO_DRIVER_SELECTED syscall.Errno = 0x20000000 | 0xC0000000 | 0x203 + ERROR_KEY_DOES_NOT_EXIST syscall.Errno = 0x20000000 | 0xC0000000 | 0x204 + ERROR_INVALID_DEVINST_NAME syscall.Errno = 0x20000000 | 0xC0000000 | 0x205 + ERROR_INVALID_CLASS syscall.Errno = 0x20000000 | 0xC0000000 | 0x206 + ERROR_DEVINST_ALREADY_EXISTS syscall.Errno = 0x20000000 | 0xC0000000 | 0x207 + ERROR_DEVINFO_NOT_REGISTERED syscall.Errno = 0x20000000 | 0xC0000000 | 0x208 + ERROR_INVALID_REG_PROPERTY syscall.Errno = 0x20000000 | 0xC0000000 | 0x209 + ERROR_NO_INF syscall.Errno = 0x20000000 | 0xC0000000 | 0x20A + ERROR_NO_SUCH_DEVINST syscall.Errno = 0x20000000 | 0xC0000000 | 0x20B + ERROR_CANT_LOAD_CLASS_ICON syscall.Errno = 0x20000000 | 0xC0000000 | 0x20C + ERROR_INVALID_CLASS_INSTALLER syscall.Errno = 0x20000000 | 0xC0000000 | 0x20D + ERROR_DI_DO_DEFAULT syscall.Errno = 0x20000000 | 0xC0000000 | 0x20E + ERROR_DI_NOFILECOPY syscall.Errno = 0x20000000 | 0xC0000000 | 0x20F + ERROR_INVALID_HWPROFILE syscall.Errno = 0x20000000 | 0xC0000000 | 0x210 + ERROR_NO_DEVICE_SELECTED syscall.Errno = 0x20000000 | 0xC0000000 | 0x211 + ERROR_DEVINFO_LIST_LOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x212 + ERROR_DEVINFO_DATA_LOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x213 + ERROR_DI_BAD_PATH syscall.Errno = 0x20000000 | 0xC0000000 | 0x214 + ERROR_NO_CLASSINSTALL_PARAMS syscall.Errno = 0x20000000 | 0xC0000000 | 0x215 + ERROR_FILEQUEUE_LOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x216 + ERROR_BAD_SERVICE_INSTALLSECT syscall.Errno = 0x20000000 | 0xC0000000 | 0x217 + ERROR_NO_CLASS_DRIVER_LIST syscall.Errno = 0x20000000 | 0xC0000000 | 0x218 + ERROR_NO_ASSOCIATED_SERVICE syscall.Errno = 0x20000000 | 0xC0000000 | 0x219 + ERROR_NO_DEFAULT_DEVICE_INTERFACE syscall.Errno = 0x20000000 | 0xC0000000 | 0x21A + ERROR_DEVICE_INTERFACE_ACTIVE syscall.Errno = 0x20000000 | 0xC0000000 | 0x21B + ERROR_DEVICE_INTERFACE_REMOVED syscall.Errno = 0x20000000 | 0xC0000000 | 0x21C + ERROR_BAD_INTERFACE_INSTALLSECT syscall.Errno = 0x20000000 | 0xC0000000 | 0x21D + ERROR_NO_SUCH_INTERFACE_CLASS syscall.Errno = 0x20000000 | 0xC0000000 | 0x21E + ERROR_INVALID_REFERENCE_STRING syscall.Errno = 0x20000000 | 0xC0000000 | 0x21F + ERROR_INVALID_MACHINENAME syscall.Errno = 0x20000000 | 0xC0000000 | 0x220 + ERROR_REMOTE_COMM_FAILURE syscall.Errno = 0x20000000 | 0xC0000000 | 0x221 + ERROR_MACHINE_UNAVAILABLE syscall.Errno = 0x20000000 | 0xC0000000 | 0x222 + ERROR_NO_CONFIGMGR_SERVICES syscall.Errno = 0x20000000 | 0xC0000000 | 0x223 + ERROR_INVALID_PROPPAGE_PROVIDER syscall.Errno = 0x20000000 | 0xC0000000 | 0x224 + ERROR_NO_SUCH_DEVICE_INTERFACE syscall.Errno = 0x20000000 | 0xC0000000 | 0x225 + ERROR_DI_POSTPROCESSING_REQUIRED syscall.Errno = 0x20000000 | 0xC0000000 | 0x226 + ERROR_INVALID_COINSTALLER syscall.Errno = 0x20000000 | 0xC0000000 | 0x227 + ERROR_NO_COMPAT_DRIVERS syscall.Errno = 0x20000000 | 0xC0000000 | 0x228 + ERROR_NO_DEVICE_ICON syscall.Errno = 0x20000000 | 0xC0000000 | 0x229 + ERROR_INVALID_INF_LOGCONFIG syscall.Errno = 0x20000000 | 0xC0000000 | 0x22A + ERROR_DI_DONT_INSTALL syscall.Errno = 0x20000000 | 0xC0000000 | 0x22B + ERROR_INVALID_FILTER_DRIVER syscall.Errno = 0x20000000 | 0xC0000000 | 0x22C + ERROR_NON_WINDOWS_NT_DRIVER syscall.Errno = 0x20000000 | 0xC0000000 | 0x22D + ERROR_NON_WINDOWS_DRIVER syscall.Errno = 0x20000000 | 0xC0000000 | 0x22E + ERROR_NO_CATALOG_FOR_OEM_INF syscall.Errno = 0x20000000 | 0xC0000000 | 0x22F + ERROR_DEVINSTALL_QUEUE_NONNATIVE syscall.Errno = 0x20000000 | 0xC0000000 | 0x230 + ERROR_NOT_DISABLEABLE syscall.Errno = 0x20000000 | 0xC0000000 | 0x231 + ERROR_CANT_REMOVE_DEVINST syscall.Errno = 0x20000000 | 0xC0000000 | 0x232 + ERROR_INVALID_TARGET syscall.Errno = 0x20000000 | 0xC0000000 | 0x233 + ERROR_DRIVER_NONNATIVE syscall.Errno = 0x20000000 | 0xC0000000 | 0x234 + ERROR_IN_WOW64 syscall.Errno = 0x20000000 | 0xC0000000 | 0x235 + ERROR_SET_SYSTEM_RESTORE_POINT syscall.Errno = 0x20000000 | 0xC0000000 | 0x236 + ERROR_SCE_DISABLED syscall.Errno = 0x20000000 | 0xC0000000 | 0x238 + ERROR_UNKNOWN_EXCEPTION syscall.Errno = 0x20000000 | 0xC0000000 | 0x239 + ERROR_PNP_REGISTRY_ERROR syscall.Errno = 0x20000000 | 0xC0000000 | 0x23A + ERROR_REMOTE_REQUEST_UNSUPPORTED syscall.Errno = 0x20000000 | 0xC0000000 | 0x23B + ERROR_NOT_AN_INSTALLED_OEM_INF syscall.Errno = 0x20000000 | 0xC0000000 | 0x23C + ERROR_INF_IN_USE_BY_DEVICES syscall.Errno = 0x20000000 | 0xC0000000 | 0x23D + ERROR_DI_FUNCTION_OBSOLETE syscall.Errno = 0x20000000 | 0xC0000000 | 0x23E + ERROR_NO_AUTHENTICODE_CATALOG syscall.Errno = 0x20000000 | 0xC0000000 | 0x23F + ERROR_AUTHENTICODE_DISALLOWED syscall.Errno = 0x20000000 | 0xC0000000 | 0x240 + ERROR_AUTHENTICODE_TRUSTED_PUBLISHER syscall.Errno = 0x20000000 | 0xC0000000 | 0x241 + ERROR_AUTHENTICODE_TRUST_NOT_ESTABLISHED syscall.Errno = 0x20000000 | 0xC0000000 | 0x242 + ERROR_AUTHENTICODE_PUBLISHER_NOT_TRUSTED syscall.Errno = 0x20000000 | 0xC0000000 | 0x243 + ERROR_SIGNATURE_OSATTRIBUTE_MISMATCH syscall.Errno = 0x20000000 | 0xC0000000 | 0x244 + ERROR_ONLY_VALIDATE_VIA_AUTHENTICODE syscall.Errno = 0x20000000 | 0xC0000000 | 0x245 + ERROR_DEVICE_INSTALLER_NOT_READY syscall.Errno = 0x20000000 | 0xC0000000 | 0x246 + ERROR_DRIVER_STORE_ADD_FAILED syscall.Errno = 0x20000000 | 0xC0000000 | 0x247 + ERROR_DEVICE_INSTALL_BLOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x248 + ERROR_DRIVER_INSTALL_BLOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x249 + ERROR_WRONG_INF_TYPE syscall.Errno = 0x20000000 | 0xC0000000 | 0x24A + ERROR_FILE_HASH_NOT_IN_CATALOG syscall.Errno = 0x20000000 | 0xC0000000 | 0x24B + ERROR_DRIVER_STORE_DELETE_FAILED syscall.Errno = 0x20000000 | 0xC0000000 | 0x24C + ERROR_UNRECOVERABLE_STACK_OVERFLOW syscall.Errno = 0x20000000 | 0xC0000000 | 0x300 + EXCEPTION_SPAPI_UNRECOVERABLE_STACK_OVERFLOW syscall.Errno = ERROR_UNRECOVERABLE_STACK_OVERFLOW + ERROR_NO_DEFAULT_INTERFACE_DEVICE syscall.Errno = ERROR_NO_DEFAULT_DEVICE_INTERFACE + ERROR_INTERFACE_DEVICE_ACTIVE syscall.Errno = ERROR_DEVICE_INTERFACE_ACTIVE + ERROR_INTERFACE_DEVICE_REMOVED syscall.Errno = ERROR_DEVICE_INTERFACE_REMOVED + ERROR_NO_SUCH_INTERFACE_DEVICE syscall.Errno = ERROR_NO_SUCH_DEVICE_INTERFACE +) diff --git a/vendor/golang.org/x/sys/windows/svc/service.go b/vendor/golang.org/x/sys/windows/svc/service.go index f7f4ff5b514e..3748528636d6 100644 --- a/vendor/golang.org/x/sys/windows/svc/service.go +++ b/vendor/golang.org/x/sys/windows/svc/service.go @@ -71,11 +71,13 @@ const ( // Status combines State and Accepted commands to fully describe running service. type Status struct { - State State - Accepts Accepted - CheckPoint uint32 // used to report progress during a lengthy operation - WaitHint uint32 // estimated time required for a pending operation, in milliseconds - ProcessId uint32 // if the service is running, the process identifier of it, and otherwise zero + State State + Accepts Accepted + CheckPoint uint32 // used to report progress during a lengthy operation + WaitHint uint32 // estimated time required for a pending operation, in milliseconds + ProcessId uint32 // if the service is running, the process identifier of it, and otherwise zero + Win32ExitCode uint32 // set if the service has exited with a win32 exit code + ServiceSpecificExitCode uint32 // set if the service has exited with a service-specific exit code } // ChangeRequest is sent to the service Handler to request service status change. diff --git a/vendor/golang.org/x/sys/windows/syscall.go b/vendor/golang.org/x/sys/windows/syscall.go index af828a91bcf3..6122f557a097 100644 --- a/vendor/golang.org/x/sys/windows/syscall.go +++ b/vendor/golang.org/x/sys/windows/syscall.go @@ -25,17 +25,20 @@ package windows // import "golang.org/x/sys/windows" import ( + "bytes" + "strings" "syscall" + "unsafe" + + "golang.org/x/sys/internal/unsafeheader" ) // ByteSliceFromString returns a NUL-terminated slice of bytes // containing the text of s. If s contains a NUL byte at any // location, it returns (nil, syscall.EINVAL). func ByteSliceFromString(s string) ([]byte, error) { - for i := 0; i < len(s); i++ { - if s[i] == 0 { - return nil, syscall.EINVAL - } + if strings.IndexByte(s, 0) != -1 { + return nil, syscall.EINVAL } a := make([]byte, len(s)+1) copy(a, s) @@ -53,6 +56,41 @@ func BytePtrFromString(s string) (*byte, error) { return &a[0], nil } +// ByteSliceToString returns a string form of the text represented by the slice s, with a terminating NUL and any +// bytes after the NUL removed. +func ByteSliceToString(s []byte) string { + if i := bytes.IndexByte(s, 0); i != -1 { + s = s[:i] + } + return string(s) +} + +// BytePtrToString takes a pointer to a sequence of text and returns the corresponding string. +// If the pointer is nil, it returns the empty string. It assumes that the text sequence is terminated +// at a zero byte; if the zero byte is not present, the program may crash. +func BytePtrToString(p *byte) string { + if p == nil { + return "" + } + if *p == 0 { + return "" + } + + // Find NUL terminator. + n := 0 + for ptr := unsafe.Pointer(p); *(*byte)(ptr) != 0; n++ { + ptr = unsafe.Pointer(uintptr(ptr) + 1) + } + + var s []byte + h := (*unsafeheader.Slice)(unsafe.Pointer(&s)) + h.Data = unsafe.Pointer(p) + h.Len = n + h.Cap = n + + return string(s) +} + // Single-word zero for use when we need a valid pointer to 0 bytes. // See mksyscall.pl. var _zero uintptr diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go index bbd075dfec20..d249919c30f0 100644 --- a/vendor/golang.org/x/sys/windows/syscall_windows.go +++ b/vendor/golang.org/x/sys/windows/syscall_windows.go @@ -18,6 +18,7 @@ import ( ) type Handle uintptr +type HWND uintptr const ( InvalidHandle = ^Handle(0) @@ -92,11 +93,11 @@ func UTF16FromString(s string) ([]uint16, error) { } // UTF16ToString returns the UTF-8 encoding of the UTF-16 sequence s, -// with a terminating NUL removed. +// with a terminating NUL and any bytes after the NUL removed. func UTF16ToString(s []uint16) string { for i, v := range s { if v == 0 { - s = s[0:i] + s = s[:i] break } } @@ -120,7 +121,7 @@ func UTF16PtrFromString(s string) (*uint16, error) { } // UTF16PtrToString takes a pointer to a UTF-16 sequence and returns the corresponding UTF-8 encoded string. -// If the pointer is nil, this returns the empty string. This assumes that the UTF-16 sequence is terminated +// If the pointer is nil, it returns the empty string. It assumes that the UTF-16 sequence is terminated // at a zero word; if the zero word is not present, the program may crash. func UTF16PtrToString(p *uint16) string { if p == nil { @@ -170,10 +171,13 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys GetProcAddress(module Handle, procname string) (proc uintptr, err error) //sys GetModuleFileName(module Handle, filename *uint16, size uint32) (n uint32, err error) = kernel32.GetModuleFileNameW //sys GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err error) = kernel32.GetModuleHandleExW +//sys SetDefaultDllDirectories(directoryFlags uint32) (err error) +//sys SetDllDirectory(path string) (err error) = kernel32.SetDllDirectoryW //sys GetVersion() (ver uint32, err error) //sys FormatMessage(flags uint32, msgsrc uintptr, msgid uint32, langid uint32, buf []uint16, args *byte) (n uint32, err error) = FormatMessageW //sys ExitProcess(exitcode uint32) //sys IsWow64Process(handle Handle, isWow64 *bool) (err error) = IsWow64Process +//sys IsWow64Process2(handle Handle, processMachine *uint16, nativeMachine *uint16) (err error) = IsWow64Process2? //sys CreateFile(name *uint16, access uint32, mode uint32, sa *SecurityAttributes, createmode uint32, attrs uint32, templatefile Handle) (handle Handle, err error) [failretval==InvalidHandle] = CreateFileW //sys ReadFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error) //sys WriteFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error) @@ -187,6 +191,7 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys FindClose(handle Handle) (err error) //sys GetFileInformationByHandle(handle Handle, data *ByHandleFileInformation) (err error) //sys GetFileInformationByHandleEx(handle Handle, class uint32, outBuffer *byte, outBufferLen uint32) (err error) +//sys SetFileInformationByHandle(handle Handle, class uint32, inBuffer *byte, inBufferLen uint32) (err error) //sys GetCurrentDirectory(buflen uint32, buf *uint16) (n uint32, err error) = GetCurrentDirectoryW //sys SetCurrentDirectory(path *uint16) (err error) = SetCurrentDirectoryW //sys CreateDirectory(path *uint16, sa *SecurityAttributes) (err error) = CreateDirectoryW @@ -210,6 +215,10 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys CreateProcess(appName *uint16, commandLine *uint16, procSecurity *SecurityAttributes, threadSecurity *SecurityAttributes, inheritHandles bool, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *StartupInfo, outProcInfo *ProcessInformation) (err error) = CreateProcessW //sys OpenProcess(desiredAccess uint32, inheritHandle bool, processId uint32) (handle Handle, err error) //sys ShellExecute(hwnd Handle, verb *uint16, file *uint16, args *uint16, cwd *uint16, showCmd int32) (err error) [failretval<=32] = shell32.ShellExecuteW +//sys GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32) = user32.GetWindowThreadProcessId +//sys GetShellWindow() (shellWindow HWND) = user32.GetShellWindow +//sys MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) [failretval==0] = user32.MessageBoxW +//sys ExitWindowsEx(flags uint32, reason uint32) (err error) = user32.ExitWindowsEx //sys shGetKnownFolderPath(id *KNOWNFOLDERID, flags uint32, token Token, path **uint16) (ret error) = shell32.SHGetKnownFolderPath //sys TerminateProcess(handle Handle, exitcode uint32) (err error) //sys GetExitCodeProcess(handle Handle, exitcode *uint32) (err error) @@ -243,6 +252,7 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys GetFullPathName(path *uint16, buflen uint32, buf *uint16, fname **uint16) (n uint32, err error) = kernel32.GetFullPathNameW //sys GetLongPathName(path *uint16, buf *uint16, buflen uint32) (n uint32, err error) = kernel32.GetLongPathNameW //sys GetShortPathName(longpath *uint16, shortpath *uint16, buflen uint32) (n uint32, err error) = kernel32.GetShortPathNameW +//sys GetFinalPathNameByHandle(file Handle, filePath *uint16, filePathSize uint32, flags uint32) (n uint32, err error) = kernel32.GetFinalPathNameByHandleW //sys CreateFileMapping(fhandle Handle, sa *SecurityAttributes, prot uint32, maxSizeHigh uint32, maxSizeLow uint32, name *uint16) (handle Handle, err error) = kernel32.CreateFileMappingW //sys MapViewOfFile(handle Handle, access uint32, offsetHigh uint32, offsetLow uint32, length uintptr) (addr uintptr, err error) //sys UnmapViewOfFile(addr uintptr) (err error) @@ -255,10 +265,13 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys TransmitFile(s Handle, handle Handle, bytesToWrite uint32, bytsPerSend uint32, overlapped *Overlapped, transmitFileBuf *TransmitFileBuffers, flags uint32) (err error) = mswsock.TransmitFile //sys ReadDirectoryChanges(handle Handle, buf *byte, buflen uint32, watchSubTree bool, mask uint32, retlen *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) = kernel32.ReadDirectoryChangesW //sys CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) = crypt32.CertOpenSystemStoreW -//sys CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) [failretval==InvalidHandle] = crypt32.CertOpenStore +//sys CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) = crypt32.CertOpenStore //sys CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) [failretval==nil] = crypt32.CertEnumCertificatesInStore //sys CertAddCertificateContextToStore(store Handle, certContext *CertContext, addDisposition uint32, storeContext **CertContext) (err error) = crypt32.CertAddCertificateContextToStore //sys CertCloseStore(store Handle, flags uint32) (err error) = crypt32.CertCloseStore +//sys CertDeleteCertificateFromStore(certContext *CertContext) (err error) = crypt32.CertDeleteCertificateFromStore +//sys CertDuplicateCertificateContext(certContext *CertContext) (dupContext *CertContext) = crypt32.CertDuplicateCertificateContext +//sys PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) = crypt32.PFXImportCertStore //sys CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, additionalStore Handle, para *CertChainPara, flags uint32, reserved uintptr, chainCtx **CertChainContext) (err error) = crypt32.CertGetCertificateChain //sys CertFreeCertificateChain(ctx *CertChainContext) = crypt32.CertFreeCertificateChain //sys CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, encodedLen uint32) (context *CertContext, err error) [failretval==nil] = crypt32.CertCreateCertificateContext @@ -269,12 +282,13 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys RegQueryInfoKey(key Handle, class *uint16, classLen *uint32, reserved *uint32, subkeysLen *uint32, maxSubkeyLen *uint32, maxClassLen *uint32, valuesLen *uint32, maxValueNameLen *uint32, maxValueLen *uint32, saLen *uint32, lastWriteTime *Filetime) (regerrno error) = advapi32.RegQueryInfoKeyW //sys RegEnumKeyEx(key Handle, index uint32, name *uint16, nameLen *uint32, reserved *uint32, class *uint16, classLen *uint32, lastWriteTime *Filetime) (regerrno error) = advapi32.RegEnumKeyExW //sys RegQueryValueEx(key Handle, name *uint16, reserved *uint32, valtype *uint32, buf *byte, buflen *uint32) (regerrno error) = advapi32.RegQueryValueExW +//sys RegNotifyChangeKeyValue(key Handle, watchSubtree bool, notifyFilter uint32, event Handle, asynchronous bool) (regerrno error) = advapi32.RegNotifyChangeKeyValue //sys GetCurrentProcessId() (pid uint32) = kernel32.GetCurrentProcessId //sys ProcessIdToSessionId(pid uint32, sessionid *uint32) (err error) = kernel32.ProcessIdToSessionId //sys GetConsoleMode(console Handle, mode *uint32) (err error) = kernel32.GetConsoleMode //sys SetConsoleMode(console Handle, mode uint32) (err error) = kernel32.SetConsoleMode //sys GetConsoleScreenBufferInfo(console Handle, info *ConsoleScreenBufferInfo) (err error) = kernel32.GetConsoleScreenBufferInfo -//sys SetConsoleCursorPosition(console Handle, position Coord) (err error) = kernel32.SetConsoleCursorPosition +//sys setConsoleCursorPosition(console Handle, position uint32) (err error) = kernel32.SetConsoleCursorPosition //sys WriteConsole(console Handle, buf *uint16, towrite uint32, written *uint32, reserved *byte) (err error) = kernel32.WriteConsoleW //sys ReadConsole(console Handle, buf *uint16, toread uint32, read *uint32, inputControl *byte) (err error) = kernel32.ReadConsoleW //sys CreateToolhelp32Snapshot(flags uint32, processId uint32) (handle Handle, err error) [failretval==InvalidHandle] = kernel32.CreateToolhelp32Snapshot @@ -335,8 +349,6 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys QueryDosDevice(deviceName *uint16, targetPath *uint16, max uint32) (n uint32, err error) [failretval==0] = QueryDosDeviceW //sys SetVolumeLabel(rootPathName *uint16, volumeName *uint16) (err error) = SetVolumeLabelW //sys SetVolumeMountPoint(volumeMountPoint *uint16, volumeName *uint16) (err error) = SetVolumeMountPointW -//sys MessageBox(hwnd Handle, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) [failretval==0] = user32.MessageBoxW -//sys ExitWindowsEx(flags uint32, reason uint32) (err error) = user32.ExitWindowsEx //sys InitiateSystemShutdownEx(machineName *uint16, message *uint16, timeout uint32, forceAppsClosed bool, rebootAfterShutdown bool, reason uint32) (err error) = advapi32.InitiateSystemShutdownExW //sys SetProcessShutdownParameters(level uint32, flags uint32) (err error) = kernel32.SetProcessShutdownParameters //sys GetProcessShutdownParameters(level *uint32, flags *uint32) (err error) = kernel32.GetProcessShutdownParameters @@ -1478,3 +1490,7 @@ func getUILanguages(flags uint32, f func(flags uint32, numLanguages *uint32, buf return languages, nil } } + +func SetConsoleCursorPosition(console Handle, position Coord) error { + return setConsoleCursorPosition(console, *((*uint32)(unsafe.Pointer(&position)))) +} diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go index da1652e74b01..b3bd0da42722 100644 --- a/vendor/golang.org/x/sys/windows/types_windows.go +++ b/vendor/golang.org/x/sys/windows/types_windows.go @@ -249,24 +249,27 @@ const ( const ( // wincrypt.h - PROV_RSA_FULL = 1 - PROV_RSA_SIG = 2 - PROV_DSS = 3 - PROV_FORTEZZA = 4 - PROV_MS_EXCHANGE = 5 - PROV_SSL = 6 - PROV_RSA_SCHANNEL = 12 - PROV_DSS_DH = 13 - PROV_EC_ECDSA_SIG = 14 - PROV_EC_ECNRA_SIG = 15 - PROV_EC_ECDSA_FULL = 16 - PROV_EC_ECNRA_FULL = 17 - PROV_DH_SCHANNEL = 18 - PROV_SPYRUS_LYNKS = 20 - PROV_RNG = 21 - PROV_INTEL_SEC = 22 - PROV_REPLACE_OWF = 23 - PROV_RSA_AES = 24 + /* certenrolld_begin -- PROV_RSA_*/ + PROV_RSA_FULL = 1 + PROV_RSA_SIG = 2 + PROV_DSS = 3 + PROV_FORTEZZA = 4 + PROV_MS_EXCHANGE = 5 + PROV_SSL = 6 + PROV_RSA_SCHANNEL = 12 + PROV_DSS_DH = 13 + PROV_EC_ECDSA_SIG = 14 + PROV_EC_ECNRA_SIG = 15 + PROV_EC_ECDSA_FULL = 16 + PROV_EC_ECNRA_FULL = 17 + PROV_DH_SCHANNEL = 18 + PROV_SPYRUS_LYNKS = 20 + PROV_RNG = 21 + PROV_INTEL_SEC = 22 + PROV_REPLACE_OWF = 23 + PROV_RSA_AES = 24 + + /* dwFlags definitions for CryptAcquireContext */ CRYPT_VERIFYCONTEXT = 0xF0000000 CRYPT_NEWKEYSET = 0x00000008 CRYPT_DELETEKEYSET = 0x00000010 @@ -274,6 +277,17 @@ const ( CRYPT_SILENT = 0x00000040 CRYPT_DEFAULT_CONTAINER_OPTIONAL = 0x00000080 + /* Flags for PFXImportCertStore */ + CRYPT_EXPORTABLE = 0x00000001 + CRYPT_USER_PROTECTED = 0x00000002 + CRYPT_USER_KEYSET = 0x00001000 + PKCS12_PREFER_CNG_KSP = 0x00000100 + PKCS12_ALWAYS_CNG_KSP = 0x00000200 + PKCS12_ALLOW_OVERWRITE_KEY = 0x00004000 + PKCS12_NO_PERSIST_KEY = 0x00008000 + PKCS12_INCLUDE_EXTENDED_PROPERTIES = 0x00000010 + + /* Default usage match type is AND with value zero */ USAGE_MATCH_TYPE_AND = 0 USAGE_MATCH_TYPE_OR = 1 @@ -409,6 +423,10 @@ const ( CERT_CHAIN_POLICY_EV = 8 CERT_CHAIN_POLICY_SSL_F12 = 9 + /* Certificate Store close flags */ + CERT_CLOSE_STORE_FORCE_FLAG = 0x00000001 + CERT_CLOSE_STORE_CHECK_FLAG = 0x00000002 + /* AuthType values for SSLExtraCertChainPolicyPara struct */ AUTHTYPE_CLIENT = 1 AUTHTYPE_SERVER = 2 @@ -1139,6 +1157,11 @@ type CertChainPolicyStatus struct { ExtraPolicyStatus Pointer } +type CryptDataBlob struct { + Size uint32 + Data *byte +} + const ( // do not reorder HKEY_CLASSES_ROOT = 0x80000000 + iota @@ -1772,3 +1795,69 @@ const ( MUI_LANGUAGE_INSTALLED = 0x20 MUI_LANGUAGE_LICENSED = 0x40 ) + +// FILE_INFO_BY_HANDLE_CLASS constants for SetFileInformationByHandle/GetFileInformationByHandleEx +const ( + FileBasicInfo = 0 + FileStandardInfo = 1 + FileNameInfo = 2 + FileRenameInfo = 3 + FileDispositionInfo = 4 + FileAllocationInfo = 5 + FileEndOfFileInfo = 6 + FileStreamInfo = 7 + FileCompressionInfo = 8 + FileAttributeTagInfo = 9 + FileIdBothDirectoryInfo = 10 + FileIdBothDirectoryRestartInfo = 11 + FileIoPriorityHintInfo = 12 + FileRemoteProtocolInfo = 13 + FileFullDirectoryInfo = 14 + FileFullDirectoryRestartInfo = 15 + FileStorageInfo = 16 + FileAlignmentInfo = 17 + FileIdInfo = 18 + FileIdExtdDirectoryInfo = 19 + FileIdExtdDirectoryRestartInfo = 20 + FileDispositionInfoEx = 21 + FileRenameInfoEx = 22 + FileCaseSensitiveInfo = 23 + FileNormalizedNameInfo = 24 +) + +// LoadLibrary flags for determining from where to search for a DLL +const ( + DONT_RESOLVE_DLL_REFERENCES = 0x1 + LOAD_LIBRARY_AS_DATAFILE = 0x2 + LOAD_WITH_ALTERED_SEARCH_PATH = 0x8 + LOAD_IGNORE_CODE_AUTHZ_LEVEL = 0x10 + LOAD_LIBRARY_AS_IMAGE_RESOURCE = 0x20 + LOAD_LIBRARY_AS_DATAFILE_EXCLUSIVE = 0x40 + LOAD_LIBRARY_REQUIRE_SIGNED_TARGET = 0x80 + LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR = 0x100 + LOAD_LIBRARY_SEARCH_APPLICATION_DIR = 0x200 + LOAD_LIBRARY_SEARCH_USER_DIRS = 0x400 + LOAD_LIBRARY_SEARCH_SYSTEM32 = 0x800 + LOAD_LIBRARY_SEARCH_DEFAULT_DIRS = 0x1000 + LOAD_LIBRARY_SAFE_CURRENT_DIRS = 0x00002000 + LOAD_LIBRARY_SEARCH_SYSTEM32_NO_FORWARDER = 0x00004000 + LOAD_LIBRARY_OS_INTEGRITY_CONTINUITY = 0x00008000 +) + +// RegNotifyChangeKeyValue notifyFilter flags. +const ( + // REG_NOTIFY_CHANGE_NAME notifies the caller if a subkey is added or deleted. + REG_NOTIFY_CHANGE_NAME = 0x00000001 + + // REG_NOTIFY_CHANGE_ATTRIBUTES notifies the caller of changes to the attributes of the key, such as the security descriptor information. + REG_NOTIFY_CHANGE_ATTRIBUTES = 0x00000002 + + // REG_NOTIFY_CHANGE_LAST_SET notifies the caller of changes to a value of the key. This can include adding or deleting a value, or changing an existing value. + REG_NOTIFY_CHANGE_LAST_SET = 0x00000004 + + // REG_NOTIFY_CHANGE_SECURITY notifies the caller of changes to the security descriptor of the key. + REG_NOTIFY_CHANGE_SECURITY = 0x00000008 + + // REG_NOTIFY_THREAD_AGNOSTIC indicates that the lifetime of the registration must not be tied to the lifetime of the thread issuing the RegNotifyChangeKeyValue call. Note: This flag value is only supported in Windows 8 and later. + REG_NOTIFY_THREAD_AGNOSTIC = 0x10000000 +) diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go index a25f09676de3..cd5e8528cd79 100644 --- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go +++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go @@ -17,6 +17,7 @@ const ( var ( errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) + errERROR_EINVAL error = syscall.EINVAL ) // errnoErr returns common boxed Errno values, to prevent @@ -24,7 +25,7 @@ var ( func errnoErr(e syscall.Errno) error { switch e { case 0: - return syscall.EINVAL + return errERROR_EINVAL case errnoERROR_IO_PENDING: return errERROR_IO_PENDING } @@ -45,6 +46,7 @@ var ( modntdll = NewLazySystemDLL("ntdll.dll") modole32 = NewLazySystemDLL("ole32.dll") modpsapi = NewLazySystemDLL("psapi.dll") + modsechost = NewLazySystemDLL("sechost.dll") modsecur32 = NewLazySystemDLL("secur32.dll") modshell32 = NewLazySystemDLL("shell32.dll") moduser32 = NewLazySystemDLL("user32.dll") @@ -94,6 +96,7 @@ var ( procImpersonateSelf = modadvapi32.NewProc("ImpersonateSelf") procInitializeSecurityDescriptor = modadvapi32.NewProc("InitializeSecurityDescriptor") procInitiateSystemShutdownExW = modadvapi32.NewProc("InitiateSystemShutdownExW") + procIsTokenRestricted = modadvapi32.NewProc("IsTokenRestricted") procIsValidSecurityDescriptor = modadvapi32.NewProc("IsValidSecurityDescriptor") procIsValidSid = modadvapi32.NewProc("IsValidSid") procIsWellKnownSid = modadvapi32.NewProc("IsWellKnownSid") @@ -114,6 +117,7 @@ var ( procQueryServiceStatusEx = modadvapi32.NewProc("QueryServiceStatusEx") procRegCloseKey = modadvapi32.NewProc("RegCloseKey") procRegEnumKeyExW = modadvapi32.NewProc("RegEnumKeyExW") + procRegNotifyChangeKeyValue = modadvapi32.NewProc("RegNotifyChangeKeyValue") procRegOpenKeyExW = modadvapi32.NewProc("RegOpenKeyExW") procRegQueryInfoKeyW = modadvapi32.NewProc("RegQueryInfoKeyW") procRegQueryValueExW = modadvapi32.NewProc("RegQueryValueExW") @@ -121,6 +125,7 @@ var ( procReportEventW = modadvapi32.NewProc("ReportEventW") procRevertToSelf = modadvapi32.NewProc("RevertToSelf") procSetEntriesInAclW = modadvapi32.NewProc("SetEntriesInAclW") + procSetKernelObjectSecurity = modadvapi32.NewProc("SetKernelObjectSecurity") procSetNamedSecurityInfoW = modadvapi32.NewProc("SetNamedSecurityInfoW") procSetSecurityDescriptorControl = modadvapi32.NewProc("SetSecurityDescriptorControl") procSetSecurityDescriptorDacl = modadvapi32.NewProc("SetSecurityDescriptorDacl") @@ -137,6 +142,8 @@ var ( procCertAddCertificateContextToStore = modcrypt32.NewProc("CertAddCertificateContextToStore") procCertCloseStore = modcrypt32.NewProc("CertCloseStore") procCertCreateCertificateContext = modcrypt32.NewProc("CertCreateCertificateContext") + procCertDeleteCertificateFromStore = modcrypt32.NewProc("CertDeleteCertificateFromStore") + procCertDuplicateCertificateContext = modcrypt32.NewProc("CertDuplicateCertificateContext") procCertEnumCertificatesInStore = modcrypt32.NewProc("CertEnumCertificatesInStore") procCertFreeCertificateChain = modcrypt32.NewProc("CertFreeCertificateChain") procCertFreeCertificateContext = modcrypt32.NewProc("CertFreeCertificateContext") @@ -144,6 +151,7 @@ var ( procCertOpenStore = modcrypt32.NewProc("CertOpenStore") procCertOpenSystemStoreW = modcrypt32.NewProc("CertOpenSystemStoreW") procCertVerifyCertificateChainPolicy = modcrypt32.NewProc("CertVerifyCertificateChainPolicy") + procPFXImportCertStore = modcrypt32.NewProc("PFXImportCertStore") procDnsNameCompare_W = moddnsapi.NewProc("DnsNameCompare_W") procDnsQuery_W = moddnsapi.NewProc("DnsQuery_W") procDnsRecordListFree = moddnsapi.NewProc("DnsRecordListFree") @@ -208,6 +216,7 @@ var ( procGetFileInformationByHandle = modkernel32.NewProc("GetFileInformationByHandle") procGetFileInformationByHandleEx = modkernel32.NewProc("GetFileInformationByHandleEx") procGetFileType = modkernel32.NewProc("GetFileType") + procGetFinalPathNameByHandleW = modkernel32.NewProc("GetFinalPathNameByHandleW") procGetFullPathNameW = modkernel32.NewProc("GetFullPathNameW") procGetLastError = modkernel32.NewProc("GetLastError") procGetLogicalDriveStringsW = modkernel32.NewProc("GetLogicalDriveStringsW") @@ -245,6 +254,7 @@ var ( procGetVolumePathNamesForVolumeNameW = modkernel32.NewProc("GetVolumePathNamesForVolumeNameW") procGetWindowsDirectoryW = modkernel32.NewProc("GetWindowsDirectoryW") procIsWow64Process = modkernel32.NewProc("IsWow64Process") + procIsWow64Process2 = modkernel32.NewProc("IsWow64Process2") procLoadLibraryExW = modkernel32.NewProc("LoadLibraryExW") procLoadLibraryW = modkernel32.NewProc("LoadLibraryW") procLocalFree = modkernel32.NewProc("LocalFree") @@ -274,12 +284,15 @@ var ( procSetConsoleCursorPosition = modkernel32.NewProc("SetConsoleCursorPosition") procSetConsoleMode = modkernel32.NewProc("SetConsoleMode") procSetCurrentDirectoryW = modkernel32.NewProc("SetCurrentDirectoryW") + procSetDefaultDllDirectories = modkernel32.NewProc("SetDefaultDllDirectories") + procSetDllDirectoryW = modkernel32.NewProc("SetDllDirectoryW") procSetEndOfFile = modkernel32.NewProc("SetEndOfFile") procSetEnvironmentVariableW = modkernel32.NewProc("SetEnvironmentVariableW") procSetErrorMode = modkernel32.NewProc("SetErrorMode") procSetEvent = modkernel32.NewProc("SetEvent") procSetFileAttributesW = modkernel32.NewProc("SetFileAttributesW") procSetFileCompletionNotificationModes = modkernel32.NewProc("SetFileCompletionNotificationModes") + procSetFileInformationByHandle = modkernel32.NewProc("SetFileInformationByHandle") procSetFilePointer = modkernel32.NewProc("SetFilePointer") procSetFileTime = modkernel32.NewProc("SetFileTime") procSetHandleInformation = modkernel32.NewProc("SetHandleInformation") @@ -320,12 +333,16 @@ var ( procCoTaskMemFree = modole32.NewProc("CoTaskMemFree") procStringFromGUID2 = modole32.NewProc("StringFromGUID2") procEnumProcesses = modpsapi.NewProc("EnumProcesses") + procSubscribeServiceChangeNotifications = modsechost.NewProc("SubscribeServiceChangeNotifications") + procUnsubscribeServiceChangeNotifications = modsechost.NewProc("UnsubscribeServiceChangeNotifications") procGetUserNameExW = modsecur32.NewProc("GetUserNameExW") procTranslateNameW = modsecur32.NewProc("TranslateNameW") procCommandLineToArgvW = modshell32.NewProc("CommandLineToArgvW") procSHGetKnownFolderPath = modshell32.NewProc("SHGetKnownFolderPath") procShellExecuteW = modshell32.NewProc("ShellExecuteW") procExitWindowsEx = moduser32.NewProc("ExitWindowsEx") + procGetShellWindow = moduser32.NewProc("GetShellWindow") + procGetWindowThreadProcessId = moduser32.NewProc("GetWindowThreadProcessId") procMessageBoxW = moduser32.NewProc("MessageBoxW") procCreateEnvironmentBlock = moduserenv.NewProc("CreateEnvironmentBlock") procDestroyEnvironmentBlock = moduserenv.NewProc("DestroyEnvironmentBlock") @@ -750,6 +767,15 @@ func InitiateSystemShutdownEx(machineName *uint16, message *uint16, timeout uint return } +func isTokenRestricted(tokenHandle Token) (ret bool, err error) { + r0, _, e1 := syscall.Syscall(procIsTokenRestricted.Addr(), 1, uintptr(tokenHandle), 0, 0) + ret = r0 != 0 + if !ret { + err = errnoErr(e1) + } + return +} + func isValidSecurityDescriptor(sd *SECURITY_DESCRIPTOR) (isValid bool) { r0, _, _ := syscall.Syscall(procIsValidSecurityDescriptor.Addr(), 1, uintptr(unsafe.Pointer(sd)), 0, 0) isValid = r0 != 0 @@ -910,6 +936,22 @@ func RegEnumKeyEx(key Handle, index uint32, name *uint16, nameLen *uint32, reser return } +func RegNotifyChangeKeyValue(key Handle, watchSubtree bool, notifyFilter uint32, event Handle, asynchronous bool) (regerrno error) { + var _p0 uint32 + if watchSubtree { + _p0 = 1 + } + var _p1 uint32 + if asynchronous { + _p1 = 1 + } + r0, _, _ := syscall.Syscall6(procRegNotifyChangeKeyValue.Addr(), 5, uintptr(key), uintptr(_p0), uintptr(notifyFilter), uintptr(event), uintptr(_p1), 0) + if r0 != 0 { + regerrno = syscall.Errno(r0) + } + return +} + func RegOpenKeyEx(key Handle, subkey *uint16, options uint32, desiredAccess uint32, result *Handle) (regerrno error) { r0, _, _ := syscall.Syscall6(procRegOpenKeyExW.Addr(), 5, uintptr(key), uintptr(unsafe.Pointer(subkey)), uintptr(options), uintptr(desiredAccess), uintptr(unsafe.Pointer(result)), 0) if r0 != 0 { @@ -967,6 +1009,14 @@ func setEntriesInAcl(countExplicitEntries uint32, explicitEntries *EXPLICIT_ACCE return } +func SetKernelObjectSecurity(handle Handle, securityInformation SECURITY_INFORMATION, securityDescriptor *SECURITY_DESCRIPTOR) (err error) { + r1, _, e1 := syscall.Syscall(procSetKernelObjectSecurity.Addr(), 3, uintptr(handle), uintptr(securityInformation), uintptr(unsafe.Pointer(securityDescriptor))) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func SetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) { var _p0 *uint16 _p0, ret = syscall.UTF16PtrFromString(objectName) @@ -1053,8 +1103,11 @@ func setSecurityDescriptorSacl(sd *SECURITY_DESCRIPTOR, saclPresent bool, sacl * return } -func SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) { - syscall.Syscall9(procSetSecurityInfo.Addr(), 7, uintptr(handle), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), 0, 0) +func SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) { + r0, _, _ := syscall.Syscall9(procSetSecurityInfo.Addr(), 7, uintptr(handle), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), 0, 0) + if r0 != 0 { + ret = syscall.Errno(r0) + } return } @@ -1123,6 +1176,20 @@ func CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, en return } +func CertDeleteCertificateFromStore(certContext *CertContext) (err error) { + r1, _, e1 := syscall.Syscall(procCertDeleteCertificateFromStore.Addr(), 1, uintptr(unsafe.Pointer(certContext)), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + +func CertDuplicateCertificateContext(certContext *CertContext) (dupContext *CertContext) { + r0, _, _ := syscall.Syscall(procCertDuplicateCertificateContext.Addr(), 1, uintptr(unsafe.Pointer(certContext)), 0, 0) + dupContext = (*CertContext)(unsafe.Pointer(r0)) + return +} + func CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) { r0, _, e1 := syscall.Syscall(procCertEnumCertificatesInStore.Addr(), 2, uintptr(store), uintptr(unsafe.Pointer(prevContext)), 0) context = (*CertContext)(unsafe.Pointer(r0)) @@ -1156,7 +1223,7 @@ func CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, a func CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) { r0, _, e1 := syscall.Syscall6(procCertOpenStore.Addr(), 5, uintptr(storeProvider), uintptr(msgAndCertEncodingType), uintptr(cryptProv), uintptr(flags), uintptr(para), 0) handle = Handle(r0) - if handle == InvalidHandle { + if handle == 0 { err = errnoErr(e1) } return @@ -1179,6 +1246,15 @@ func CertVerifyCertificateChainPolicy(policyOID uintptr, chain *CertChainContext return } +func PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) { + r0, _, e1 := syscall.Syscall(procPFXImportCertStore.Addr(), 3, uintptr(unsafe.Pointer(pfx)), uintptr(unsafe.Pointer(password)), uintptr(flags)) + store = Handle(r0) + if store == 0 { + err = errnoErr(e1) + } + return +} + func DnsNameCompare(name1 *uint16, name2 *uint16) (same bool) { r0, _, _ := syscall.Syscall(procDnsNameCompare_W.Addr(), 2, uintptr(unsafe.Pointer(name1)), uintptr(unsafe.Pointer(name2)), 0) same = r0 != 0 @@ -1716,6 +1792,15 @@ func GetFileType(filehandle Handle) (n uint32, err error) { return } +func GetFinalPathNameByHandle(file Handle, filePath *uint16, filePathSize uint32, flags uint32) (n uint32, err error) { + r0, _, e1 := syscall.Syscall6(procGetFinalPathNameByHandleW.Addr(), 4, uintptr(file), uintptr(unsafe.Pointer(filePath)), uintptr(filePathSize), uintptr(flags), 0, 0) + n = uint32(r0) + if n == 0 { + err = errnoErr(e1) + } + return +} + func GetFullPathName(path *uint16, buflen uint32, buf *uint16, fname **uint16) (n uint32, err error) { r0, _, e1 := syscall.Syscall6(procGetFullPathNameW.Addr(), 4, uintptr(unsafe.Pointer(path)), uintptr(buflen), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(fname)), 0, 0) n = uint32(r0) @@ -2035,6 +2120,18 @@ func IsWow64Process(handle Handle, isWow64 *bool) (err error) { return } +func IsWow64Process2(handle Handle, processMachine *uint16, nativeMachine *uint16) (err error) { + err = procIsWow64Process2.Find() + if err != nil { + return + } + r1, _, e1 := syscall.Syscall(procIsWow64Process2.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(processMachine)), uintptr(unsafe.Pointer(nativeMachine))) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func LoadLibraryEx(libname string, zero Handle, flags uintptr) (handle Handle, err error) { var _p0 *uint16 _p0, err = syscall.UTF16PtrFromString(libname) @@ -2296,8 +2393,8 @@ func ResumeThread(thread Handle) (ret uint32, err error) { return } -func SetConsoleCursorPosition(console Handle, position Coord) (err error) { - r1, _, e1 := syscall.Syscall(procSetConsoleCursorPosition.Addr(), 2, uintptr(console), uintptr(*((*uint32)(unsafe.Pointer(&position)))), 0) +func setConsoleCursorPosition(console Handle, position uint32) (err error) { + r1, _, e1 := syscall.Syscall(procSetConsoleCursorPosition.Addr(), 2, uintptr(console), uintptr(position), 0) if r1 == 0 { err = errnoErr(e1) } @@ -2320,6 +2417,31 @@ func SetCurrentDirectory(path *uint16) (err error) { return } +func SetDefaultDllDirectories(directoryFlags uint32) (err error) { + r1, _, e1 := syscall.Syscall(procSetDefaultDllDirectories.Addr(), 1, uintptr(directoryFlags), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + +func SetDllDirectory(path string) (err error) { + var _p0 *uint16 + _p0, err = syscall.UTF16PtrFromString(path) + if err != nil { + return + } + return _SetDllDirectory(_p0) +} + +func _SetDllDirectory(path *uint16) (err error) { + r1, _, e1 := syscall.Syscall(procSetDllDirectoryW.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func SetEndOfFile(handle Handle) (err error) { r1, _, e1 := syscall.Syscall(procSetEndOfFile.Addr(), 1, uintptr(handle), 0, 0) if r1 == 0 { @@ -2366,6 +2488,14 @@ func SetFileCompletionNotificationModes(handle Handle, flags uint8) (err error) return } +func SetFileInformationByHandle(handle Handle, class uint32, inBuffer *byte, inBufferLen uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procSetFileInformationByHandle.Addr(), 4, uintptr(handle), uintptr(class), uintptr(unsafe.Pointer(inBuffer)), uintptr(inBufferLen), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func SetFilePointer(handle Handle, lowoffset int32, highoffsetptr *int32, whence uint32) (newlowoffset uint32, err error) { r0, _, e1 := syscall.Syscall6(procSetFilePointer.Addr(), 4, uintptr(handle), uintptr(lowoffset), uintptr(unsafe.Pointer(highoffsetptr)), uintptr(whence), 0, 0) newlowoffset = uint32(r0) @@ -2698,6 +2828,27 @@ func EnumProcesses(processIds []uint32, bytesReturned *uint32) (err error) { return } +func SubscribeServiceChangeNotifications(service Handle, eventType uint32, callback uintptr, callbackCtx uintptr, subscription *uintptr) (ret error) { + ret = procSubscribeServiceChangeNotifications.Find() + if ret != nil { + return + } + r0, _, _ := syscall.Syscall6(procSubscribeServiceChangeNotifications.Addr(), 5, uintptr(service), uintptr(eventType), uintptr(callback), uintptr(callbackCtx), uintptr(unsafe.Pointer(subscription)), 0) + if r0 != 0 { + ret = syscall.Errno(r0) + } + return +} + +func UnsubscribeServiceChangeNotifications(subscription uintptr) (err error) { + err = procUnsubscribeServiceChangeNotifications.Find() + if err != nil { + return + } + syscall.Syscall(procUnsubscribeServiceChangeNotifications.Addr(), 1, uintptr(subscription), 0, 0) + return +} + func GetUserNameEx(nameFormat uint32, nameBuffre *uint16, nSize *uint32) (err error) { r1, _, e1 := syscall.Syscall(procGetUserNameExW.Addr(), 3, uintptr(nameFormat), uintptr(unsafe.Pointer(nameBuffre)), uintptr(unsafe.Pointer(nSize))) if r1&0xff == 0 { @@ -2747,7 +2898,19 @@ func ExitWindowsEx(flags uint32, reason uint32) (err error) { return } -func MessageBox(hwnd Handle, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) { +func GetShellWindow() (shellWindow HWND) { + r0, _, _ := syscall.Syscall(procGetShellWindow.Addr(), 0, 0, 0, 0) + shellWindow = HWND(r0) + return +} + +func GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32) { + r0, _, _ := syscall.Syscall(procGetWindowThreadProcessId.Addr(), 2, uintptr(hwnd), uintptr(unsafe.Pointer(pid)), 0) + tid = uint32(r0) + return +} + +func MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) { r0, _, e1 := syscall.Syscall6(procMessageBoxW.Addr(), 4, uintptr(hwnd), uintptr(unsafe.Pointer(text)), uintptr(unsafe.Pointer(caption)), uintptr(boxtype), 0, 0) ret = int32(r0) if ret == 0 { From 48d30b5b32e99c932b4ea3edca74353feddd83ff Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Mon, 25 Jan 2021 19:18:54 +0000 Subject: [PATCH 005/127] Use golang.org/x/sys/execabs On Windows, the os/exec.{Command,CommandContext,LookPath} functions resolve command names that have neither path separators nor file extension (e.g., "git") by first looking in the current working directory before looking in the PATH environment variable. Go maintainers intended to match cmd.exe's historical behavior. However, this is pretty much never the intended behavior and as an abundance of precaution this patch prevents that when executing commands. Example of commands that docker.exe may execute: `git`, `docker-buildx` (or other cli plugin), `docker-credential-wincred`, `docker`. Note that this was prompted by the [Go 1.15.7 security fixes](https://blog.golang.org/path-security), but unlike in `go.exe`, the windows path lookups in docker are not in a code path allowing remote code execution, thus there is no security impact on docker. Signed-off-by: Tibor Vass (cherry picked from commit 8d199d5bba9db46b6610bd959d815ce7197402b3) Signed-off-by: Tibor Vass --- cli-plugins/manager/candidate.go | 2 +- cli-plugins/manager/manager.go | 2 +- cli/command/image/build/context.go | 2 +- cli/config/credentials/default_store.go | 2 +- cli/connhelper/commandconn/commandconn.go | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cli-plugins/manager/candidate.go b/cli-plugins/manager/candidate.go index 2000e5b142f6..752b1cb0ef8f 100644 --- a/cli-plugins/manager/candidate.go +++ b/cli-plugins/manager/candidate.go @@ -1,7 +1,7 @@ package manager import ( - "os/exec" + exec "golang.org/x/sys/execabs" ) // Candidate represents a possible plugin candidate, for mocking purposes diff --git a/cli-plugins/manager/manager.go b/cli-plugins/manager/manager.go index eaac4826221f..50f7208ea334 100644 --- a/cli-plugins/manager/manager.go +++ b/cli-plugins/manager/manager.go @@ -3,7 +3,6 @@ package manager import ( "io/ioutil" "os" - "os/exec" "path/filepath" "sort" "strings" @@ -12,6 +11,7 @@ import ( "github.com/docker/cli/cli/config" "github.com/fvbommel/sortorder" "github.com/spf13/cobra" + exec "golang.org/x/sys/execabs" ) // ReexecEnvvar is the name of an ennvar which is set to the command diff --git a/cli/command/image/build/context.go b/cli/command/image/build/context.go index 24a9d525b5fb..2509f66de4a4 100644 --- a/cli/command/image/build/context.go +++ b/cli/command/image/build/context.go @@ -9,7 +9,6 @@ import ( "io/ioutil" "net/http" "os" - "os/exec" "path/filepath" "runtime" "strings" @@ -24,6 +23,7 @@ import ( "github.com/docker/docker/pkg/streamformatter" "github.com/docker/docker/pkg/stringid" "github.com/pkg/errors" + exec "golang.org/x/sys/execabs" ) const ( diff --git a/cli/config/credentials/default_store.go b/cli/config/credentials/default_store.go index 7a760f1a979c..402235bff025 100644 --- a/cli/config/credentials/default_store.go +++ b/cli/config/credentials/default_store.go @@ -1,7 +1,7 @@ package credentials import ( - "os/exec" + exec "golang.org/x/sys/execabs" ) // DetectDefaultStore return the default credentials store for the platform if diff --git a/cli/connhelper/commandconn/commandconn.go b/cli/connhelper/commandconn/commandconn.go index 4c5783fb3bc2..128da447b5f6 100644 --- a/cli/connhelper/commandconn/commandconn.go +++ b/cli/connhelper/commandconn/commandconn.go @@ -20,7 +20,6 @@ import ( "io" "net" "os" - "os/exec" "runtime" "strings" "sync" @@ -29,6 +28,7 @@ import ( "github.com/pkg/errors" "github.com/sirupsen/logrus" + exec "golang.org/x/sys/execabs" ) // New returns net.Conn From 82123939f738796870be0c3a4357a157d630e9bd Mon Sep 17 00:00:00 2001 From: Harald Albers Date: Tue, 15 Dec 2020 20:06:01 +0000 Subject: [PATCH 006/127] Add bash completion for jobs Signed-off-by: Harald Albers (cherry picked from commit a4e86b543304726bb5639892a045f319a0471fc0) Signed-off-by: Sebastiaan van Stijn --- contrib/completion/bash/docker | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/contrib/completion/bash/docker b/contrib/completion/bash/docker index 6baf68211822..49868abbaf9f 100644 --- a/contrib/completion/bash/docker +++ b/contrib/completion/bash/docker @@ -3601,7 +3601,7 @@ _docker_service_ls() { return ;; mode) - COMPREPLY=( $( compgen -W "global replicated" -- "${cur##*=}" ) ) + COMPREPLY=( $( compgen -W "global global-job replicated replicated-job" -- "${cur##*=}" ) ) return ;; name) @@ -3731,6 +3731,7 @@ _docker_service_update_and_create() { --limit-pids --log-driver --log-opt + --max-replicas --replicas --replicas-max-per-node --reserve-cpu @@ -3804,7 +3805,7 @@ _docker_service_update_and_create() { return ;; --mode) - COMPREPLY=( $( compgen -W "global replicated" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "global global-job replicated replicated-job" -- "$cur" ) ) return ;; esac From e82920d76d6b5e925944ea4e420fb1195dd7ddb2 Mon Sep 17 00:00:00 2001 From: rochfeu <46478807+rochfeu@users.noreply.github.com> Date: Wed, 6 Jan 2021 09:25:10 +0100 Subject: [PATCH 007/127] Remove duplicate word in push.md Signed-off-by: Roch Feuillade (cherry picked from commit 69b5487e394b5b358461e1337009491c20e39dfb) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/push.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/push.md b/docs/reference/commandline/push.md index 80b0a2248e51..a0906753c2f0 100644 --- a/docs/reference/commandline/push.md +++ b/docs/reference/commandline/push.md @@ -76,7 +76,7 @@ listed. ### Push all tags of an image -Use the `-a` (or `--all-tags`) option to push To push all tags of a local image. +Use the `-a` (or `--all-tags`) option to push all tags of a local image. The following example creates multiple tags for an image, and pushes all those tags to Docker Hub. From 6aa1b37c8d188f88ac4e144345fffa2c2ef73a9a Mon Sep 17 00:00:00 2001 From: Harald Albers Date: Tue, 5 Jan 2021 21:43:53 +0000 Subject: [PATCH 008/127] Add bash completion for `docker run|create --pull` Signed-off-by: Harald Albers (cherry picked from commit 8242fe1fcc3ac190396a4f8aae887f51ab84b044) Signed-off-by: Sebastiaan van Stijn --- contrib/completion/bash/docker | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/contrib/completion/bash/docker b/contrib/completion/bash/docker index 49868abbaf9f..afa7aa287ba4 100644 --- a/contrib/completion/bash/docker +++ b/contrib/completion/bash/docker @@ -1955,6 +1955,7 @@ _docker_container_run_and_create() { --pid --pids-limit --publish -p + --pull --restart --runtime --security-opt @@ -2153,6 +2154,10 @@ _docker_container_run_and_create() { esac return ;; + --pull) + COMPREPLY=( $( compgen -W 'always missing never' -- "$cur" ) ) + return + ;; --runtime) __docker_complete_runtimes return From 08c4fdfa7aa9245416f83bb393a21aade51778dd Mon Sep 17 00:00:00 2001 From: Harald Albers Date: Tue, 5 Jan 2021 22:31:07 +0000 Subject: [PATCH 009/127] Add bash completion for `dockerd --ip6tables` Signed-off-by: Harald Albers (cherry picked from commit ba2fef9bcb6e6abde537cb51dce45b6fa6eca62a) Signed-off-by: Sebastiaan van Stijn --- contrib/completion/bash/docker | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/completion/bash/docker b/contrib/completion/bash/docker index afa7aa287ba4..fd30b2431327 100644 --- a/contrib/completion/bash/docker +++ b/contrib/completion/bash/docker @@ -2553,6 +2553,7 @@ _docker_daemon() { --ip-forward=false --ip-masq=false --iptables=false + --ip6tables --ipv6 --live-restore --no-new-privileges From 4eb050071ef58e18f0a1191d97b2d2a8791a96ff Mon Sep 17 00:00:00 2001 From: Harald Albers Date: Tue, 5 Jan 2021 22:04:36 +0000 Subject: [PATCH 010/127] Update bash completion for fluentd --log-options Signed-off-by: Harald Albers (cherry picked from commit 5a252fb3ad1dc9b876cd456f36637cfa1ba3ea1d) Signed-off-by: Sebastiaan van Stijn --- contrib/completion/bash/docker | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/completion/bash/docker b/contrib/completion/bash/docker index fd30b2431327..8c1d9727a212 100644 --- a/contrib/completion/bash/docker +++ b/contrib/completion/bash/docker @@ -935,7 +935,7 @@ __docker_complete_log_options() { # awslogs does not implement the $common_options2. local awslogs_options="$common_options1 awslogs-create-group awslogs-credentials-endpoint awslogs-datetime-format awslogs-group awslogs-multiline-pattern awslogs-region awslogs-stream tag" - local fluentd_options="$common_options1 $common_options2 fluentd-address fluentd-async-connect fluentd-buffer-limit fluentd-retry-wait fluentd-max-retries fluentd-sub-second-precision tag" + local fluentd_options="$common_options1 $common_options2 fluentd-address fluentd-async fluentd-buffer-limit fluentd-request-ack fluentd-retry-wait fluentd-max-retries fluentd-sub-second-precision tag" local gcplogs_options="$common_options1 $common_options2 gcp-log-cmd gcp-meta-id gcp-meta-name gcp-meta-zone gcp-project" local gelf_options="$common_options1 $common_options2 gelf-address gelf-compression-level gelf-compression-type gelf-tcp-max-reconnect gelf-tcp-reconnect-delay tag" local journald_options="$common_options1 $common_options2 tag" From b22fe0fb1461db9d43069a08ca64c625b3b57c3a Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 4 Jan 2021 14:36:25 +0100 Subject: [PATCH 011/127] deprecate blkio-weight options with cgroups v1 These options were deprecated and removed in the Linux kernel v5.0 and up in; - https://github.com/torvalds/linux/commit/f382fb0bcef4c37dc049e9f6963e3baf204d815c - https://github.com/torvalds/linux/commit/fb5772cbfe48575711bf789767d561582376f7f1 - https://github.com/torvalds/linux/commit/23aa16489c06e6739c7c99e9fdccf723d2691a5d Signed-off-by: Sebastiaan van Stijn (cherry picked from commit fb2ea098a989f5a629dd4d5e58d6b48e4e21ca4b) Signed-off-by: Sebastiaan van Stijn --- docs/deprecated.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docs/deprecated.md b/docs/deprecated.md index 267f8eef871d..9af6c5bb5472 100644 --- a/docs/deprecated.md +++ b/docs/deprecated.md @@ -52,6 +52,7 @@ Status | Feature -----------|------------------------------------------------------------------------------------------------------------------------------------|------------|------------ Deprecated | [Pulling images from non-compliant image registries](#pulling-images-from-non-compliant-image-registries) | v20.10 | - Deprecated | [Linux containers on Windows (LCOW)](#linux-containers-on-windows-lcow-experimental) | v20.10 | - +Deprecated | [BLKIO weight options with cgroups v1](#blkio-weight-options–with-cgroups-v1) | v20.10 | - Deprecated | [Kernel memory limit](#kernel-memory-limit) | v20.10 | - Deprecated | [Classic Swarm and overlay networks using external key/value stores](#classic-swarm-and-overlay-networks-using-cluster-store) | v20.10 | - Deprecated | [Support for the legacy `~/.dockercfg` configuration file for authentication](#support-for-legacy-dockercfg-configuration-files) | v20.10 | - @@ -140,6 +141,16 @@ now stopped in favor of running docker natively on Linux in WSL2. Developers who want to run Linux workloads on a Windows host are encouraged to use [Docker Desktop with WSL2](https://docs.docker.com/docker-for-windows/wsl/) instead. +### BLKIO weight options with cgroups v1 + +**Deprecated in Release: v20.10** + +Specifying blkio weight (`docker run --blkio-weight` and `docker run --blkio-weight-device`) +is now marked as deprecated when using cgrous v1 because the corresponding features +were [removed in Linux kernel v5.0 and up](https://github.com/torvalds/linux/commit/f382fb0bcef4c37dc049e9f6963e3baf204d815c). +When using cgroups v2, the `--blkio-weight` options are implemented using +[`io.weight](https://github.com/torvalds/linux/blob/v5.0/Documentation/admin-guide/cgroup-v2.rst#io). + ### Kernel memory limit **Deprecated in Release: v20.10** From be966aa1941aef15d7da45720810e338ad5e12fc Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 8 Jan 2021 16:03:51 +0100 Subject: [PATCH 012/127] docs: fix typo in deprecated.md Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 697c3a5b48dbdb9890230b1e3569c5755ee2333d) Signed-off-by: Sebastiaan van Stijn --- docs/deprecated.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/deprecated.md b/docs/deprecated.md index 9af6c5bb5472..4cff064feb5c 100644 --- a/docs/deprecated.md +++ b/docs/deprecated.md @@ -146,7 +146,7 @@ Developers who want to run Linux workloads on a Windows host are encouraged to u **Deprecated in Release: v20.10** Specifying blkio weight (`docker run --blkio-weight` and `docker run --blkio-weight-device`) -is now marked as deprecated when using cgrous v1 because the corresponding features +is now marked as deprecated when using cgroups v1 because the corresponding features were [removed in Linux kernel v5.0 and up](https://github.com/torvalds/linux/commit/f382fb0bcef4c37dc049e9f6963e3baf204d815c). When using cgroups v2, the `--blkio-weight` options are implemented using [`io.weight](https://github.com/torvalds/linux/blob/v5.0/Documentation/admin-guide/cgroup-v2.rst#io). From 42811a7eb9dca48cc1e18384e61eee2623bc8ea0 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 21 Jan 2021 15:40:37 +0100 Subject: [PATCH 013/127] docs: add redirect for old reference URL Signed-off-by: Sebastiaan van Stijn (cherry picked from commit a4fb01f957e63e2fd2d39d4e12119ede676b14c4) Signed-off-by: Sebastiaan van Stijn --- docs/reference/run.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/reference/run.md b/docs/reference/run.md index ad4dd36baf58..814fdf318d53 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -1,6 +1,8 @@ --- description: "Configure containers at runtime" keywords: "docker, run, configure, runtime" +redirect_from: +- /reference/run/ --- 22738ff49c6d Step 2/2 : COPY testfile.txt c:\RUN dir c: GetFileAttributesEx c:RUN: The system cannot find the file specified. -PS C:\John> +PS E:\myproject> ``` One solution to the above would be to use `/` as the target of both the `COPY` @@ -441,8 +443,9 @@ RUN dir c:\ Results in: -```powershell -PS C:\John> docker build -t succeeds --no-cache=true . +```console +PS E:\myproject> docker build -t succeeds --no-cache=true . + Sending build context to Docker daemon 3.072 kB Step 1/3 : FROM microsoft/nanoserver ---> 22738ff49c6d @@ -467,7 +470,7 @@ Step 3/3 : RUN dir c:\ ---> 01c7f3bef04f Removing intermediate container a2c157f842f5 Successfully built 01c7f3bef04f -PS C:\John> +PS E:\myproject> ``` ## Environment replacement @@ -910,8 +913,8 @@ the most-recently-applied value overrides any previously-set value. To view an image's labels, use the `docker image inspect` command. You can use the `--format` option to show just the labels; -```bash -docker image inspect --format='{{json .Config.Labels}}' myimage +```console +$ docker image inspect --format='{{json .Config.Labels}}' myimage ``` ```json { @@ -980,8 +983,8 @@ port on the host, so the port will not be the same for TCP and UDP. Regardless of the `EXPOSE` settings, you can override them at runtime by using the `-p` flag. For example -```bash -docker run -p 80:80/tcp -p 80:80/udp ... +```console +$ docker run -p 80:80/tcp -p 80:80/udp ... ``` To set up port redirection on the host system, see [using the -P flag](run.md#expose-incoming-ports). @@ -1397,7 +1400,7 @@ An `ENTRYPOINT` allows you to configure a container that will run as an executab For example, the following starts nginx with its default content, listening on port 80: -```bash +```console $ docker run -i -t --rm -p 80:80 nginx ``` @@ -1432,7 +1435,7 @@ CMD ["-c"] When you run the container, you can see that `top` is the only process: -```bash +```console $ docker run -it --rm --name test top -H top - 08:25:00 up 7:27, 0 users, load average: 0.00, 0.01, 0.05 @@ -1447,7 +1450,7 @@ KiB Swap: 1441840 total, 0 used, 1441840 free. 1324440 cached Mem To examine the result further, you can use `docker exec`: -```bash +```console $ docker exec -it test ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND @@ -1519,7 +1522,7 @@ If you run this image with `docker run -it --rm -p 80:80 --name test apache`, you can then examine the container's processes with `docker exec`, or `docker top`, and then ask the script to stop Apache: -```bash +```console $ docker exec -it test ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND @@ -1579,7 +1582,7 @@ ENTRYPOINT exec top -b When you run this image, you'll see the single `PID 1` process: -```bash +```console $ docker run -it --rm --name test top Mem: 1704520K used, 352148K free, 0K shrd, 0K buff, 140368121167873K cached @@ -1591,7 +1594,7 @@ Load average: 0.08 0.03 0.05 2/98 6 Which exits cleanly on `docker stop`: -```bash +```console $ /usr/bin/time docker stop test test @@ -1610,7 +1613,7 @@ CMD --ignored-param1 You can then run it (giving it a name for the next step): -```bash +```console $ docker run -it --name test top --ignored-param2 Mem: 1704184K used, 352484K free, 0K shrd, 0K buff, 140621524238337K cached @@ -1626,7 +1629,7 @@ You can see from the output of `top` that the specified `ENTRYPOINT` is not `PID If you then run `docker stop test`, the container will not exit cleanly - the `stop` command will be forced to send a `SIGKILL` after the timeout: -```bash +```console $ docker exec -it test ps aux PID USER COMMAND @@ -1859,9 +1862,10 @@ ARG user USER $user # ... ``` + A user builds this file by calling: -```bash +```console $ docker build --build-arg user=what_user . ``` @@ -1900,7 +1904,7 @@ RUN echo $CONT_IMG_VER Then, assume this image is built with this command: -```bash +```console $ docker build --build-arg CONT_IMG_VER=v2.0.1 . ``` @@ -1922,7 +1926,7 @@ RUN echo $CONT_IMG_VER Unlike an `ARG` instruction, `ENV` values are always persisted in the built image. Consider a docker build without the `--build-arg` flag: -```bash +```console $ docker build . ``` @@ -2298,8 +2302,9 @@ RUN c:\example\Execute-MyCmdlet -sample 'hello world' Resulting in: -```powershell -PS E:\docker\build\shell> docker build -t shell . +```console +PS E:\myproject> docker build -t shell . + Sending build context to Docker daemon 4.096 kB Step 1/5 : FROM microsoft/nanoserver ---> 22738ff49c6d @@ -2330,7 +2335,7 @@ hello world ---> 8e559e9bf424 Removing intermediate container be6d8e63fe75 Successfully built 8e559e9bf424 -PS E:\docker\build\shell> +PS E:\myproject> ``` The `SHELL` instruction could also be used to modify the way in which From 0c442dc179dfd87a9a1020509b3f49048afcc372 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 21 Apr 2021 11:45:35 +0200 Subject: [PATCH 045/127] docs/reference/builder: remove outdated example Dockerfiles These examples were really outdated, so linking to other sections in the documentation instead. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 22b14dac8e3a8ed31752463f519c82d39a8360bb) Signed-off-by: Sebastiaan van Stijn --- docs/reference/builder.md | 50 ++++----------------------------------- 1 file changed, 4 insertions(+), 46 deletions(-) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index 38c4d8276f7c..2c4ebe803396 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -2356,50 +2356,8 @@ builder with a syntax directive. To learn about these features, ## Dockerfile examples -Below you can see some examples of Dockerfile syntax. +For examples of Dockerfiles, refer to: -```dockerfile -# Nginx -# -# VERSION 0.0.1 - -FROM ubuntu -LABEL Description="This image is used to start the foobar executable" Vendor="ACME Products" Version="1.0" -RUN apt-get update && apt-get install -y inotify-tools nginx apache2 openssh-server -``` - -```dockerfile -# Firefox over VNC -# -# VERSION 0.3 - -FROM ubuntu - -# Install vnc, xvfb in order to create a 'fake' display and firefox -RUN apt-get update && apt-get install -y x11vnc xvfb firefox -RUN mkdir ~/.vnc -# Setup a password -RUN x11vnc -storepasswd 1234 ~/.vnc/passwd -# Autostart firefox (might not be the best way, but it does the trick) -RUN bash -c 'echo "firefox" >> /.bashrc' - -EXPOSE 5900 -CMD ["x11vnc", "-forever", "-usepw", "-create"] -``` - -```dockerfile -# Multiple images example -# -# VERSION 0.1 - -FROM ubuntu -RUN echo foo > bar -# Will output something like ===> 907ad6c2736f - -FROM ubuntu -RUN echo moo > oink -# Will output something like ===> 695d7793cbe4 - -# You'll now have two images, 907ad6c2736f with /bar, and 695d7793cbe4 with -# /oink. -``` +- The ["build images" section](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/) +- The ["get started](https://docs.docker.com/get-started/) +- The [language-specific getting started guides](https://docs.docker.com/language/) From 234036d105d5b3bf809b433708beed1d73190641 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 21 Apr 2021 11:47:31 +0200 Subject: [PATCH 046/127] docs/reference/builder: update example output, and some rephrasing - update some examples to show the BuildKit output - remove some wording about "images" being used for the build cache - add a link to the `--cache-from` section - added a link to "scanning your image with `docker scan`" - updated link to "push your image" Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 17a9eb60e367a41dc8d4f2a410b25cacf9c7a6bd) Signed-off-by: Sebastiaan van Stijn --- docs/reference/builder.md | 62 ++++++++++++++++++++------------------- 1 file changed, 32 insertions(+), 30 deletions(-) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index 2c4ebe803396..7b19d9723059 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -91,8 +91,13 @@ a preliminary validation of the `Dockerfile` and returns an error if the syntax ```console $ docker build -t test/myapp . -Sending build context to Docker daemon 2.048 kB -Error response from daemon: Unknown instruction: RUNCMD +[+] Building 0.3s (2/2) FINISHED + => [internal] load build definition from Dockerfile 0.1s + => => transferring dockerfile: 60B 0.0s + => [internal] load .dockerignore 0.1s + => => transferring context: 2B 0.0s +error: failed to solve: rpc error: code = Unknown desc = failed to solve with frontend dockerfile.v0: failed to create LLB definition: +dockerfile parse error line 2: unknown instruction: RUNCMD ``` The Docker daemon runs the instructions in the `Dockerfile` one-by-one, @@ -105,38 +110,35 @@ Note that each instruction is run independently, and causes a new image to be created - so `RUN cd /tmp` will not have any effect on the next instructions. -Whenever possible, Docker will re-use the intermediate images (cache), -to accelerate the `docker build` process significantly. This is indicated by -the `Using cache` message in the console output. -(For more information, see the [`Dockerfile` best practices guide](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/): +Whenever possible, Docker uses a build-cache to accelerate the `docker build` +process significantly. This is indicated by the `CACHED` message in the console +output. (For more information, see the [`Dockerfile` best practices guide](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/): ```console $ docker build -t svendowideit/ambassador . -Sending build context to Docker daemon 15.36 kB -Step 1/4 : FROM alpine:3.2 - ---> 31f630c65071 -Step 2/4 : MAINTAINER SvenDowideit@home.org.au - ---> Using cache - ---> 2a1c91448f5f -Step 3/4 : RUN apk update && apk add socat && rm -r /var/cache/ - ---> Using cache - ---> 21ed6e7fbb73 -Step 4/4 : CMD env | grep _TCP= | (sed 's/.*_PORT_\([0-9]*\)_TCP=tcp:\/\/\(.*\):\(.*\)/socat -t 100000000 TCP4-LISTEN:\1,fork,reuseaddr TCP4:\2:\3 \&/' && echo wait) | sh - ---> Using cache - ---> 7ea8aef582cc -Successfully built 7ea8aef582cc +[+] Building 0.7s (6/6) FINISHED + => [internal] load build definition from Dockerfile 0.1s + => => transferring dockerfile: 286B 0.0s + => [internal] load .dockerignore 0.1s + => => transferring context: 2B 0.0s + => [internal] load metadata for docker.io/library/alpine:3.2 0.4s + => CACHED [1/2] FROM docker.io/library/alpine:3.2@sha256:e9a2035f9d0d7ce 0.0s + => CACHED [2/2] RUN apk add --no-cache socat 0.0s + => exporting to image 0.0s + => => exporting layers 0.0s + => => writing image sha256:1affb80ca37018ac12067fa2af38cc5bcc2a8f09963de 0.0s + => => naming to docker.io/library/mysocatimage 0.0s ``` -Build cache is only used from images that have a local parent chain. This means -that these images were created by previous builds or the whole chain of images -was loaded with `docker load`. If you wish to use build cache of a specific -image you can specify it with `--cache-from` option. Images specified with -`--cache-from` do not need to have a parent chain and may be pulled from other -registries. +By default, the build cache is based results from previous builds on the machine +on which you are building. The `--cache-from` option also allows you to use a +build-cache that's distributed through an image registry refer to the +[specifying external cache sources](commandline/build.md#specifying-external-cache-sources) +section in the `docker build` command reference. -When you're done with your build, you're ready to look into [*Pushing a -repository to its registry*](https://docs.docker.com/engine/tutorials/dockerrepos/#/contributing-to-docker-hub). +When you're done with your build, you're ready to look into [scanning your image with `docker scan`](https://docs.docker.com/engine/scan/), +and [pushing your image to Docker Hub](https://docs.docker.com/docker-hub/repos/). ## BuildKit @@ -2319,9 +2321,9 @@ Step 3/5 : RUN New-Item -ItemType Directory C:\Example Directory: C:\ -Mode LastWriteTime Length Name ----- ------------- ------ ---- -d----- 10/28/2016 11:26 AM Example +Mode LastWriteTime Length Name +---- ------------- ------ ---- +d----- 10/28/2016 11:26 AM Example ---> 3f2fbf1395d9 From 3de2cc6efd83a234b195926e7c4e3fe8b3b9da92 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 21 Apr 2021 22:36:16 +0200 Subject: [PATCH 047/127] docs/reference/builder: update "syntax" section - rename "experimental" to "labs" - rephrase recommendation for picking a version - clarify that the "labs" channel provides a superset of the "stable" channel. - remove "External implementation features" section, because it overlapped with the "syntax" section. - removed `:latest` from the "stable" channel (generally not recommended) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 30359cbdb7ff6541dc615857dc102a0dbd54591f) Signed-off-by: Sebastiaan van Stijn --- docs/reference/builder.md | 91 ++++++++++++++++++++++----------------- 1 file changed, 51 insertions(+), 40 deletions(-) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index 7b19d9723059..bc6c746776af 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -128,10 +128,10 @@ $ docker build -t svendowideit/ambassador . => exporting to image 0.0s => => exporting layers 0.0s => => writing image sha256:1affb80ca37018ac12067fa2af38cc5bcc2a8f09963de 0.0s - => => naming to docker.io/library/mysocatimage 0.0s + => => naming to docker.io/svendowideit/ambassador 0.0s ``` -By default, the build cache is based results from previous builds on the machine +By default, the build cache is based on results from previous builds on the machine on which you are building. The `--cache-from` option also allows you to use a build-cache that's distributed through an image registry refer to the [specifying external cache sources](commandline/build.md#specifying-external-cache-sources) @@ -318,6 +318,8 @@ The following parser directives are supported: ## syntax + + ```dockerfile # syntax=[remote image reference] ``` @@ -325,55 +327,73 @@ The following parser directives are supported: For example: ```dockerfile -# syntax=docker/dockerfile -# syntax=docker/dockerfile:1.0 +# syntax=docker/dockerfile:1 # syntax=docker.io/docker/dockerfile:1 -# syntax=docker/dockerfile:1.0.0-experimental # syntax=example.com/user/repo:tag@sha256:abcdef... ``` -This feature is only enabled if the [BuildKit](#buildkit) backend is used. +This feature is only available when using the [BuildKit](#buildkit) backend, and +is ignored when using the classic builder backend. -The syntax directive defines the location of the Dockerfile builder that is used for -building the current Dockerfile. The BuildKit backend allows to seamlessly use -external implementations of builders that are distributed as Docker images and -execute inside a container sandbox environment. +The syntax directive defines the location of the Dockerfile syntax that is used +to build the Dockerfile. The BuildKit backend allows to seamlessly use external +implementations that are distributed as Docker images and execute inside a +container sandbox environment. -Custom Dockerfile implementation allows you to: +Custom Dockerfile implementations allows you to: - - Automatically get bugfixes without updating the daemon + - Automatically get bugfixes without updating the Docker daemon - Make sure all users are using the same implementation to build your Dockerfile - - Use the latest features without updating the daemon - - Try out new experimental or third-party features + - Use the latest features without updating the Docker daemon + - Try out new features or third-party features before they are integrated in the Docker daemon + - Use [alternative build definitions, or create your own](https://github.com/moby/buildkit#exploring-llb) ### Official releases Docker distributes official versions of the images that can be used for building Dockerfiles under `docker/dockerfile` repository on Docker Hub. There are two -channels where new images are released: stable and experimental. +channels where new images are released: `stable` and `labs`. + +Stable channel follows [semantic versioning](https://semver.org). For example: + + - `docker/dockerfile:1` - kept updated with the latest `1.x.x` minor _and_ patch release + - `docker/dockerfile:1.2` - kept updated with the latest `1.2.x` patch release, + and stops receiving updates once version `1.3.0` is released. + - `docker/dockerfile:1.2.1` - immutable: never updated + +We recommend using `docker/dockerfile:1`, which always points to the latest stable +release of the version 1 syntax, and receives both "minor" and "patch" updates +for the version 1 release cycle. BuildKit automatically checks for updates of the +syntax when performing a build, making sure you are using the most current version. -Stable channel follows semantic versioning. For example: +If a specific version is used, such as `1.2` or `1.2.1`, the Dockerfile needs to +be updated manually to continue receiving bugfixes and new features. Old versions +of the Dockerfile remain compatible with the new versions of the builder. - - `docker/dockerfile:1.0.0` - only allow immutable version `1.0.0` - - `docker/dockerfile:1.0` - allow versions `1.0.*` - - `docker/dockerfile:1` - allow versions `1.*.*` - - `docker/dockerfile:latest` - latest release on stable channel +**labs channel** -The experimental channel uses incremental versioning with the major and minor -component from the stable channel on the time of the release. For example: +The "labs" channel provides early access to Dockerfile features that are not yet +available in the stable channel. Labs channel images are released in conjunction +with the stable releases, and follow the same versioning with the `-labs` suffix, +for example: - - `docker/dockerfile:1.0.1-experimental` - only allow immutable version `1.0.1-experimental` - - `docker/dockerfile:1.0-experimental` - latest experimental releases after `1.0` - - `docker/dockerfile:experimental` - latest release on experimental channel + - `docker/dockerfile:labs` - latest release on labs channel + - `docker/dockerfile:1-labs` - same as `dockerfile:1` in the stable channel, with labs features enabled + - `docker/dockerfile:1.2-labs` - same as `dockerfile:1.2` in the stable channel, with labs features enabled + - `docker/dockerfile:1.2.1-labs` - immutable: never updated. Same as `dockerfile:1.2.1` in the stable channel, with labs features enabled -You should choose a channel that best fits your needs. If you only want -bugfixes, you should use `docker/dockerfile:1.0`. If you want to benefit from -experimental features, you should use the experimental channel. If you are using -the experimental channel, newer releases may not be backwards compatible, so it +Choose a channel that best fits your needs; if you want to benefit from +new features, use the labs channel. Images in the labs channel provide a superset +of the features in the stable channel; note that `stable` features in the labs +channel images follow [semantic versioning](https://semver.org), but "labs" +features do not, and newer releases may not be backwards compatible, so it is recommended to use an immutable full version variant. -For master builds and nightly feature releases refer to the description in -[the source repository](https://github.com/moby/buildkit/blob/master/README.md). +For documentation on "labs" features, master builds, and nightly feature releases, +refer to the description in [the BuildKit source repository on GitHub](https://github.com/moby/buildkit/blob/master/README.md). +For a full list of available images, visit the [image repository on Docker Hub](https://hub.docker.com/r/docker/dockerfile), +and the [docker/dockerfile-upstream image repository](https://hub.docker.com/r/docker/dockerfile-upstream) +for development builds. ## escape @@ -2347,15 +2367,6 @@ environment variable expansion semantics could be modified. The `SHELL` instruction can also be used on Linux should an alternate shell be required such as `zsh`, `csh`, `tcsh` and others. -## External implementation features - -This feature is only available when using the [BuildKit](#buildkit) backend. - -Docker build supports experimental features like cache mounts, build secrets and -ssh forwarding that are enabled by using an external implementation of the -builder with a syntax directive. To learn about these features, -[refer to the documentation in BuildKit repository](https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/experimental.md). - ## Dockerfile examples For examples of Dockerfiles, refer to: From fbbf1be52daca554b38a115ef9a340b1a8b3bf56 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 24 Apr 2021 13:33:30 +0200 Subject: [PATCH 048/127] docs: remove experimental ipvlan docs, as they were migrated IPvlan networks were moved out of experimental in Docker 19.03, and the docs were migrated to the docs repository through; https://github.com/docker/docker.github.io/pull/12735 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit caa4742e5cf8fd1ba1788917dd6eab3cd6627c0e) Signed-off-by: Sebastiaan van Stijn --- experimental/README.md | 7 - experimental/images/ipvlan-l3.gliffy | 1 - experimental/images/ipvlan-l3.png | Bin 18260 -> 0 bytes experimental/images/ipvlan-l3.svg | 1 - experimental/images/ipvlan_l2_simple.gliffy | 1 - experimental/images/ipvlan_l2_simple.png | Bin 20145 -> 0 bytes experimental/images/ipvlan_l2_simple.svg | 1 - .../images/macvlan-bridge-ipvlan-l2.gliffy | 1 - .../images/macvlan-bridge-ipvlan-l2.png | Bin 14527 -> 0 bytes .../images/macvlan-bridge-ipvlan-l2.svg | 1 - .../images/multi_tenant_8021q_vlans.gliffy | 1 - .../images/multi_tenant_8021q_vlans.png | Bin 17879 -> 0 bytes .../images/multi_tenant_8021q_vlans.svg | 1 - experimental/images/vlans-deeper-look.gliffy | 1 - experimental/images/vlans-deeper-look.png | Bin 38837 -> 0 bytes experimental/images/vlans-deeper-look.svg | 1 - experimental/vlan-networks.md | 632 ------------------ 17 files changed, 649 deletions(-) delete mode 100644 experimental/images/ipvlan-l3.gliffy delete mode 100644 experimental/images/ipvlan-l3.png delete mode 100644 experimental/images/ipvlan-l3.svg delete mode 100644 experimental/images/ipvlan_l2_simple.gliffy delete mode 100644 experimental/images/ipvlan_l2_simple.png delete mode 100644 experimental/images/ipvlan_l2_simple.svg delete mode 100644 experimental/images/macvlan-bridge-ipvlan-l2.gliffy delete mode 100644 experimental/images/macvlan-bridge-ipvlan-l2.png delete mode 100644 experimental/images/macvlan-bridge-ipvlan-l2.svg delete mode 100644 experimental/images/multi_tenant_8021q_vlans.gliffy delete mode 100644 experimental/images/multi_tenant_8021q_vlans.png delete mode 100644 experimental/images/multi_tenant_8021q_vlans.svg delete mode 100644 experimental/images/vlans-deeper-look.gliffy delete mode 100644 experimental/images/vlans-deeper-look.png delete mode 100644 experimental/images/vlans-deeper-look.svg delete mode 100644 experimental/vlan-networks.md diff --git a/experimental/README.md b/experimental/README.md index 8b5669ab886a..21753f5c9ed5 100644 --- a/experimental/README.md +++ b/experimental/README.md @@ -39,12 +39,5 @@ Checkpoint and restore support for Containers. Metrics (Prometheus) output for basic container, image, and daemon operations. * [External graphdriver plugins](../docs/extend/plugins_graphdriver.md) - * [Ipvlan Network Drivers](vlan-networks.md) * [Checkpoint & Restore](checkpoint-restore.md) * [Docker build with --squash argument](../docs/reference/commandline/build.md#squash-an-images-layers---squash-experimental) - -## How to comment on an experimental feature - -Each feature's documentation includes a list of proposal pull requests or PRs associated with the feature. If you want to comment on or suggest a change to a feature, please add it to the existing feature PR. - -Issues or problems with a feature? Inquire for help on the `#docker` IRC channel or on the [Docker Google group](https://groups.google.com/forum/#!forum/docker-user). diff --git a/experimental/images/ipvlan-l3.gliffy b/experimental/images/ipvlan-l3.gliffy deleted file mode 100644 index bf0512af76c5..000000000000 --- a/experimental/images/ipvlan-l3.gliffy +++ /dev/null @@ -1 +0,0 @@ -{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":447,"height":422,"nodeIndex":326,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":{"uid":"com.gliffy.theme.beach_day","name":"Beach Day","shape":{"primary":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#AEE4F4","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#004257"}},"secondary":{"strokeWidth":2,"strokeColor":"#CDB25E","fillColor":"#EACF81","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#332D1A"}},"tertiary":{"strokeWidth":2,"strokeColor":"#FFBE00","fillColor":"#FFF1CB","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#000000"}},"highlight":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#00A4DA","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#ffffff"}}},"line":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"none","arrowType":2,"interpolationType":"quadratic","cornerRadius":0,"text":{"color":"#002248"}},"text":{"color":"#002248"},"stage":{"color":"#FFFFFF"}},"viewportType":"default","fitBB":{"min":{"x":9,"y":10.461511948529278},"max":{"x":447,"y":421.5}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":12.0,"y":200.0,"rotation":0.0,"id":276,"width":434.00000000000006,"height":197.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#434343","fillColor":"#c5e4fc","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.93,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":275.0,"y":8.93295288085936,"rotation":0.0,"id":269,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":14,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":272,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":290,"py":1.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[82.0,295.5670471191406],[-4.628896294384617,211.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":285.0,"y":18.93295288085936,"rotation":0.0,"id":268,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":15,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":316,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":290,"py":0.9999999999999996,"px":0.29289321881345254}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-204.0,285.5670471191406],[-100.37110370561533,201.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.0,"y":203.5,"rotation":0.0,"id":267,"width":116.0,"height":16.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":16,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Docker Host

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":10.0,"y":28.93295288085936,"rotation":0.0,"id":278,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":17,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":290,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":246,"py":0.5,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[217.5,167.06704711914062],[219.11774189711457,53.02855906766992]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":57.51435447730654,"y":10.461511948529278,"rotation":0.0,"id":246,"width":343.20677483961606,"height":143.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":18,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#434343","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":106.0,"y":55.19999694824217,"rotation":0.0,"id":262,"width":262.0,"height":75.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":22,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Unless notified about the container networks, the physical network does not have a route to their subnets

Who has 10.16.20.0/24?

Who has 10.1.20.0/24?

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.0,"y":403.5,"rotation":0.0,"id":282,"width":442.0,"height":18.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Containers can be on different subnets and reach each other

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":106.0,"y":252.5,"rotation":0.0,"id":288,"width":238.0,"height":22.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

 Ipvlan L3 Mode

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":124.0,"y":172.0,"rotation":0.0,"id":290,"width":207.0,"height":48.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":25,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#cccccc","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":3.568965517241383,"y":0.0,"rotation":0.0,"id":291,"width":199.86206896551747,"height":42.0,"uid":null,"order":27,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Eth0

192.168.50.10/24

Parent interface acts as a Router

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":29.0,"y":358.1999969482422,"rotation":0.0,"id":304,"width":390.99999999999994,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":29,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

All containers can ping each other without a router if

they share the same parent interface (example eth0)

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":24.0,"y":276.0,"rotation":0.0,"id":320,"width":134.0,"height":77.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":48,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":316,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":44,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.279999999999999,"y":0.0,"rotation":0.0,"id":317,"width":109.44000000000001,"height":43.0,"uid":null,"order":47,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Container(s)

Eth0 

172.16.20.x/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":10.0,"y":10.0,"rotation":0.0,"id":318,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":20.0,"y":20.0,"rotation":0.0,"id":319,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":40,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":300.0,"y":276.0,"rotation":0.0,"id":321,"width":134.0,"height":77.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":49,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":272,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":35,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[{"x":2.279999999999999,"y":0.0,"rotation":0.0,"id":273,"width":109.44000000000001,"height":44.0,"uid":null,"order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Container(s)

Eth0 10.1.20.x/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":10.0,"y":10.0,"rotation":0.0,"id":310,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":20.0,"y":20.0,"rotation":0.0,"id":312,"width":114.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.97,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":368.0,"y":85.93295288085938,"rotation":0.0,"id":322,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":50,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#434343","fillColor":"none","dashStyle":"4.0,4.0","startArrow":2,"endArrow":2,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-191.0,222.06704711914062],[-80.9272967534639,222.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":167.0,"y":25.499999999999986,"rotation":0.0,"id":323,"width":135.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":51,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Physical Network

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":53}],"shapeStyles":{},"lineStyles":{"global":{"fill":"none","stroke":"#434343","strokeWidth":2,"dashStyle":"4.0,4.0","startArrow":2,"endArrow":2,"orthoMode":2}},"textStyles":{"global":{"face":"Arial","size":"13px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images","com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1458117032939,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}} \ No newline at end of file diff --git a/experimental/images/ipvlan-l3.png b/experimental/images/ipvlan-l3.png deleted file mode 100644 index 3227a83ca1541ec68e06b0aa105e22fdf5ae9e6f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 18260 zcmaI6Wl$YmumyT>5AG1$-Q67ydXV7m8r+1pok>`#RfTA-*)bij0K-0C)TQ9yW|^N>XfP5?S3O{d6!$!B8y2koK&0EoKg z14FAa8wP53UX5(L=%bDVL&q0#^aP6T-8%nWjl|N@0|HYEm_x>-zYG8X+2Wz0n@ zzI=J7-uZdIPqutrz|x1Ai?3;VhTlje(*-0XDKBVe#9*5bMa}EV0b?Ns0MG@0Ui2`_ zyA_7pwKNt+WmVFd);j7*KV7ZMKpvgIJVpRB zk%B`-b-EM-07kw-z$Bs2hOsF>sATd?h@Xx{3=r`1M{l@jXOaH_z4MhL$3kWlz_!oll8RWh!Q%ROqdsGnb z(TIUiKA{RJOZ(q_NwQH7TH06B6ls}!%=IAY1^)X7pr@=O1Q$j*e|F|%#TA_w-Y;kC z)_`zJ#`9NCCW{OdMugwWB?QLTkvyi0WxiQ_#T0~ZQXY15j6v3s1PYv2ei$9RP7duU zqHT!9#~0bi?!lGe=?X6%oIH~_-Z`^`G@SyH#Q}0r7>^JBu!Keq-(wCBenOz|2O&fP z%g(=xOm2N&(JGPhAZ&+bB(oa!l?)rZAHYn!%X6=Q?12*Z=-5I<(n;+L6OzT~%aEvO zgv8_ogMJaz{p`T;w{DzN-7~1pVqIlvWlRHg>_wsK z+@e+a#w-GRB!9D%P4X!uI$n1QEJo%7!P9sat=Yi+8?`ar93aXXi7MWN=hA*yn@Ikk z4&`q8r987}hlINhTR;^mdxMx-+>@>TP$>)3LgwW~Dq;mQ#%#p8{3(LFu9AB9%YwlX zX^Jt4C~j&qDj?O8cx?i0hwDmDi>9@%F0a|XWrlKxLu-fY0YY#dF;{(Xz#B^()XVp~ zA+#qOWF3Pblb9U2Xb05_fp~})4vZ# zE$5YiKsXBY*+b>07f3O)+SciM@ArFu`gqLyfO499UTM3S_#0RA)ci8kaC()t{CdH{ zUsheO{k`w`&G72YZ?(N1(zlZBufdwTu4o5M#we0nv6WmAo=8Wu(MTcf4Y?&QG)0oU znn9uhM0uu(8;#a5mXez3LPqk*Z#>J&vJ<;CvtdznTbY7$yAnJkFbEtY;(+bo<^Jk( zA>&D(D;*-QXyd%8x~=Fqj7_gcZx1elO`pe&sgB2$F=5#aF7~q%`{`%x&~7&!Hn|YE;!;Q?f*HvOpP-Tm=35u|Ah?>^rxk9yuVL1k zkP^ZRJesL>xg0b!OlMvo;5~)DutD19qHL%dXWPo&|3$Fk!83qR$Kc!-p}nmF?BkD*xxZZfVH1jrnX&-rzd4 zB9>wgQ1hSXV;Ch*6{l5Ws3&5^Z!QG)EfD;%2R=$vYzyZBIc4%=<%&9Uj*)QAJ~z^( zFcF@R^!oic!@aLO^ zn?UzwRe>!I+wm%NXK&$s=!@y=yA~n?K4GTE9nLwYxBrB5XVLJwnD6h{Z+ixERd5+Q0=_af_Z{pPmwPMNNVo= z^rA8x<0ts<5;8ZH)PoX%ne?R%?CbFx1>|Ft)?W5U-c9Y~dz5En8}m-QISYB@`4mY4 zW9t(O60{?YD}w}=snv7$F%1kM6P(L@8S?sxGEPWj|6uQpuv}y$PXwxizk|Yb$fH2j)Be<57<|=?) z7=toefVrv94SujOJ#Sg}yqaIWaY&Y??*6k$VyYbK8$AKc3jb%HTNw$Jb39d2mjxM@ z=d=|(v4Gd_E2cLLyx|}PT6r4s!8}pN-omkWg$xi>=)Dcr#<%ZPVn6f(SlFy~AHLY}=vShNZvs(>Pq`tkJX`n-95d-;rIln`$j| z`F``ctP$Lp%wj`vVKkAJffxJ%mR%E**F(o4QG1_%i2C!cB_M0?~vd%-A{K#TYrfuY6jxF_V7z1G^W^5 zTkPJ+SUdJ+k0#}#=jb4>-k?DVlkLplLG^rRCC{vgKNjI2DZP{(l3auvN}-9e*HX3E zY|ZkKA5d6X?|Deh9z~GQ@vQf=zMECF6tFx~Cf96uRL2Dyr0O3vRLGz;L)IUN?B zsq%We9EPv;iZn;9Zw!hiW zLd0HaeQ06T&$dp7q5FmKY2{BO06lC!TZ_Ri!ge{a&lmz7vGuv+$C zbi2UsYwN#=!F=TImu$daixwP`59?9biqDER2Aw-gPW8$CFsdmt!!B>PT5w#|C)r}_ z2;_M;_b&-|Y=^zpH(i*;wxxzVY?Or(o&kELz~rcAsz}r4i~dI~HKcqu_#{jl=wi@s6Il?Ufv3kf$F~w?T zXS0y$z?7NWvchoB$7{tI#Ro0uTOhEjvHzIfn}xQ_e1hz7neMVY0$xKoF~@7A9Z6Uv zjoS!uqN>pUm?DoL+82J7uGh=@Y{gT@)8l)~nTHM}BDEce8f#*F&?`G>1XN}0*gkzG zYab%K;%OL+gr5|jq|5GB`|;AA>;DplY!-@Wne1udl)5|VjAOAF3mu&HBp4$r3eWWu zGbk%;Co*CYpfqG1SCJ$%SuWA1I_p-mXg+p95oO_zl%Vn>hFagYp4ls4X0;sVKXL|A z{9GC$LuGOv_`^xGS2dPKM`&)S#B4DZIYEPdjfYgGbCPpwzemhxK>YV6e{jy>o1q zL2V0HFsggj|2)H%xFm=oCa1Iz;*$uC=POKh$r;s;^A6XJ@FF^4mVHxM=l$BmB7biWn!)HR#8Sen(!Q7)C~Ladc&k82OJh>_J?`mN<))eYFWR$j6;7-lu|#i}e*ftl`m>F$2P~R$ zHbl2-&`;>f%_-Duu(o5oF#7o8cgir@y3)Tbnrqf)bYz%&RCY36ECGEAl%NaqW=Z(< znTQ{!!A7)0jX3!%h`PeC$J1#=EG>{YX zf7soO!SffH(yI~zflPj>oQCo@t-lf&W_Z92tQ&ZvF0L$8@B-K(#Ts_P^WjPyv0c~- z^`vN@8u~lK9P`oGLASHezt;*GG*p)HXp+nMY@%4K|HK%qF7io#l|7}S_i&*S7nhUsDyo3PDMlyrL`O?WgU7i!5kUL%_&l&#LbkI zec7`)NhjISeE>!LAyZl@GiVcMQl9)C{q3fOo4?KQB5WK?^6s`oooI@N)o8jP^LKL3hoE+ zf2>c?7s=!J#GA#Bh7D}hhj=I)B!AA^aDSP$wKz9iHAqj~_0J=vviS8#3ET+ThUMYT zu+U#iGfvpVV2rZ+^kxq3EvtV|=*j&3jf|iG5|z7@YE1rCg~eLD;>eYV0^CU4A3-FcXaU4u!CqR>5Hl zd6qua$)>X~Mo4r8?m$#l&>lrw+J|9rK_+EaV|k5i+CJw&@{6QIb9UcoXT-@`LqPX= z@2LgNU;N_jmXq4$R9!QMHq>S?1x%Y5foxeE*GN+gB0nym~A+YzVc9 zU;Eua>iH+B215L3o(BG*_|J$>^?I<$Ih^ZSZyAk`Z(hG^$j>pG>YAN9X-AWrU2TtR zy?oms@-**ya<3-)vVM0v^AHg&4w5HV!?=1k$Qyxe-u6<-NFj9hq`v|6kt#j{|E{9_ z5mekudG@#+N6?+Y0vt8yEfdyhoD&9CN=ba8bfU>rH|CGFbFw$K|t&85e9*)7!M`NgD<&I4y=aaT$oI`wC|^b5mEAEkDqraetCI@ z-+g*2Xo<5lR;PBwMnSn1%pzOnWL-(ZL&Iw(wL0CAAk_YhgLL`<(V!oE+=6=Cq$Q8} zEmZ3n?!2)Zfrt;EIlv{tLhb<7ooMUl(oJEccYX#@?z4vb9Fl(L`x=o-4NV0TQlv)f z_fz9`q{Lo`NhyWhg{gMIl)3%f&fl6e49qG)NS)IJFh~T3otpcK(}T#uIuQPS51t-! z3wF8b-KGC1rEQC79hVisWmDd*0kueu3I~dvL7>}j>@O;qcE^#3$%N4j3VJzuZ$n;s z%ZjphD|29+=ZGDyJL3a?L$ek3D}8+cDS|6VooLE%{DIgSYfX3A?K=ZFltvHJTz~oD zG`L-6cY|6tTYckE3K)(x;F%tbyne&%i3pus>yR1YWX^;>1bc-AB_ESPd00(M2c#!h zQ?E1L?8xmUSjDM5IPe2HM<726F*gMwG8Cpx(*808RW#Hdz0fRYWP<)+7;AL_d=b@d zR>CkiFt3y5YSHER+rM5oUi+zEBt$$EFf_3^V&p5e{{1kZ^1)paM(iYxRPCknIPGuq zMVh#Ym|YQu<8SVpX-77=!cuiq7Q&L(v~EhF{tGM%Au_474&ZX`qAZqOO%j#sI#6crI0s6gy-PogU(m^H|vAak_JK;TY^q>7aM_&(BRmQCRV)If8U`d z(#A2~)7(WLxgH8sWhf&*$6UF%8e1J?M4emU)3>jx+4)9mDI(yRdj8!bzoeR^@}&&W z8{XG7N90j6?hg{g$l=u2#ZJW6C8)4)hT4P<7vM62l55*lO4Xwf+gJql&_Zow2(yrW zWXZ@x%QKs>ISd}n{-$$%X!Jktd{Zh)2hlLlbZgOH?E zBTgBxF*YAQ6uK;4Z)c8hb-)H%|2@s$Bde$U`^#=GHBGz zCI0QztR>93kKu{T-Xq#iY*_%N3aL7i5p0W`x3?zBe7W@e>AZ0m@{ftO<%^T3<3sxZ zH}`TDzmjQywsB6-R0+MQf~477*(IqvA@DkQ4)|zsR|RG4lCU62or*MyO^jX->0X$1T2hUkIC#y*XSfYWY%=xE zjuW;-ifb}QEQVGzFmGhmF`TVaiKE%G)T&KHVj%ohxT-9Bt0&u^O3Ej*luP(^yms7S zOlW>GUo&d)6`7&g(NG7lSN;LQ>-1?J9heLiODulF<0$vH2Ko!`w9$nZ4=$#O|eAS^G53K{9f1SzpXVlAG{i-8;oMhzcstd1R;i$4q{(g5JYjl;B-E>j5?8o_3$B@{1 z9Ghdc!YH9HjFl@-p35w5K-!5-2onQ;j8y_zS@m$uJA?m??<0ZPQkp~gBl^A5TDG?j z>`m11Dl_rq8sJN^*ik~>_F590nK<58GJl8t6r#GxLD3Kdbgo!5<6A>rU08s!-5mi+rT-1Lfs+3qYIZz-) zcm|_FsVog%T{Z9rP?%EyZ;qYAx9mh~XwX8t`)^^#NczBLsoWkv+A@FW)r~QmOz4k0 zqM-`k>IFKf*~FtfJ;Ql0!<3hRd7HzRMp?qd)03tDRo<+@63DwPP$yWrD}@S$~xxJ1zN+vzE@*%OxZUWp`mZKMoZiq^yniF^$sROaAF ztYBOQ5|TB~pOHCO$@^%13XwMcMp>b&PRk%T_JK;tLaJX7o0i>|ywKDkMc*;ZM<*H1 zmVBrLEaRm?0N;gc37I}}%kW6f;#;<{_DAj0I_bHHJ0#=&$2mVEPn#^?q!Q9ckfgX9 zP%3_Ur~@ifD|Mi#To~j{kJSLz*YfnV$c}jA#Ds2TB?CfxduQiO?diuVsJbd6F_5O{ zDVbIEmL2cxqCxdAp_T89V^8_gWXgj6X;(j%%sQVdXDd?&rdbwHK!s?wP{P+3vB=1w zo)2c)9&56^${ZZAUh?YU;Mm5&lAI)zv+MfCz%>VL5WGl><^OgrzsQX45!U>7m4B^U zr;mCfa+_~EI%T@<@@IN{`6B!zT%%-mJ{<6qlSt|Q=U-kmpvrVjv-N5ZKy8YhoSH4$ zZZo+v&13fqqkV06z#%gZXRMnIWcgy^!92-1k!~z2Zm6HOT1^AhO~CP;WQ~^xiB94Ur#J9jM?w@ilch`WKCRsASC>?DCfOaa`ep&u zN&XkzuJDr#I~N-Qe77>Ob?0Qx9avkA#8@Jsw4X~&kr3Jd2+civvp;#?43FNl zS9uG$1$mH#!-K`EWU{f&`wc*dDzcrjB=ktkE^|dimZ$K`6UB50%H80{eo0tsqLmEN zVAhq+mblRz+x520I3^1vI(e)c40TY9{Y!ODmq}-~m+~^{C@~j3`yP`XT}Lv*LrGMR z=FOzdYrIH;P^(>kh7>Ks>3+XGUreeR?9=*R1cn=Kg5t(3cqwX4F0mG998NYSJYNK~ zn!zPCoRaecBNzCtRzy8K-^sZR}uw}W|XmlCUlpf=V}11|M3J|&SfE` z*&G!j*JH{+vfw2?oAdT9(|YaOUYERd`gXohy>oi}$?I4Twz9=K@=OENOvUu+jtfs7rmT}Pfc`gbFw0>?M_G$M0*YhDffOcykB zSUeyro(Z$65FVG3E@<;H@a!vt7qH2B6hVoJ__2H<=3lf?<;0P2Q*ExWQ=C%dZ$FmO z@~j^uP4GIH>?F~Uz0p1|7v5S)rSqIg4&-itkqf`#ZdGNsZ~rk*p$MfSgoo{Mejn_19oQuxL+X}`WXEcb*=12X`_`VjL9XMyel0D{7 zU2&clVO>RzUkHoSrL;#GAnAdNu~H*ZU%~H^n&XFZpJLmpos&nv5$Ir?`ak;-z@v=W z11=VBE>@YanO6!+`;2-t;7omez=@^Rx&iLv8u(W4zd;>=rqZ)O;q}7tY#RowJqfzsqj+eb#%PvYZE* z@vCHaR4TT%LW)K${^f^GA{f6|vdnLIFD6Q@{;SIb{2JW{?nTNM_9~O^jW8ezEo~v- zq$ORU$H?>Gswm;)uhT*wJFL0U5brTnl4;poes2RxUQ*};>2o+swK-xXFGWH7|Yvj5j+X2zTGhw!g@4>Jt#ouOz@UE zZA;qQ2x6`(ZJ{R_=RhB9!5SE2|TG=Nssc!4(zW++6latl&==sNAlf znZp)cO|xFX&E++jiwoWu$E-B!@v_Pc^!dLSr_a3mvSzs0>t+_cDuXP^349L&*oG+_ zJx1Onro!7kZz7MdE4pcFqtjs+?VtDvB}*y<;Wxstw>x%}K7Y(yR5rRB&@;SN1eOy` z+o8s4q6>d&4ocSLT$QtVXjXrSBYQyT*C}5g-k&x{R}g)m0u)?-)POVAN?Pj*F-w;N zAGttpdZni+MLW(hq>_C4CvWRXTQ{B4IQZ};t zfCj7(Xt~%y8XVYU)JZDS?#t7JK=@^t_oIjpOq7f@w z;`p`C26J;3jE#E&7UUdR$$7tB83jcabI@LoQb~`h2GVOxeloh*Uh70KJZOXIt#Lsd zI}m>ETK!y7A{nYF)bd7VjkTqz=nlPo${!xY;d%~37Vem@V5w|a(c-lkrfA7IudAY( zo*8q*XzqbdOG67Z-QdmrO+FgYE+6(~5IRj9&IpNF;%Vo8f@JzD^SxT`%g-Fs`gkTh zutYedybNXt1dEgw01vV(#leHm=fo;8&#vHoz$YtPHo;Uf%p_*V5Z9dyg$JREiCNB5 zA zEO^oEVHdHWj%rt9em85-_mr>9sYRDkP5+LAM=L>>TlOCy!8dviR3$H@IkA%SqrL#4 z8vDx+B?7`b^L4S?8>SCWA6Gx3&(Fw~*VjrS@w?Z_*P354tSs&07D(zM z8aU4Z5@MaWMHDC_iNzTO4t#|f zl=2Iiop^~f*_>Buw0WVxpstXzI*OxmW(1Z436J9twion_%fJg(1_d5q*Yc#3d{nld z-I9UUN0XOkID$A?sM%`HC3X@!Sw`y8w&nA;ak)zInSarJ&Vje8IBPZYs>AHd2f`B= zzgX`{Yd@gzyU-?Nau}u8%*BLSlm}EDH)0J!7l1p4dcINO*vb@s`eqsBqg?7DNEt7> z-|kGbxW~A6t1fU%xyD^5y;|cHmcJ%ip?&$)kYP}u0JYJ{KV(A`DJ{pE3yt4 zM4ilIClq;rW6|wQE#coE#<94s;WMDS2+A^Ie~|u6gfpy#8Q{Vui5|Gf;a5yW;(sb@ zwJ`7nYOpMf6&8Hp5E6euxzALT1kdd?LTJ7IWO2o1ehJ{q>;*00~! z3yo>y5#01Qe-M!v&xyCJZ9(CfyG=xyPtJ`|YShOw){!epHxtNc$4`?y@Urm_H>1`z z^z2KF;odTo(a=dPUlNK}8CKQ*#viT#BTUVyDD4ETA%}MNa(NY9qcCRg2CW;%FzU9b z`Qf}OTbjCfLZN+%u^tu{=G3;{sQ86gE@*LW9yz1n91stI+B7??%F7(KXjah_0%M70w0uw~z4S2K#R-)Ts+r|rV(f=UjY4RAu;`m}7^e3b&LuKoUR{77?`+abD z(a%KcmnY=K_NEL{o^^kw&M~4H--%=mLBL8$yGMPB^4VqzN2Z|$y*ll<(b=jN;Ru9M zmT1ZMGzg!^QcR_#J85JW}m%S{w4tpau3Bh+2cu1 zyLR~C>qvZd-@Jw`!eB+Z!73nlPyb?=J~3Y&1TDbY=@ndKmcoIgmLr?LjVeuJGP>qp zs`eGyyeE0mw<*W*jMK4zfQ(S3AU1)>G>D&MB!ZN&-1BGhLmA~6uRkr)AdrRPXLs1- zb8xym-7@HLbi!xlaHq6#B~DfhD$Cax~r!r@4H&H%%O0YP-No3YXxj;+naW{ zJmtSD9W(Q7GuA6dspe?Pn*J#0wR0Jh7Fj=v_sW1%MOypm+r?<;jdLDqFs({EGc!~! z9N5)K>F)8ez&r)?JrSA#@&a2l^f(pyK$rGuny#z%6zK9)ewBy_?DBrd(?)hZNt%J= zz^^4WD)MkHtAoc~V;BT2i7sg9zOCD6Ez+gvUZTPklb56&U6qU*L(2-}ulpIZ!XS^rYQ83bmQzLzP!)w)4f*^(&}n7_KG z03c8?QdQc;z!FqMf2)MxO_M4in9ZT-L(0j;QeeL})>bzB38xLHt%at5)dlaG7e+s( z>AXiz&-FY7f0c19!qsLZwaC(>iL)VU#OtIAJNmRAO#SSwpM>!E5l>=t6>ezI*ML}s zZGOF;(bK&!1R%=ZOpd@P7(jOLI{NDtx`ENh<`35g$@+)bZq_-uOAoyhN`5}WikFcT zhnc0;p#I2~1wrr913&d&GE}WVc8(Sw>wqUSu4gG0|C(Yn;@*TI;9F*{pW!DvA%#|E z8Cz9z+zhlfA_}_0@7SnCg6xF!+qB3n$ypPypaL;e|{zyvFx*a$Kb>1g5n-WDa`yB;gL<7 z6StQ}cPUw*DSsrE=m*qW(7p)iGRJU+(GMRLN!Nwj_g)Zh?JV$VJ}p03ACgN*oj7J5 zBYojC@=|y}3_cvQoErfwactWc6*g^*giL3!&b)#Q!XhyCVA4^qeSq$t4I)^sKJ1;1 zC4N@1Xd?e*ME_1d`*#l+b`wtCo&gJ(q8M^^E|P=MH4n84Fb*u5ed}b6=0U(;EDbp) z^P`+cR+Zf{k*0uiHnPgHni7>G$q=^^rXT+~H#JT{Q~qC{TlwCzWuQgW-8S4M*NTTEr zaT`Y=a!jhHTVn1OGkuXyR_IUWRF(nnuiNskz$zj!Bs7!M(?6Q0`a}>Y!4N}@9hg@Q zWPxXd#T}1_x1s4b?k*Y`mTD=H)T3V;MdCg1a;MACU;odjaHt{IfJK<$H}$H|D8k}3 zA-`O%5$BH+y@R*kl1ZLwvdS17mdTd)IfZ0;dIg{m7p*hu4bPiL?@a;_>aSnxDn?pr z5|IVfBMZz(Pn_o!Z10Wgm_8SLU6S~ww0m>ET0TG}Di|*Es|LI)lR^JPh%+88%5lX? zCL3k%mf}<#N1R!bUGCpgo}M;Vi@yjb6qH%dLW712_cHCbSK19Cu>eI+erErHh-O-H zG^XT_)Pj|m=zE=gEsZy>Kp6#==aSJ3aFyH%jm-~nl@tkt*#ljYXjmw=k@SR04BgTU zy&ZggKYC^cIr-hxZ$_A|^OyBi>GAd2ThZXS$6yAwshKJEcH~NWWYl$}*RZEF%p!4O z6k|tsWrOX#mFZn4DbHooDZkrb00sQ%{f~wox^)j(PRYv0yB&kX3Fk0)l2z=?#x*m~FXEGfqXoN?@|qa^2Ng$%=Rhy1@K2>B#_6Sf~uG zv?Wpzy38r~U4*S;-jD#v$nbg~)Ds z-V1jS38MSa$3U!PWOv>AG!KB-3!SVD2~@J&Hm$GJ606ezHEt5R!^dP*Sue2R5LlI2 z1-LyCs3tiKBP~1~b7XB;$r2_FqN=cl0N%;V9|aaY?B|!eYOM0-ZbpIf8n<-@TIxp9 z^7c-33NeU<43x4ZFdk1!;pIA|A}N-~J>BmGIIg$RP_gtk#`@VJN5h?>C0I{^b3N~1 zL}T7Y_*AY`dvMB{*^gQSaJ{(MhhL$y<$292A*UFozBZM3~(;sZPVTPX` z;ztmP1_t8Lp6k=iJq^y+;yra(H3?$I`wt!P&D$Rqaw9m~zrI7yN>tnfofCm)94zL< z{8-Whkl46_vzx--yXbF#KUFaL+AsF%slVT0W>T-qm6{TrH%TU1R#Dz#&sIqI^kc9q zw;ri=0GpQBmuLj!F)rno96#NBMH7K1mIV&TBdM=`PwA8(&&;y*v!;cQ2^g}>|7IK& z57obBP%K%COCx4G=d{oLt^#C||MTFtmskAJG=zLftXu-gq5R2!)-dyNzsq;AhpJ*K ztAu{Ph1kAg!;d3$9)mK%N>LoaJ6GW~tMF$LmgWBjvKBQoRUp>PGL|Yg#ahkBU^EbI zCN=B-|3LY1ADW^>m0j6H>nhiv@Dh%uM4VmO^uIyUY7_l5?Qaz;Qx~5a&@|NyX?l; zPWS{aMqby)>DCcpg25VM8%gPd{ z`i70!YNM^ddIOqTtT0OkHEjp@<;h0ZO4uM;keT|rp-APLsivz)9fl6|zTY{|<3`r2 zp2t(8iifGA!(nH(*QDE|&z9Gt;4Rep%U|4mZ@RU#qedH3g)#NR|G8wRR*hT!yYb=O zXDa#S{z1Os6_P4%Hl<$e#142Zt zoR|#2%+LVsMg}7bni>hQ{pP8=FrVA45RMiq8$yvnSL*tL1$I(QfS%M(yfP@iS1AWP z2lIKKPNAM=3+>*#(-?K6gtfuQnxk1THy7?{9n%Sd!kIXmuYZMOhTWt37B?yU#B7r? z=G^ACYZRx!PSFSS6NzhE# z@p9cd3|MUYhbKhOR>}1xDRPICg~677VMF>KM{yOwwG8jd7oE(Rq;LFL?168HD!j6u z)d2J5o;$D6xnA0_@ZFBP_J%DqW3f8XN|uy@{jn%Mm#`VpCJ@E4D1=!QIe1d?Yy(Xc z^!Zww#2ur07i<<=5|fSP_Bw?qoU{lGBg;fMyhdql2A=R4Z6;84N?>%8R+{`C(sL!izbn-3vm$vn0B+f&fsN`3e9f{dyAlRtYQ)7R&;f zo*r*1v&TM6$SXV;|8_Its9kt?6T)TK)NxUS7*1tdO>{+`#NYijV*`DvbsCLSv@;ES zH;(!Dz+Rc`LkCBnZ4O6IIJ}Ij(-iK0oG7sxy3yt99q~GzzL(svlWZs2^>>VrPdQPH zpw8bvR!qC&;aIhf*u`*>;K?rINRW6-(G<<#iDN{W6j1z+D--bGVOxfI!Jd?*GG@HGRC=q%kZm^;YZa#SvWfyxZylM?9sygkg0xe-)JN$i~3j4=>q5^3lW_ zeKCy?#k?>FCGd`ycvAk$(@B1A?dg~tl1$5R1!P?();c;9SYAsr{G;+cQTl-icPs#uf4>R)!KaO&u-5@<9+Qyv2 zgSmcVgp&RhF-Lx9Fr;BoSG%pcxS#E*M)5{$Z{6oiIA)0^`2@ahw9T$?)zep6<8@sN znFvBk8>g@0XERfv;dVO*95Bl7SXK=9|5Ku%R?vlcUbP+!ABR6X`x9tPsM28o9NPb&|y<*Vh|BxTP&W`MwosXwnC$;YCxBRwUUIQMF@s0~s zhMr9cE`1N-j~Lsn*x)W&h%1}OK~Y+-(!IdT4LCYMTgSTKNuLwG#SnV9B^0$o^I-&d zEB_4%Tdej+$XUsazv3nMegSFWg}`zr!-Z`38hLMM_dx=fr$EHXl+Cl~p&_DwluAB{H~tZkx<-hN;&4CCl5*aJQc2qi7WNiE_EbCV{|Mw%gm zU7(B4SKd`!FkvTDi?}!5)_zC(qda#I8p9I+@`^e~n(dK-F%=;)_Ij+JIAnVYBo#AE zNAEvV=szD{AkJY6Lx)#1qa`-2sL7jZM=%W?9RDQ>&TH~rjkqF_X4+h>?2S;6q0mfD z^sL&_!jNx%GMnaAQ=w%3-sXl8aH5+3HF9b5pfq z`C~s?RAg5YSprv)0CvY*>~1o@y6xaU!E9r=hAU!;bt7L&#uJloz7o;bTLQ@hOT*7iQmj=<}S* z8JH^4bM=LI55#zrwlHaIVwK?_g})Rp;Gqjc}(SeJz3?Xs4&({VfvzRl&J?ISrJ82m~9yD z>~4NbSo$qEyF5}p|!AiOZ%uKV{J9q|X2bSTwfkBzp zq@9pkm!7bCcfIRk{sSE0^%U1zxsv*Ssptc7=_tObJsm;QyfBLU=(xs`m9BukN|8_5 zDia)iupL;TlV(JjUiPiS7yqG^P9VU>Z)u3~nGf zJfmNSh;oc(4-Dc>)wXKuuyG=r%n$~OT>B|)nB1$>&&LFm%^LaVf6XBk55vOp;n-8V z>~ICg?cJg8EbAoN-fZZs=`1NYH3}ehhPQ!Ln*2A@%HG&rjQc`)(xNoq7iQoiaZ+Si zGzvHwmCjc<&A1_3Yk-f;*XT~KcR)C3pG75LYWD6m0WWRX51~AhcsY-c zMZP`DQqzpvRmFOpWF~^ljzWxa*@(`&NY$)-{hv)RI(nzPk-Mo451`P@ZA#P|fP&@t z)DqqQR_11mtPm=ESM~X`jTKE3+#*^Gp#Y^+09xTH7FK_C;2m19OdMvPe^Yl;wp5*t!ch-YkD&-ho1 zoI$$7#aIZ&^zJ6!%H*Mli>CcaOPqULQHg^k@gW?ykRae@*v7Pgex5B&-!puyro;E5 zY&Jon-MYCOT?u`(BMS?~j|v=NWq~uFdkSaO%D=@dMP3g^v}IxWy7g)Ic^Y6xu13EJ zQe!HY>%j;7gWQ(FocLV?%oPxptEmq0?EvU$c^&wU+C?xIm$A~h7kXzIycIepNR_u_ zgWyon(Q5ODq@muYEd-&I^w)hdKjn+uAzpj8DyF@x(J~4M9iIpkp0n6rl&Y8Yx*8SSX#4b&t6MtY-+vi9=BG05!BwEc7Z~- zwyE}!zIs(w>9rhNTYsThyfMG|@#yNaw|o)$E^=ru~97`Wc|aHmuv!iaz7SWsgge3Egn&R07)Tuf1jRb-a#<{^6)!Iko7oP}F* z5qbk6nqWmGVs}aGMvZ0X*-MRl*X$|8@IltFJ|Pi=u_WzBTutdTTz@j6Px<> zRukMQ8@8y;1k?ixEt2%P0fzVT^6{HB+G;v)8DLlftHq^IZ5iWC8_#_|>+)Xd>fMlc z;(Cqf=lgW3+Cz`tctK_Z>NE{H>Jp|pMqk|xi@gdByYsc&=n}0Z+(%R2(W`~Lt3#2* zdO)S$L#m*I&Vt&*3g+r9qUoeTgFTe{V@Mw!^`IMhn)SsvQR~5k?4`*B+$kH@C`@oT z^?*W)WPNUc;oVkIw{?*Th9yufNTJ#;w8;{Et#hP)hb|j48~$`KLQ{uLKA1PNdX#k< z(+KCy2%UF{`eT9G$Q8o_{c?l4O<%FsCHO0FZD;3$pxX@V^{hd(@nW=ppxbSrX-xTP zf;x2L;6X(&575D<-fqX{Yio&&E(^7;I6r*q*2vQ=0a1JgYZq|GDH~b@6C7|2D6~lU z+yKKnr(q)l%wK&q;8Lj836t@i+I{)(hYKStSUg|)ZJ|`qi&y<|X*}8{jd!DS15KBh zB^$@01$&gwg+zmiwP3$wtvXkvvkQ}nV$easpaxc=p}#dNmRc{}{P3w;qjt?w3{is9 z47hpG_4^#1EeuBTuswLsYekDWh|x0=UyQqzEP?oci}16k0UxbHl3h z?pe+V!|JPnl*A{(m@!7^EVqp0py&{)@-kH#;Zb?Z(@DN2vu}y6{$!TAk(gyT^Og#B z`wr8ag5jhwiW#8?s6&y>o^3Kmu@@a=7StDkwX+j?01LIg5PA627^7Ep5=@%tiBpZNqnCfvqrQ)xzWwjG|=Qqn)&cF$z9^S{JzWk zygtOc>)O{ulgSEIT!PtXW3x-|6&0188+vC6-}sqN!(1=wP-M3dZT;KB^3g#8)WF)= zE*kxj=p)0_dYh7mPmPhMIW}#g^0gBeSEUQMQ#P~+CM2BtIR}Ln4WAoUop;YhMi^FK z4WuLrW2V5#Q9LPo<;s`*X(l$q#a?lxckao*-sZ`F`1gxXUL*vn|I-_`hu2&{L?`X- z;)?wF-w_kJIuuFtP2CKb;{Y8rKn<*o&lvkFyJPAOG06{~8Y5q`n1QJ19_!f*I$PXn z8(P$60_wLN6k0TVZdi5RErEhF!?60Q#idZKjM*dF-HnZnJ^Kk!-{DockerHostUnlessnotifiedaboutthecontainernetworks,thephysicalnetworkdoesnothavearoutetotheirsubnetsWhohas10.16.20.0/24?Whohas10.1.20.0/24?ContainerscanbeondifferentsubnetsandreacheachotherIpvlanL3ModeEth0192.168.50.10/24ParentinterfaceactsasaRouterAllcontainerscanpingeachotherarouterifwithouttheysharetheparentinterface (sameexampleeth0)Container(s)Eth010.1.20.x/24Container(s)Eth0172.16.20.x/24PhysicalNetwork \ No newline at end of file diff --git a/experimental/images/ipvlan_l2_simple.gliffy b/experimental/images/ipvlan_l2_simple.gliffy deleted file mode 100644 index 41b0475dfad4..000000000000 --- a/experimental/images/ipvlan_l2_simple.gliffy +++ /dev/null @@ -1 +0,0 @@ -{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":323,"height":292,"nodeIndex":211,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":16,"y":21.51999694824218},"max":{"x":323,"y":291.5}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":241.0,"y":36.0,"rotation":0.0,"id":199,"width":73.00000000000003,"height":40.150000000000006,"uid":"com.gliffy.shape.network.network_v4.business.router","order":41,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.router","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":85.0,"y":50.0,"rotation":0.0,"id":150,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[3.1159999999999997,6.359996948242184],[85.55799999999999,6.359996948242184],[85.55799999999999,62.0],[84.0,62.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":22.803646598905374,"y":21.51999694824218,"rotation":0.0,"id":134,"width":64.31235340109463,"height":90.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":43,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":87.0,"y":24.199996948242188,"rotation":0.0,"id":187,"width":105.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":39,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0 192.168.1.0/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":147.0,"y":50.0,"rotation":0.0,"id":196,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":40,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":199,"py":0.5,"px":0.0}}},"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-82.00001598011289,6.075000000000003],[94.0,6.075000000000003]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":220.0,"y":79.19999694824219,"rotation":0.0,"id":207,"width":105.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Network Router

192.168.1.1/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":27.38636363636374,"y":108.14285409109937,"rotation":0.0,"id":129,"width":262.0,"height":124.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":44,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#929292","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":33.0,"y":157.96785409109907,"rotation":0.0,"id":114,"width":150.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":16,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.9951060358893704,"rotation":0.0,"id":95,"width":62.0,"height":36.17618270799329,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":4,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":3.2300163132136848,"rotation":0.0,"id":96,"width":3.719999999999998,"height":29.7161500815659,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":13,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":99,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":99,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8599999999999994,-1.2920065252854727],[1.8599999999999994,31.0081566068514]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":51.46,"y":3.2300163132136848,"rotation":0.0,"id":97,"width":1.2156862745098034,"height":31.008156606851365,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.292006525285804],[-1.4193795664340882,31.008156606851536]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.919999999999993,"y":1.5073409461663854,"rotation":0.0,"id":98,"width":1.239999999999999,"height":31.008156606851365,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.4306688417619762],[2.0393795664339223,32.73083197389853]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.9380097879282103,"rotation":0.0,"id":99,"width":62.0,"height":32.300163132136866,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":2,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":38.326264274062034,"rotation":0.0,"id":112,"width":150.0,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

container1

192.168.1.2/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":124.0,"y":157.96785409109907,"rotation":0.0,"id":115,"width":150.0,"height":58.99999999999999,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":33,"lockAspectRatio":false,"lockShape":false,"children":[{"x":44.0,"y":2.94518760195788,"rotation":0.0,"id":116,"width":62.0,"height":35.573246329526725,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":21,"lockAspectRatio":false,"lockShape":false,"children":[{"x":29.139999999999997,"y":3.1761827079934557,"rotation":0.0,"id":117,"width":3.719999999999998,"height":29.220880913539798,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":30,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.8600000000000136,-1.2704730831974018],[1.8600000000000136,30.49135399673719]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":51.46,"y":3.1761827079934557,"rotation":0.0,"id":118,"width":1.2156862745098034,"height":30.49135399673717,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":27,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-1.4193795664340882,-1.2704730831977067],[-1.4193795664340882,30.491353996737335]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.919999999999993,"y":1.482218597063612,"rotation":0.0,"id":119,"width":1.239999999999999,"height":30.49135399673717,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[2.0393795664339223,0.42349102773260977],[2.0393795664339223,32.185318107666895]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.9057096247960732,"rotation":0.0,"id":120,"width":62.0,"height":31.76182707993458,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":19,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":36.36247960848299,"rotation":0.0,"id":121,"width":150.0,"height":30.183360522022674,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":32,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

container2

192.168.1.3/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":102.0,"y":130.1999969482422,"rotation":0.0,"id":130,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

pub_net (eth0)

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":93.0,"y":92.69999694824219,"rotation":0.0,"id":140,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":35,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"


","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":14.0,"y":114.19999694824219,"rotation":0.0,"id":142,"width":78.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":36,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Docker Host

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":71.0,"y":235.5,"rotation":0.0,"id":184,"width":196.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

docker network create -d ipvlan \\

    --subnet=192.168.1.0/24 \\

    --gateway=192.168.1.1 \\

    -o parent=eth0 pub_net

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":45}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#999999","strokeWidth":6,"orthoMode":1}},"textStyles":{"global":{"bold":true,"face":"Arial","size":"12px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1457584497063,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}} \ No newline at end of file diff --git a/experimental/images/ipvlan_l2_simple.png b/experimental/images/ipvlan_l2_simple.png deleted file mode 100644 index e489a446ddd255ce9360445f0f895acad31ae214..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 20145 zcmcF}Wm_BX)-MEt1b26e7k77e*Wy;ZSn&jRC|X>LyHhNz@S ze8i0cV6p4QB~YT4VUhO25)Fd;Y4*1#ZpvVXQxpL@g=es)ECJoB_ zyXF_<{ZZ+Qd~qMX23VTO0}Ci$EJ^VH|K+bA>SiF`)Q`u6!a+qr=091`>~XaCToMYq z%#PZ)GO53SJ}8O9N}r9aMcoYQQM|NynYTCxUG1+$oqx-fFj)QU^!q?7qhN(_vcsMC~IKT z)i*HpeMViZn9ole+tgKap0V#v_U+Fc?`5d5fT!ue0mC!l_V&Quf=75Qy*au+MC7l- zeCh8?un+IInI*_z|7wZv5M{;bNI>`**5&%Eq!%q41!ycdM7^OH0GJf z#?QYSMbkM*`&<<-gdC^9X2vA8C(zKOe-NE(1VgZ#JZJHk3m!Y(6RbSS8hww*G5t`t zSz6qUA{66ryN~oW1Yk&=qIz5u1wRcy@S@AmY|BSPjXc*BJL9{2X~VRI07TaD;6-ut zO0EEWC8%$xX;5lmLA}upP)&ZthyU*FAaF+2&rpG)o9xT_1osxTGeRG+9>^thtqc?{ zB|`lf3d;R$sPp%6>)a0*^ngtwg*NIi3KA{J4B||mL4-1puMng1JxKL(fVHc34DX*n z$GN^|;Y&9sgHA+;==1OdA9bj879%e!v#`T}*Y}NN%|r=!#L|g;Fs26;L82C|Cajit zRyHwNo;V|V;drzYKZ6;1f-QgFA_$;vTvnDT1l_U}#f@x47rwW^oEo)$P5ogQUi1B(|g0`n?TBSX{|gNu|)%Tz)QCSI{btITmE5X zNJYEcoVGIdrxZV+3Q!)X3`=`{dEO=?rBf>?%E4V>a6Ko+8Q(Ehs-3|UsW2|LwY z+ud(#h@OLgnDwq)Eh9VIH_-+@=cg?)vhTqZfZ&O$WOrJU|rz+4cMZ+(EHf1j|RUrYkwMbbK@;q_D?O0qC2uIm({e-I z8Prm-->~Qq|HP9=?zdH`wQB(L%j2k&?KJRsCxEXwunnL_6PvKP~^+s z<&JOFVhBJhSqz^b7&WD#NSrR&MVv3O8~oHrJbjrXzJwAg*4_ET`TVUoJ^ikQjL{Xe z-=sBrf4LS2v3wi0yuHo6hj_#qMRXfTAOI ze{9uYtqWbo{thk+^c)|}@Po(6y8YSRB+y{)=V7TaS&R&4*F8cy_%1@N^=(e*U(-$? z3?!%Y1~uN?g)IV5b{jGs9sc|2dHu1YQm9%BCMlWo<$WExAKkf?I+RS&iUIm{3O#EK zEu`=PP8HK%HGMLXD;bI+(KWnv)qXt%-ta;fv$DFD+$YNxdAN<|(kIJaV_WS+13kS|OHuZHDuqsV&rZti zUC4?bAHu=keS>z6VY;2p2m&XfvjA*E`;9KVeQxFmagN6l(U{T^Yo%hId!GuUa<5a( zKPX0X@MV%47lw9uad*W|r@m-`{|G#P9W26`izdRAr`AHA*v3j1r5OCgxr`LJ4MT|k zj4m`@Dz8*9m+owX19@VE>8dLS5daXSA%mqb#i2xcg3%&X(;4rn(=4juVbn(M`Ac!4 zW)IBabKS1NDvIV>*k8^Mm%!{8AWDL|=?UO6&BN0l?&sKhk3f!D>DvWlFBf*=xOF)* z2@cX7J^$vdnUS?XYe$2n7AXREUHE*A?#iK>f((Gr7@K)8Sa#|VW-K}qpd=1~C)knR z`5gjXOlRNJ|z{xF1@TC!z z3@>;Tnqyqf8cqhVntIkzbKfy$56 zU2=7{wMW01Y&g5H*3ZL$kUfu!2AeS&)CguhTh@1&?Bh!oabyfQL*4o2(_MPuQ{LV= zJPhY!>4H5oQ8E(!#5FgBH^4ubK>RqsF8^#&HvQwhRnft(#0Mv?9n|xKCgI1SFH602 z5uNdVl_7?Ly6rHeSt40E+YcE$OtSthv8%?maN&iQ9@Jo=T&gN!Tuh)STa6r4xSm(v zZwEiOaD42XeYh*Evi6&DpJfo4A7BL@0T{k;5#&_y&{jrgt$F@PXUQait4|7=NGqWr zZZb|OWde0>UmILF8dqDNsuvVWNPRXVCc0TaU;NbAh~}GnIeY5Pm@JOyWbvbu6|C7u z?lbg9IfZbu@3RA+h8ZhJ9mrw-S1aGe3|9e!it+SxhjfY>U-eqB(J*|H>+GfIU@R@oDe;$GFfr7B9f*qPUV;w0wJ!K2l4 zL+-mP_AThKY}3b--xlc+*k)zhw$WQgEU5uUKjyQ1Kd}8;K^)zRv3)kIxS;OP3b?tx zmQV6<2m^^#S5{VbbdZQOdVj0z=?Rka5sm=h@i_5k-)(<~3m55nG1GA}LcpxobsQ|> za=8E0Q%HQQ|2TNJTadKBAU#bP&g8J1SeO;zrDx*YJ)4dJgkt$qL?98@-V`fywjh{w zBwX&kEHmfuE3U7qa~8&n!Qh%Dw9+K)S+A)6o+yBMp@6rW_$A!C8>W#jL;TU+zPzjq zDNOQFuPizy=Hf_ENojn1{6dMDnK_}xcwu3|>HUU{)_VC3;;j8w%gGO1z?Y{$0l~&_ z#K1HFOsEf1jJpA7`&imyiA@azrS|;gHabV5SV#S}5guvgs~@}DeY>p~I%QtZvP@~z zi)m?8s8Ptx&5e*evkY{V;IT4Y0BDvKB3O|dP>Na#r>>iw`EKA9f-_l0%=^;e(eRZ) zyg?Ci*ApjlmrH&U^!c&w?r6>iQBg?awNMRPA-k6>6!2H^gFr}v6~yYXSp(yqS&SKLpp4OR~pXGlE_ zU`GQP#!S18EqK(-@A5PADxELAUL}%+Ly0!))v7)6QHks2X5SMl8<)Bszh0%V2Z z;BC0huqcb&C-Py48><`jO2tEQn5Ua}^p!TfrkKnOs_;ngt!<5jejKx-+QQapMFJ&1 zbNSZ2gRsD?gvy>Ql>J8@#)FoJed*f4y>@Q!s?b`DvIz*}Dkqsuv^8*I@9ZB2T= zAb$NWBEB-#D-oLX-%JMi{+Ddbu9&1GbyJlxx1 z$YD4LfWX=M*$k>D`@s>q};wwm3lwVnpv|ublV+h!=f&V0w?V~cLakqc_$8RwGp;IL=-RF=K z!NAqiqcbuLEf^&a{i{2vkeOq*Tsd*rP{OB)7@odm@@}%w+9)9I;;hmAplO7ENj{QW z;6DvW0!WT7QknJoaG~6=x;TPafUk#sm3y(?mwQpmWd+_C{^5nDJy*yzUjU%>2h)(~ z*Kh1S4EZoM90XwM3vL0|ou>rmGG?ET zgX|!bKwsE4S&$YCY^UATu&W*qP#s6+)a0KT9yMSfnmV}r-lwEFoDCP!Z$M-IYo~=U z8fGZ+!k>F{4*iN;KK`^LfH#Yw>cd~Zy$f7X`qwhvij1sXj7}3@wyyA|S`|&7K`b(& zxAVXZb;x}yc&3k7FG;=SFKn+b;GX#iHlR!Mb<(d(w-ltOf#99%8z26EXvGBb8t~te zygyMBv7J)+z54NBrDqA_kBxI6*606e^AGNCRoDNjuX_hk9FXNMe?+Fo!ue-Ph)X2E zh!^W$FZWnU@53-4&O08qkbfO{`_TCI@d20869L$?f+|MATFsrI{`cXjhzaymVS8D> zr9WQze(CSI$CrOrIYph}=KjS0&F}hc)Wd&F|4b;%_`M>l6DPhEn6E|+L zN@t|Jz;X@%ErOVseoV8I`e*Dn*5Q!p8 zJ}36X%CP>2Xpcsc(?w4UtS4ze{6Lp&_jA$X=p*BYb6AMOQU|(lEMwJj5W}%TiQWHT z)w6&M6iN6=UEIVDJhoVNQr4`|*Ono`Q|R9bo+#k=cDuuv<;9zyrvI#+tR3E0BVWvH z%dT_lGJg}S_qDA=@k76|Vxh1AlPrJ6k}s)%M!ohCM)Xxh$@ekabu{OR)!KRk!?|jt z8aRxF$41X5TPih=n1_GaY=6yYtgV{Uf&V+{4P*ZI+TU$9oO4#;nUeP3?Sxtmf3{{@ z&>^7e$7gI)CsI1ZXAGjWKuKk!@!D4h^kH{|9$q&HBt8hm4n3u<4s?ohe_=H6bc_aB zevAb4dM@=pylfrh(sNV)BeXtThE|Z)=32VDF7_BMbkHy=`fqU{W6ZM8`*BNW4!i_u zEk(LhK5d=t_F`;eH!$EVUjqLG4Cvm>)cKRw8CBuM!RG6)k>ks|p=<(zC;xdvu^_DW zFL{cSf!ffrn0taGV9##G73eaHR%qiSS!=UeO#fv0am}Et7aB{;bJ6UrA(8LLd(&{9 zK)aP7WLT`L#vLA7F>>d8D^XAW4`{)^YEOA+A;(%7$$dS zZQJwMI!iaVB6Xy>zC)JB<6`?HsA2Y~38QJ)3&WmTE#+anjCS2E;_+ImC^n_=1)h4ZpPV`CxkusY!ON})B=qUH=k+r!BXxp}C> zrkyKz1oukDrpyGd6%NBCxAI18pR-9}K5?$_P!6q`wGhf%0;7$cS2eK&6d-4e!Eu-A zk>n(XBmw7KLK$m~@|0Z5EVN^Hzv0Jhdcl2WQZ#HAuhuF)t(RQgpL}N_&+fb^^ceT??2-7<1H*5jSQ~#&KD4C5{$G= zOvfmmYmL*=Y>G$@dW&XRe%X(Tr?V(4`Qg12wS$S+vr-bXx7c*%JW?U`Jy=W)9*;w{7$2 zT;rd3&aqgp?X-P$=Hu2h=prcY9F27Z$kbDFP6{8=3Xgw6ZPwDYv?Wdp|3$FmOU|hc z7KdHdy7#w0^v-MFpaCDpf-4#S>Aq*ki#VP0-GQ74fxD-O6(_kQ?&m;UXrn(o zCUE&Xn;CJ*ik(a@iUuW8UHwf83FWmFLGDS{;@0r8HB$82C8)HuIFb3Hp*5;5Ik96T10b` zb2&BzJo;l%NOnCeh|qw5RW-jZLfMOLE5n~P)zv2@(LMaF94+WNVeJ-69Cu$Ev{;fh zsYjfCnowV@Ob`*1GM33*IJSTbjW6Pf04`SaNSqrmuIG4Qj%znm3R{))PhSWRQ_ZF4 zvll{b)YoSQg+jscrQn^()>581-UU_{sp&XlK+s=l*}3^(=7nqC6B}u)tmng`;*<+n z_-N~_&oYlR!J0pt>G7gloP0Z;;p4($=a=hAQkK7dh_zJ;EYX;jGTn#dOV`^;*Ad|o zlG4L_umIG2wCu;izsB%VF~;yLXM=qEBV%Pz`S z=g59bi!L;7w<5z}mclTkS%e4q@14v}eCr4WJK+i0akU^DT{@0)XP9(IxN<3T>7UNm zCav!keM_a&3b_KN>5;cu*@}Q*VCCpemqNjby1Ke0B_(~h`v(UCK`)(Bg#qv+rBIh! zmFEqphtk2#bDo~Y`r}zVRnNlpSdCIME|f!hm<~-+Jk@a}H#-|u%k1uSjWAY_wop9c zgbn}*FWp6kZ8kJC{O)m}`4!N>k`Nas@b)IX#`?{(7QI+rs~!@pry&1wNq15zuVllrgDT(P*7rGViL$jB*pruuz<_K z0PmisOiXnin)?MkQ=)JVKE8+zao#MM@pRgQ=es|zrKP7O&F*`utB)7M6bZ4hvGMU1 z(FOV}oI|8PyxwjBwPL@nqLr-N_2{~YF1F?To;5-*FMPZ^Q&Uz(MMceT_7<}(aCf^u zH+Plz<$29W`s20$=60K<*0H*2@)2gg)wILwWP3E(@Amj0(5)|a>tbtoRtqMI^oMRK zOgT;H#Zwpx0Xn(xV%JTR_u218+v(rk0V{8l%V*Vec%M+FG{cQB(|!JOOuvYTUU9eM%@NtStWi59a9L*_U#y(wTk= zVq(S8xvs7*LTCA;>xpSHQqoYj0k$`+Vaj#P4^BtE&{R(yp8e^eK*LA|nhn3*wK}hT zx6Y)q!Q@>;rx5k$=i-8s1*5O`aVaxwelRq(vjxou)@8&f3Us}LQ%+q?Hs^iGs4$aa zVB>L$+tF$m%J#zgFhvn?t>HZfU}U$iJrYbq&T)~}j~&>${OcbSB<4#r`52X|B>j%R znD-k@g32sVE93hq_#;OIMGZd{5$Q@5O>&HQ zXQFmLg(XiaKLu8j&pb1pW^Y^>oPnX>7>XNYI3T02dH0|NM?Sd-7WgsOxfo|BUP*a^ zBjOuV5ALp`!Ny5+`21R^*U7Ty@gfJe@JdUoAr#w};~Whx`IIiy8a>vR^vCOx(Bq$y z8m{=gS_9L$yY!RRCs9T*CoOt|PAw_iIks}Q+})fbPp%f`ZgY>^pZH7ng!fK- zx=Ycjz*gKXS8iBjCOwU*c#>3bDk1qFgH@_;KP9EZ35O;9(Pj%JXVL?GA(r9tVM0;R za5aZTmlt$vV!%hIB#j$3``A&QGfgwAPj;bS90*qxaa$h6{_rDg(4R>)v+QheLY_E+Ka_ z-6snacjq5DjabrSK6mQE+iU+BGsdcuSEa>H!iGIf&| zVpmg-+ohv(!SUjtG4T-JPa>kb;aXDTE?=FK*M56aZV48ALB@%Uex+TWH0*Niu~4oW zE9M!ll(ArCUrzjT4aU+Ke@$hKOVS9xSyollOVI&!)3Kp}@#rpo+={8+wHGCPvT7{f ziWU+YzG;?Z(hFv^GF$VL`>1wgMP}+kl^z$5IwQ9gd6lq4ElVh!3!=YW?uqWIR1P-e( zb)gatU4<;f>yivtJ8oxX$nXPGIl-Fnt)@fk_Qh*&>x?BCZmc6*e&L zvn(^Zw1BqSet$}g zt*LS4?z@3gcXqX;1IOalflV2z{VA@zV0q$huVbnVb3w-5V-+>SX7 zoSflMeMmetKwEl!)5L+0Uw9fFH*gq}`JeJlSUgB{;#lZV8^|0&-ME)EW5O55YC`yU zrT54aHU)3xU|Sx-BO>tpAk~+R|ZI!X-W= z^ms^J!H)EUq!h%=GYApE@S_IU>r7JN_&V#k?>iffLNkL3Qld5wx)zHgw}(@Hbm6M* zDt_}n**q&ANsPL^mDbEmOCf^9>OfZTN#QJkhD2pcVHQT{6y&#iQJ)~87{ozoMaFAV zDE$e*T#Vpt^WCi6TpJLG0->Nb(My1MopnZt3l@|4`X&sK`dK8OEm+Cp#2Uah`AMW- z{ltLZAOZo=dE5A!7b)fBj3N>(JhYbHH-_xEj zN6TjP7-^jmqS7?CGg%HVtNL^4P#VCnlWzn-^Lk=l$A6z=4j^45p4T~3+I`9+`Lv6&q~9~b_$*mQ(C}9|#gX4wiJwgPo*+dTayt5UI(TBJ$+Cs~|9X15|%tnViju(nQj?B<662bBTB=}y08IzTJz>OZ{ zC2({rJG8g2!VH6@1lRRL{kJaJyEa|%z5}q}ps~2gz`_rCF&+8P`=vpnj02dRf{-f* zAWVPv@u#MWFrGI$auVGqhsaj*Afsk&;mFCk6Nfp7bhmxgU7k?f&5-h(shpAJRBUPF z!n{VBk#T)rNc%mQ(xBrD7wNRNJNos{Prguh@{Q4h_1+$J<#t_hlkH{WBK+BnqYm&F ztEmeGwHO?Y~_7q$H%TR(T>v#Z!!=cDEr~*dAhej`#KPXbG+U7ce)1F0Wpk% z#MJL%Q--q<1%?f5iW6es)zSf}Wc1!wrul=8Lt7kgc+y$wF+9F*%lM?_pYL=&$l<@(Jjj(eKT3F9X?J*6ewX-py#=Jj=R zRoB3|4!1=*$7g3!bfmToCHH8EU|zR)vuYp-O^6A?sSp9)7cDfN(vaXFh(TAr=K>pG z{un#VO8zO%8-Y%j)7#Pg!%UYhIL=%3F)QhJ(Cw1#wz1)+86ED&F7?L0*Fa)iBbY#Q z0=mBEg7f!CVF*dp#GQ&%1IA*lR-(}sfmkjlC<2sCoiK8hmNQ|x;8Ee;{vbmNR!LF()|Q{2H#_Z2_Yr%IC!-mQeT5^&)h1kVxk$D14MjjG%5 zD|JkP)&V1EJ|Mu^csd)~N*cUel8v1quPe6$HF_Lg*%Sbm4(!10x@%zbM>?LKuxOPG za)`l>#Paa$?h;7oZOWg&(fO>i2tUhm)o;R&{!sb07Hc?m$@ikH|kfCWHU*tE$) z(Z1gw@{OZ>Ru@9Zu?3nHT*uP7qkbm|#ULDl)YJh&Q3;b>){z&-;?C6d^kMJm(ON?x zFB=^7+wl;15wcx2{hf36edl#1i#3G!WKuX}-{n&T*uGCz9@o%;WD+yrgmFGxHO$@O z+}}Z++mB!OP2kERCjPqZ>BABZxB;jrr<26pWzK7ZUR$fJ52_FOUhN&+QqGGrz)U|m z?AVyaV=+Ts$=HLWM0Zxh(JX<@Rf3-nGFnT6UZy4vrF@be8V=Q8GQ4dPbwp7Lkvth> zJm)5+G>giI&LJ^k^;6HsYFbHo^lYEcf2dV6(jGTbMyp3?YPafBW#b#Q!nW9*7Msi1 zd&Mt9L74E0uLO`yL8xZkwvhWSsulJVhA#Jm(^(Kzvgz@t=*8vzTrFvk^B+=$03WZj zRV^d>MBBTm2c}5s`2yU9Xh(=4T7frJ6VfLy$Ci+BtQdTU3 zd5l&taN}ZRG2w%1x92AITl1^?!BSp|fRA%u_!5E+EB|Lp%ni+E!0%0xi;}t+RGiD7 zzM`~SCP}>2?eKYF%NCiZ#2`R}{&q)wSIp{Asy>C$kZO}yMLs^^;#GzKbS7(k36!uf06Z#|e zx*tAU%1811d|yg?vlD08PR~m&Vb{?O`WG9`)JFNb>-`xHoJ$#1dh#AmT5pVvS0`e8 z>ITWWXd_kNEvsRCPku)X1vCz>><^yk41wTBFa|~A9uTMi zGU*kw3ArXIqqp_#5x){d+Yk1qFh0@VSj$}sC+k}c&tCnz(%Zyl+>H!4t&;l-v^QbC zuFL~^61eSn)YEj;n4T$AMMx<)t19B@yDtn=DE z%d$cD$+cFO%Ok5&N3t2i|DZg6WO(;4Z1R8zUarsw+Gl|DCZ^F!6Ku917=nRUrDaQC;((|5bk3#EuDg(C8dM8zi#N?!^DD*J zl8^t#L-=KQk)_=!qeF097**xENI4nB-Hrk&-+2EcV;|mD$>718qhD&d!sVi^%Z;`e zG->sKZb)9jCZ&4z41z82_sbDph9hBScaTc3ZkzSzw6`LH{Bs@7xCLDQO%m)8o1RsJ zb5OG+`3JFuX&5Ys8_5YA#4=lqhulntMDjTMpJWudYSN1Q&zLa5VGdCzO(VnNW zSaxrcLSi)I@azIDV_5_V5eU<Vxka##r?>5(^|}#>ROKt{QnCU z#DwD6gpTc4zz+kj!7D{9vADZx**ku@&1Dh^vau4`aBsh2fM1-u+iJnet#27HXt0=yjrZf_2bdD{3u0wb1 ztk`VS+>C=nKm@mGQN$~|q%BT9IpW2_ma-laOSD1cW5eAtMxF~NX`&b=y?39O5!V)yk*YUvpXP;-ot zp3XYt^|@o@^!JC(;w8$X7uU!_Z=qk~1gPZ_p6SY63< z-Z5cBjpCHm^%bGrd+%^>m%+Ey)TNbp+o(t3zs8x?f#xPncu37YNd~SIgFY{F$8W22 zn^@u9pNUw1c~;Dzdg*pQQ$76{{X5R@-U$9#HuGkriW#`A~*vshU#7Z zbX?V($VC4>nR04uLJ&LfcFwx^-=S1yC`I^&Pp_{2#NRj@w>_V9;u9fSNUga6heP+mrf=TB-R7JO=w;_ zzhdVV@Tl{l`|E@v3Cb6ExgFu)!Jyi|OIFapuhNF#6S5o(-b!p*-wyr3Tyio({~$l} zCz;NR(U(s$EppiT?MsvYrl-}?CGz-ZDaMC3b5zLNM5r=nx8v2iA;wK^*>I+KRKe() zWhSc+azN zyPPrUXx~AJsk34(T885e&2hgYseccc`*+-?2Fs#S0gLlUqdpWCf|boccW!7GQ1_U z1hr32NThsRGG|^}I9g3ZV`!FqLnZ&=MGDWXc*bqPGU>~RG@&tG{`9m5j5X}-$;xnR zmnNj+^|Q9sFA?5$3zKMy`n*BVzZ5X97##Ra_#bP$Y3}qPuP6F=Sq?)Vt-(CIC#KN5 z(x3Za=uloqyq%ZFXC%?{ssH{aK~3Y@`6R#R zc2?ovyuPvGP5Yu|rRO4gj#eo#R1@Hs^j3a%b`{^LD8YSpL5a1YQWfnB1zrI5^1aRgrX1`-0#0 z@?^eE6Xy1xNP27H6A|AoYiVf-R{@9*dAE)G7C(U(6IfqN9@gP6?&3Tx)8$M{_t#kc z_+1c1>W}{0E_+58F~{^6s>XFT*GEU1VgdYWvmGYU{#7ak&gr7u8~kCQpQaqsE#~pGnDU-zx%p2coe&^WxpC^{J8yg>iUcB z%7KQjsT?Bqdlr`&9xqW?QAb=F-~Fo>p?tUcAn#FZ%zHfHa75l%zM}?u=B`eQLBl``W8T#~K}l2*i);+X6tjk1od`E<Y=KV3#P-k7eqGT4vqwhBlo65 ztTaME%Y#Jh8FkdQJSCx#Hr{%JIXeBPR7JPYBK2Jl#-%6PY5G~ph}q1Wt?czkwS`X{ zyc6%}J&qC-5yAmc{s#k1o`37J4Xe|z&0j{^Wbsn}T(zBQ-+Ay@YOPaH42kKAZQ&~o zB;#$xe&4N1i)V@I25-gNut0?(nZyyoHsN*cK3%6vsLeQdDv^v`n3=ihh{qwe2X-y+ z|FzN;nV|12mLS?6gb7Nm;H%};AHZnUJYw6~Ak#~YsV!^wU)p9i(c;2-41MTa>HF@U zb|^cRS!3_pl~O{)sndA!Gs>b5d+xKweeuF;Mp*FzY9WX{^~bLnFzN&Eyo??MJ1CIW z)+_Lb4_dgOBTwXzsqGPs-Rn1hlBQSq#x(L?H}XiEh<^&NuH^7bVU_2$c%Lf=rdmp3Ika3ZNCpvIcWJ>I;p2pp4KJ*Y$bb5iMrlIp-YpUQ-XPY< zVsD;u#DWo`$DmhnSi+;|o5sRgY-d$gVu&8I6~imjCdd2~-T-1k59YaGA&iaHIi)8SWJp6&U?3zxQ1yobk<|N-nQ1@dcLG>1g#7Lk$$dV7a4riS zs>4Lzu_K-6tmmAPPXBEKlk0x^yd4W-isCyB$!GCO@vaYg+0aDT@fI)NvHW!XA7(0O zL!G1qYjm@LGk1*sHw$`UO3h00EEth@TUG(p5`PLNevikg7>4$TVq+^&&`#BYx^9O}}Dq{44aJB916HfW>L&MNk!s)l$m9J4V|-Yjd2Usct1c*rDSyF z8J#b$#-xF7lKcFs$@;E6d{7&ZWkLp|c*1^iFZew;q;1E8r39VGtvpq1!O;q59g-EM_5M5wJ&jy95n3e11Bjc+k%xM~pQm4C;D9XpYL z^zkQhvUO1=+S^a~@*MMXU(6^8QQ_}bWszEHHs2mlU?DB$hnTbZNvl_Y^{5tmf_kW7 z7>PD>P|{RpgiOT=f`4xi$L>O{N~$sp?L&)Phg>H%Xj+-b>4(QIgl*oh9FvxZmlx=I z?Uki9PNg&Gs%X*JS7fAzIUEVc6U@EnG7n{XI+SSSojGM>U>dA9yO$6a4*Qq)&8XB> z$9LT%ZlUkovhbG!Uf2Z$$|El>$JtN>f#bCMWUTop5^VCCKN_#;98u-Qzf(q>r4UR1 z)mHJyRTTa0HPtjfHZt6Qf|2~O>#xC)uqyq*lkW7O&$F*$B8HKnQsSnoiO(MJPDNmW zXXV$3TkYN3qkZ^lu&f#%#gN|Is@cV|tbrAx*TBWamFItnJT*?UKUf#?q0kh{_H=*W zMvb5p%Y}uYRt_-5e|rc5DAlW+XY=FgYW5nV z>+tU`KO&)l9xAHYuw(I(rp4zVZ}y6}XE1c$hJEF$M<2&Q_O+Oso6}t`2_5js+?WD; z2r)vtP-X%_iA*!^>!RCJD-O_vypBKbr0Nk$?P00TaXSz~|=(@*#;%gqky z)Kv8hX8FEZk=v#vYx1k_F;t1kd@(keVNT3UEMf2P#U zF6jI`E?gig`BmUU)wh~r5DN}_3Up*M3WuI>+1#B_7woHJL1}Jnk*es@^USNzTNT6h z=N*c+xTK_H1voS`R2vo<8Mz#Qjg74dq@_*6QQmr8>aZ{|@;n*4lisAb2Xuq!(0CZ_ z8L6>kG~}feh>PX5aj|@XUnFyL^RNvxjD?G7i1(r%X=}EP+FUn+7js!$&YIhfY64CL z+x_xRsL06Jpg37^hzPr8pZ)Bn0j;c*=7V>`l&+-kJR5&>hr>I(3VUj_csveGTCSez z+>Hf?&@i54Kzz=u6QP4Ri(O_@9zL!|>6zhQ!8OaJDk%W&G^rh0qe!RwFTGZb6|Z){|6HO0lno z_-RWgnH#>kQU5)Ji7Uw7c6qY3>+@5cQRFwJ2K0Dw!cyeL>YX(Nr5|aggseJoPnQuW zDDtcLf^<)D=Pg+$MNK0Xi^&eIAH{5QF@yBZM-9N{0YuD#P3x*TOs;~3nh6m6$*cK& z&9K`5=9>)tP3wb6L&t9E<%yNzpm3W|7i+tg0*{Z^^801*SFx1uj}8YFwj1h(xR|yq zON-+tRS6c7#x|2wb)VLnsd>Q@*h%W$Bn^|rEM_dJI@MY?Rurq&YY3?@QR>cztxq`qR!X0xEi4w z1ZH~?=0G?)ieKqxuZV*f+I}y}$6xV0Je30Pr)gnefX97=q&%OuV%=mp1MKOt=g&RO z2u>v>)?;mT%BC)(P;@fXhB)GgTsF(7&G@ieJ^uJETKAkNks!L=(bSMeNNPk>kb7-q zeae=F{aU2IYSGMu2pM6I_Z&kq&C!k?3|$J<*npK@v>=4TXEw4 zKNc2K^j-Zy!zaxrc~Aw{e9_h3<#nD-;w&7&qRXGLZTf3mxkdLSoNw1N`tL1@3c8#oY zg3t3_PY>%}g;8+#FC)t02H^-fe#REeOti3|FnBq;+rDZ{R?qhT1-F_jwfOlv2xTZ+-Q5bkc}5Rj=YJ(kfT^WMiLmwaxlXw1X~SQaIquj6l%# z$*_!JtuSpLwk-+y{UxD^G+S|wX#FH@m=|OA?iNC_?F#$Skc56=*8ShUUFGT6h_%h3 zDuW+X(^+hcD`-^2oBB zED1w>$or-H8^9bPN(hqe@J4%M4Nws{27yY|*jxlrE)++tg3=2+JbzZ2Ht-15TzK2( zEq@uGva_@>V@*r=f#R=^#tFA#S;+~JCLezy#kdhPvTm=@ZAard>^n4z6qqcAIr~g_ z#zlSVwb9|mvC)lKK8gH<45w_q2$fRdOU>ZG%?fwY1k)=DIMr@iid2LJV%i*cvHJxC zeK-iiNwsjoCc9#5IWhHip{oDWoEzKd$WoG{m^-&B@+J*vHuEXhEED z?|T86vw&w*or*ZAt83}swy@B_|5L@4heN@2@iB+lyphifqZgWQiDiWG7T8 z`#xoC*(Qx8WNT!X$Yh%g4GmdJV;}n(2H8S=qxX;R`|h9TxxahQIrp63xzBT+=WO=Q zvv&xkTVy$y2nDO7>hr(8kj?NYZD5}*E(}&iqqr>BZQ{l-<4a|ZLzRzN`e|QDzCgw6 zfaMiSn!lqWoAY!Rog+XkrjUS?%ah~rWqZN{^AZWtEs-h$=E$*ep^NvYb}u!eHgLjl z{IRL(gGx$XK1gG!i_vv3rw?jw(0%yz+=9LHr{&*^N*uX82v}xIFilM3EqE#Ex_W4P z42NiqPMkynkB`8mg*LM~Cd9L8X8-v#;clUNVMJsUFLrmG$>g@t-Q(RLtt>j0 zz!E`aE|&d;%2fEwG`Y7S27mk{%Ej!}8I$ADwDz)&CvepPARixJ0j*klw1HqLiaLz* zu$|mTqo7W7AJ})o+B`9L53V0O$*IzmZ68%Dbp~8kk>pQmK-R>Fo7=$|wW=)mcnNEX z>TF#uy8Y$~Vt(ohZd9CJ)b6o**~|?SuF4B4ul}C80!~_3Ujr2*?{(!fjSjobZm&5~ zJC1vPed|ZaULhXuN^`*yK0CYn=B#1w6>oKqS+kdSOOWb9dlLjuw&-)R@h#9y)D{gU zW0NLSpF6K|)Xljy0ay}!EaWCFnNqC{*3O+N1Jeq-gekxBj6F!KmdH&0^>9H?hFgTG z!;ODkzV#q=_^Q11$Kr{;nJ>lfyp7DnmQWJ=N#oqo2t;QslVI5Ji2?o}na>QCp@T#V zE69-}5-}tT9hPod_#wgw& zDk*mX;;kBl4Sl)0bO;`w!1Fxbnt752v~PYN%)Z7$>I2P~==T<39(;w5N9(v3WIkmW zd59mlO}#Lz&mZF5o_1Saa?i;A;~6E|(~rvlZV)Bw-t^v_H)E4eu@!t>dDZS+`FE+t z_OhJ-jR9Z>_-<A32giG6D81%G&( zRCAgWi$9i+g-%x_`00^VV7b7zsW-YV`Mf#*1REgaT+!4Ryu^By*bsYkwdcq|pf!iV z7am3P(0ku(1#X-A4OHIQ%8M^b*rV=_67D2WU1vD4y8B3Z;o;8#LIj7kG+5-x&K+O3 zH8!NdfWP}KlT;&Xo@HjyAn=hiLrmu_sm$A_6N5@p#^a@7n11aWHs$hT3#-@?FCB(x zj8Fn3swk#Zk7YotnXl<$P~Is{!cRoT1jX-4l}(eC$BWIS?URCyWfF|LZ0+a#fAJ;i6MTs z2Q&}r{8_BXkVcz<19BRgENIV zybHBb4)gL)Qb>;N-i`i#D{k_u!9|eNiNu5H{mf|@1K-jqn0m z_1xEkjfz@j{&L|h$U?(v-m&(p9$rsHu892_Yc2@g($tEoe`6EoQ80uiFcnrRsHFuy z`1ekO+)nk8FdibDWB0x45%^w@{$!WtkT?5q2BTnh$-mH!+%}X~bkijH$PS0M#oC{z z==v~Ms~TwhA(`apZZqTa^2DIJDLIAx$V$KB_v~)yQX5);1Eyok`VkvmFiBqhFRpy% zQ+4Z)?GGtpYFvk_8>Ug;x0HbJex+umjl!_4SRf0HzQDKBpa9(RJ*FuoYoE3(inCc# z+%Knz9vYVG|FBj$8gf7a-ZB?oA0gaoJD9=T1sXeV`z^%Z8i9Q9pKNqgU9p`Ja$QY+ z2kj`#6k|MRtzno5!Xe0|Y8Wd}EsBX|!aA1; zo+O^W9QW8a#8Il?W+-QS8wfADdFkCioB-boKcPGHGDjrlkY(!|=G#L47oLntB&ad8 zdJfh%-H!`F)_%Rya`|T9Acr2w}sk15+(1H z=E^P#LrFjL-*YYN|3Fhy>)7EA|UOxZ=LwLZUJ;8NyHp6N@5M+40)g1xpq)1b#0CaR41Yb znbX*_ismgYzu4FFOfY%r63M%p>N!iTh`6uuiW@4^gZJk#F1v$8X!JDx;5x(B1aw^B ziv!@%#~}@6r?BJH8Am7P9M|}3rsl54YzxNO@cn5>3Ln`d!;SwRHE21Tk^1x~Pgs*EnrW>_iT99xEcEPiiYM8oqJ9GBrt| zbUs@Lx-}L7tKmRYcontainer1192.168.1.2/24container2192.168.1.3/24pub_net (eth0)DockerHostdockernetworkcreate -dipvlan \--subnet=192.168.1.0/24 \--gateway=192.168.1.1 \-oparent=eth0pub_neteth0192.168.1.0/24NetworkRouter192.168.1.1/24 \ No newline at end of file diff --git a/experimental/images/macvlan-bridge-ipvlan-l2.gliffy b/experimental/images/macvlan-bridge-ipvlan-l2.gliffy deleted file mode 100644 index eceec778b784..000000000000 --- a/experimental/images/macvlan-bridge-ipvlan-l2.gliffy +++ /dev/null @@ -1 +0,0 @@ -{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":541,"height":352,"nodeIndex":290,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":{"uid":"com.gliffy.theme.beach_day","name":"Beach Day","shape":{"primary":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#AEE4F4","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#004257"}},"secondary":{"strokeWidth":2,"strokeColor":"#CDB25E","fillColor":"#EACF81","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#332D1A"}},"tertiary":{"strokeWidth":2,"strokeColor":"#FFBE00","fillColor":"#FFF1CB","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#000000"}},"highlight":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#00A4DA","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#ffffff"}}},"line":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"none","arrowType":2,"interpolationType":"quadratic","cornerRadius":0,"text":{"color":"#002248"}},"text":{"color":"#002248"},"stage":{"color":"#FFFFFF"}},"viewportType":"default","fitBB":{"min":{"x":2,"y":6.5},"max":{"x":541,"y":334.5}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":2.0,"y":6.5,"rotation":0.0,"id":288,"width":541.0,"height":22.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Macvlan Bridge Mode & Ipvlan L2 Mode

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.0,"y":177.0,"rotation":0.0,"id":234,"width":252.0,"height":129.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#434343","fillColor":"#c5e4fc","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.93,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":16.0,"y":240.0,"rotation":0.0,"id":225,"width":111.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.73,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.2199999999999993,"y":0.0,"rotation":0.0,"id":235,"width":106.56,"height":45.0,"uid":null,"order":"auto","lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Container #1

eth0

172.16.1.10/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":138.0,"y":240.0,"rotation":0.0,"id":237,"width":111.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":4,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.73,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.2199999999999993,"y":0.0,"rotation":0.0,"id":238,"width":106.56,"height":44.0,"uid":null,"order":6,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Container #2

eth0 172.16.1.11/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":40.0,"y":-26.067047119140625,"rotation":0.0,"id":258,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":7,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":237,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":241,"py":1.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[153.5,266.0670471191406],[117.36753236814712,224.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":50.0,"y":-16.067047119140625,"rotation":0.0,"id":259,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":8,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":225,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":241,"py":0.9999999999999996,"px":0.29289321881345254}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[21.5,256.0670471191406],[62.632467631852876,214.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":60.0,"y":-6.067047119140625,"rotation":0.0,"id":260,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":9,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":241,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":246,"py":0.5,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[75.0,180.06704711914062],[215.32345076546227,90.06897143333742]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":3.0,"y":184.5,"rotation":0.0,"id":261,"width":79.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Docker

Host #1

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":283.0,"y":177.0,"rotation":0.0,"id":276,"width":252.0,"height":129.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":11,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#434343","fillColor":"#c5e4fc","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.93,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":291.0,"y":240.0,"rotation":0.0,"id":274,"width":111.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.73,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.2199999999999993,"y":0.0,"rotation":0.0,"id":275,"width":106.56,"height":45.0,"uid":null,"order":14,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Container #3

eth0

172.16.1.12/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":413.0,"y":240.0,"rotation":0.0,"id":272,"width":111.0,"height":57.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.73,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.2199999999999993,"y":0.0,"rotation":0.0,"id":273,"width":106.56,"height":44.0,"uid":null,"order":17,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Container #4

eth0 172.16.1.13/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":315.0,"y":-26.067047119140625,"rotation":0.0,"id":269,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":18,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":272,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":270,"py":1.0,"px":0.7071067811865476}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[153.5,266.0670471191406],[117.36753236814712,224.06704711914062]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":325.0,"y":-16.067047119140625,"rotation":0.0,"id":268,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":19,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":274,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":270,"py":0.9999999999999996,"px":0.29289321881345254}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[21.5,256.0670471191406],[62.632467631852876,214.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":278.0,"y":184.5,"rotation":0.0,"id":267,"width":79.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Docker

Host #2

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":70.0,"y":3.932952880859375,"rotation":0.0,"id":278,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":21,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":270,"py":0.5,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":246,"py":0.5,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[340.0,170.06704711914062],[205.32345076546227,80.06897143333742]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":167.32131882292583,"y":39.0019243141968,"rotation":0.0,"id":246,"width":216.0042638850729,"height":90.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":22,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#434343","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":356.0,"y":150.0,"rotation":0.0,"id":270,"width":108.0,"height":48.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#cccccc","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":1.8620689655172418,"y":0.0,"rotation":0.0,"id":271,"width":104.27586206896557,"height":42.0,"uid":null,"order":25,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

(Host) eth0

172.16.1.253/24

(IP Optional)

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":81.0,"y":150.0,"rotation":0.0,"id":241,"width":108.0,"height":48.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":26,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#cccccc","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":1.8620689655172415,"y":0.0,"rotation":0.0,"id":242,"width":104.27586206896555,"height":42.0,"uid":null,"order":28,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

(Host) eth0

172.16.1.254/24

(IP Optional)

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":224.0,"y":64.19999694824219,"rotation":0.0,"id":262,"width":120.00000000000001,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":29,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Network Gateway

172.16.1.1/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":307.5,"rotation":0.0,"id":282,"width":541.0,"height":36.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Containers Attached Directly to Parent Interface. No Bridge Used (Docker0)

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":32}],"shapeStyles":{},"lineStyles":{"global":{"fill":"none","stroke":"#000000","strokeWidth":1,"orthoMode":2}},"textStyles":{"global":{"italic":true,"face":"Arial","size":"20px","color":"#000000","bold":false}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images","com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1458124258706,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}} \ No newline at end of file diff --git a/experimental/images/macvlan-bridge-ipvlan-l2.png b/experimental/images/macvlan-bridge-ipvlan-l2.png deleted file mode 100644 index 13aa4f212d9db346f307dfbe111fd657406bb943..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 14527 zcmZ8|1yEek(&pf9gS!px9wfL7?(XjHfe_r?o!}4%?(Xgc5AMNT154iS`)haSR-Kye z`MUe-K7G$Qb?Z)ql7bWpA^{=*06>uji>m+tkZb?|gb6&FFcuiA2}u9| zCuqei$M4-5nwr`%i3Np4vgR^5xmi?p#UH=*mV3XyA4*G0x3#x92gWff1cLwoYwwVe zXz=#-mVViE$?s==*J21!?}^c7DO)2a0KlX5gh}1OzpT$YG814}Y}0%tmN+Aryb)z3 zsT@@gAoG`$lpO2IFpREFRt13lD?iI9=-GG+2moqFC%hy9I;nj{27uocPT1D10075u zO@yRFl7errMnFEDh#5#PPuh?-x?z&dII=d^&poRym>Ga5A8o_}h!g_|nSE(VHt%mQ zPqw6czuO|90az5wa0^O8kUNShYVM8{SpWbzzUn>s&g!NPQdUl24Wmw9x|Dc7tCD5i z`~h`8htZ7%KLEg;77+f;xPQ6_tOjVPO#d7)KeD-x!mCj40sbB># zBGK_J+`o&7iG6fe=KSsDW0j8+4tQ zhH*-^spHNug`oyE=L)?pv{pax=*n0-F0Ov#MtGq;M)d`C_0|)mHCU--2WMp&h)U&P zcQv?6T)kMcBJ6c$fMY%x)hr|An5WbgL#Op*Pvno^B*6%cGQulpIp?=Ppr)&ez$$6D z*}MDmX)#sm4Bby&%JvaxP;wzHM8DFF^FHjHwaXuDtd)8S?sxf2d3U>RT&%lJ$$CKm zXh*C8HSbv=U%Mg`XBgyBD%Rl}U!)etqPnI`2p{fA6T+dIgA+kT$S=YKz6gfU{%qvb z7e`jpjWyGn%7K-x9`5=yt$bko+n7@#7IU)OAp}+uF5#D0@BlvI_$(!08p3V=l>$Z3 zlwFz4CPzXyYS1KhRVa3_pd_SxNF|)OT`e>lX_!!Pr15$;eD}>yYE?otTcpveS87|& ztkT$vjWL34w}3#Tgw7O^gpwUU2|(|iPy<+_ncLzhsmGAV&thM_)Q|PylCK^T0QjcK zo)J4y05vSxJZF_EhzlM^A^oT4R?8Dmr zwcQDogw_q@WZCF0mOTbPNpjBRXO@O@nrbl2Vm8jTFDVV77`yjlsDjtincO zM(x$`)?EVqN$)d!m{}ZTC)2AeEw+vI>c6fF??;Ax1Z*Js`7TrxV1fJvHlbX1Hp{=wWxaUkp%r;hrW+LO`2E=(bg%#N+RzoYBK2xv zWVjjX{L3{G28PiMMhX<0`Xnn1r`@t})K`Pv)@qv4v=R5^9oiqikp-o-UU|L*Ja?lK z^~t|nwjE>6J~DcyXdjyY;MzpznqdRM$Q^AYD;i&eSwO;!ow^Zq%U0@9iokAYuN1=0 zgjyk@V*PUkjr8X{l@-*_=Ov5&jCwY{A}H~ahq|QDLtcg)p;~3h3no~JY%&`*vC&7^ z>eEyEgAHMBKM!|f zS^386lj~YFezTObA2o}(5mchyM-Ly|toT6%F z7)_9n2@5gyTM>li#2#N+?(o9x8uvAM9D;G%>ym)K>fPrXn@mRJ#**k+lXkp*hum|c zq-1Zrm(C;xkw(JwzZP&ka;|2lw+qcoTme=rp;XgC*aTN#3s+cEC11-J3o1v9za4Xx~HF`t_^?MsU8C-VhCW<=qT-s%dTMDFKtR?Shvc)nrj6n%d3#Y_z&7J zrn*Ns22|<_(Wc?fCoX+yTbklb3JVSk{~bMgl-KmFC;*#;@%qQDYeOJCLe=MOv&Hw+ zO<(DH8U2Dk^4Basq;cIAD+E;=;f42~rYU3FLb!|ErqsXR$WU_m&VGuc)+^xQrq)=I)A(> z3eq>1S5EZYnb3qc&FEHe!-=MDnrX#aNvg?bf)@Gl85B?bP<6YHD_N=&cfdll0*f672)(R19dd$J@@N{w_z&pMbh5kL5@`Ex& zq&SW}KA<5D|7<)1kw7ZCF3_b&b?Vo#7D!g(=aw2`run#=*WBbN>sO)(Bc-=a0u}hBb$_t3wwW`DS%BKn1z*%{>8}Z zL^-J*dwD-znMzHcwswYp;Xpdcs)spLD?%v%r%!Wm!3~J%y9`ry3lbe=yhWi&noL(O{~pRZ zhF-BaAUy|z^c;yWqTyz(=2#Mc0q>nyb_n^oYH%fyF}#B$-F>b^teXvT)0d6kkIl7z zQ=IXU)dXF)oEt1lrWK3f;E~veRry0233TD7pUIQMkKk268myK!minxp;_1w?wPwNBgq62c=52H1bC>GzD#Q>{GypZ?aN*$R=IJf2|D>8XPCX4HG|$i585Vy$kj zUPg%fSbO5#DUq8|zNayBaW7VF15SxZv&K*w+A#k{w8(fy)U>_#_1o@Auj^W&Une}; z!^!7CPCY#K0Ror^@yBz@1Feq3mD}7}P^iKOFdu5vpq6F2Z#Bit=d8$Z`euV38G8rO zB&WfNKOFBuhr`6eZ{NF{ZqA;<;Qf)La@{W*9qQfT7^7`OhJW}>P`~cZ z@Aq?>q)ssj-FYN)y!}~!-kvXw;uyXs3MKs5u$hG1m-zLw?*(o`Qm(S*-J+QMkN4Jg z6;Hd1JBg|2SF7D)zDmEt{alPVl1Q!U=7!5sAuK9pu3&{O8%QegU0`;e=}Zw*tcuQK zl*FhPZvLrri8@W>1H{>pXNY6T@o_2e=8Q~!I2tu175a>nKu5raW~Tk-FR|1mS`}&asn<@r2JsIP(WHGM-CCu+3#EB7cL+5tY`ZAC|;K@PjgQ^CrJS zoSZig&6L68RPw{CZ-?UHBgAtxF`Dskz;p21CwWf^(x7qD@U#L(@t4Nxgj>hvbDw9k zt3Q+;dfN^3`G1g+vFLwE2QT@C-=ed<i+abt)eg^w7Ps@X*{}DCI9dEmxnBdP?5w=jgEL$wSKvEO?o+=B zAu-?zTrBEeJhd2}5X_u+Z^)DiK6uoSR3ioj=sln8YafL*F2>HC{uYyJ79u`EIP<&e z6`zxVV?9zZ_D562P*iO}qr8B)=!DgeJn`m3Mvj%H!uzVap&K>BWMMSDnb5@_=F9ig zXe8{!h78pn3x>z|{vI#MP{epUyBej~V@|07?X~qOiZGKRjrdTPIE=(W@XENha4pF4 z;5*zkK$WHn@-RQ|+-rFI2QL4H9+Yc!J%Z6{l-`Lz!__pVRA15BgkdZe+(Vbr^E)of zX0dK&SY)66l>%;Q$HT#tZ<{Bhb-`WMe7z+ziQeg_WX|EWqwZuk-F6Ip^JEv~#OK$n z&Of6syLejdEuP3#uXY$)Q@OQMCH&*2te)CT)M0!+LukO&^`p@=1stEB_#-plM$TQg zcY1eJTr<{l?u{B)rf8(+UpF2ee5yT3R+n#*g6dD!6;9um24)Q?LJ8Fn(6FBcZ}jow zhEs)_aHuQS@2l*sGA}zWHt!U0lEesoHXiTw+Sf8X6>tuHBJr}iexg64;e+~ag-l91 zY|rjCS*AZ@vBB+dsp^VPWSn$cc}9_%Jz%l<`5EOwNkTB`eE^SyJj{+e9{&6uDnZ~A z%D9hp#9&k1*!F1tdf`3>as2E$d3<3Yn<$uFObQLoyccw((!rC9 zYeaSDtk!>Zm_wn!lsf#f$`*oV?BsMVi}*D-9)_AODWr@>A&1j1%`d`A( zs0rEAdW(%IiXg0?EGB5N*?tcR*z;&JvOLELo7%Tf}W@Ybq7Kz%Rq z6nkUtzzR)UX1h`NaO7jeGrov$#v-IAnB0bRQIUX2`0{Gwog!&=c7_y;QuU!-7!Ma+P9i0)hk)ZK+qvNG=QPW?#5)*a1&e&L2}m$S6=*ltishAM!VI?EpdD zywb>>t45Z2STvPvvBq^@y>_qPLM>lG$1Q)z=~BH$?j={S3{dmK_k9>;)L%{{TUDPa zE45wz^Ur#>q$P>ggIiADPbU12Kd8c;L%!=RG6bg{4s+Kn^8Q?HEtswg1) zcd|>y>)-E_XP#=c8J%U6Mz3hgppg$K7FNBVL*7C3ZLPGG(L78oB3e=SoW~I)9C!J} z=->~^wYhKN1m7HTUJPfDs5-T|sAGBiV0lU==$dyfsppC(Yt4*mlB{^~$I2bqo?c2h z7Uy^>Ozjw)MUGvGG3>2KX)$l~kH`2CgG>>@pDPPgK_P+&UkAC=s8#6Mer(h0wH!Cr zXIs=*Xl|3i;LCGp)sL?*BhihRWcFsRo2k?jVq|mAS;N|TNUNI_&B=Ymnn&JH;jx-z z4rVsW6wwp8XtM~jh7F0H(XJ<4;N+m^U@ZC-cy04xxXx)x7%#ZTVPZMykUT$O^K1=U z`!h2KO}~dT=oL{PR?OA|zsK65?L!@!%(97#Pg)mX9?Ut9yhG&INaWTnLpqPl9JHc6 zi8_z$=O(}O=?J0(|Mf@*mvz!;a%!6_D>=UuUk}!`TVO^1AI3zVf64vdmz|x=oRnXu z9;%rlRn+Q1u=vrEN-3PU+yUK*(JI03^_FnCF=oz0J%ih_OeWAje;9v(zR1jM``$Ba z^JzWMh09%K_V*oG%mQuOdeLX#u-sW9^`r#mcpU;!xQ^1&e4cJZeLghq{aecTN%ZM2 zul|C=+zHK{r@seq7ySZB(zH!28AGO2ovnCCOz;LYBwS~;V8c;x%i0CI* zAIx_N?q-;{IEV-{?MRVi?C?G}Uk?*mh=?@tE?;65a`46D4_8Doa~rRC+Q_+WYG^dy2hDRGv7A*swCIzA1X;dlV0jQk+;#o~)8RkzCo)X2~5 zT9#uaH)daTwGqG_phR;`H%P-NoLRzGtf)bX(n^vzjgcOfm*bN1?o58bbj^z3>%oj4>6w27DAOwo z02PHPSmM5cwh+L3+s1800uZBzH=G>8aRz8_t)s>*Ql841o0)|z?FY^lIyX1f54?!) zSEJ0x?T$+%xe*ljKw>O&8jKsxwqyu`Q8O0@4_=9d+u5X@mOQk)pPc$!aUA`8mYX!) zfOz=0Pe7i``NPIA%L4GKntifOVp6#Ga{b?`&a?aP(PQ{VC=Jft50aYd65m)4CqNYH zFQO5WL}#Y!$2Y6}9Lk`W&49O5W}b+2IEJH(ORn}*XNA?3otDk+EOL&+T*7HBP8kTw z-pKN+-If1XXoE%!lgRl$@Ka4JIr5DokH0Qv$K4*JXSsNCYj>0v*|}_$nkG!{?Wc~{ zK3FA!{bjjS>H%h}{LbUu45)Q~FcN0!6nHgm4Iw#L(FB;$W#-{%?d5cv=Rz6?8jU=fJ2Qjy8M>%cca~=!gFPIR3H1L z_^kb54*k6U;_t?~&xMb3BF{Vy^(UC_Hu+A07ek~*CfaMEeSsqsf%?c{zi*}SM#iYX zuZ>ZStoiJKIJUXr!fGdZyCwhHAaTQ>)Xb!gZ(iZ`7WiuO%OV98e>)4(I^w*-HBT4t znmyx>Mp>FLg03DLCGD4RQf*>-#a6}N@5wOq93=F7qkT2#B7kI>yt>8# zB!@iOF+roqrTO2_M4HX;ay4qd>c+!+N;+#$9|8QI2dF6)F2~T*Q>qQ+6G+Wi5e$0g~XyMHq)YIIKnBwI!+uG~KC!al$ zks=8q28*I7c?28|K?bGtEl0&8EPigeE~7#&S`nNQ0NI>1hYu(TEN7K*g-vpg-lS>I z8Fzw^YL5vOjr0mMOtY8Oeh<%kvWP778^aj(!bsne5r&3^r~X~@7Z?1NVTvI}_q`rP zJs9~!`s?6@pNL_A6Wl%O@06BA6o=rbO~b%EjxmP}hCoqqR-|_ zr>cCM`X2a5baf8vb8~Gz+QCN>E2);k_?SB;s~qb@$rpC%z$rxBnRK(1_y9n#A zCz*VzEuc_Pbo|-eFjz5ZOh{_9V2=KMCPCnapii}m8g-Y^jJ7x}GxVx=?3b1o4E3I< znrH>vhCjpkE(~-a-Iu}K>D8Je3s{jxJwyDN{0Y%Sbtz;XB+MXesZtt|rJAd~C*6Ho z-NxKAMv0X0hy%-#Q}2DgA#u>N7wQZJ(s6j9-wDL+6ONCSH(B4sSRaB$I~?x1wts~) zkGDi;{s#ee3-nW3LK_f-LvX8}d*pL?6#8Gvu5-Z>gI*$sWRITZq+c%QL?tw5aP0X0 z!&BqKR}Q|Obd1fdhZ;duMAoFsV#^N!ekgs-vcabBzi##5iK zL}9GCcTG!`Slc4pn{RVmw`r_p@kTEcU}j&x@??KYs$Je!sot|G#jD!Qfbg0S?KA#k z$9Go1HR*HKnb_xU6BQ|!jRH2zv!;kcbtwYw$ ze$+TSB-*0A3vR_+zu4=qkTM6`5Cgc?Vu4jsKI-$#d0fxCO^MXy@cG1fxjuF4>m z6!S<({3=7jvd@pfmrfbgf@r*_Vwqke#ardA%Vy0VjD~J6DDnd{S1ULdnZ$*wLO+JZ>1-Ix#p1Jr2he#-T!q!N3^$ zUJe2fRJsZJR%AeN9$%uSZZbx`7^72XtZY(SWFi%XQyIEIKN%Qsx)xwbs7wUsL^Q1v zpi=nbP&y8NOudX>ROIJ!0ah(!D0s!ZSeMMS$qlLOCx=LL06gZbb0uRF1WW25G(}^> zp5Y2t`;BSP(%bntPe-X95^n^4`m!1}hsigEO&hgmK6 z&`Ro8_ubx4-3;UYhrLOaB`QTAP{ay-2@C1p*-g?;RoR#ByCwE8gs|GS7V_$ODB`DL z+|;!3FLDB2iIJC!Qjoy5fu2D>A&ko&wOPyem{;z}XHV_JB=i>-zEv)FJRZ-R-56uW z545gHmb)K_2oktDAcsALslbZZr-(B!J9t@+PBoSO@>7S13s?L&iWaLF*x!h7q_;4f zJIbR{d$}b|Lc$xpp5+b?w!*wwz0_dZhAt!v+sW`?JeV4MkczII8dJQwj`eE3>2p4O zpn{rLFnDQ6x3#Qj)$+Oo&EqZwOw?2A(0@ zcAhkIXw+!OGU$IZk1gW1{6=SmEzf|TPGB;b|D zF41;e6fMG{rgD#DzG@F!8KK=N(bAOvGdX;FN>2>FH9!az41IQb-um`tM077kN8F(Z zL^MAVhzx$C2D*U`d}xuVE@^?!1A9MKLNRuHM?q`s2*5%xx&SAilY5#F$Nv_@`IKmp zG(aC_f^4l8ULVp&BB3LNU|LKlzHLn*2a-J+0vd2Mg~+ASk#PR$K4I&OHx`1oN#faz z`*$VoB;y;}k0$bu9nuB~mcwGn1P*+M6cfLGr=ea+f=B+E4^1K=nuXV%Mr;cl_Wbiv z&d6YDw(po{zw6X55sMY#@iKd6lEf!Wn`;7kab*PJD0*o^4d8t3s+9=Hum8DTX3AhA z_06{v%|{N9N{FW#${m&MQoIVOvkV(51eXC#0~LM=5@7u^C6|fz2Jj`kAb(dX_#i27 zGEv_#;O3JaQdc>gh$j(vn7?HF`{f&^J)W!y7D6suwU{C8hfj3S(C<4pMw~-}gYQZ^ zURcu65fH=!M|V~;sq2(F2!jgGl?^q5$N z7RC!Nm?U>bV1RRqKu&_$8-rrXrZm|_MKv;~G$XEkc4xNA^ttN|8m?xZu!mjyVxc!} zeEZo2C;h>CP4_3hH>32dNgKl`5N)ha8C6OTv|X=mWKjUgajgaXYZ3~Q6Y2@f^Wgd? zo|&AZAJdrhG?%A-m_@j-8L$d?81^xCLAXzhm`b}v9Ruf)+QT|IyzF_=5?y z=N&=@r0yCij?ilEV0y>W(28Vxp_K_!2fGHC84)1GYU7z*pkc+#Wbs({D6E*B^RMaB zexKss0$w^QwC2&O)%_t`WD3vA^Z(eIPFu(1Q6;bEh-g1RPhxnF(2%5k#Q-qljI=o>a_qYk z<+tmM$tR|f`10+gfIs{}jaq$k*|Il21CKzP=t4;Ug1OtfC`aWe2brsB_3TbweLorr ztC)1^ju>mN!AVKCR33|V`0*$Cf#=e&n1;ik&?eY{Iib4IR*48kTaZU(rD;c4C5ZZZ zTZacIC&w&1!I3h+DER3s?c8J>|1zm)LEsn<9N=p+l9EWL{x$GL2vjN&Jtmfpg^_WC zznrtLo9+vK9RiSWAjF}fAOzhsdyo&*1-zlqvjD$l2mL_54}2p43AD%9T0<@W) z#UGCezvUT+2p;$x+Au|{RMutiUZ^LR*TQ|M2YOo;G1)^t(#LWOG0^E#41e8Q+dG>KHf{j z(&ex6wRRV1VDqAchNU>gyAzRq;Ye{F)Gx+?^uT9PZ~EyKpFABJVY?1~m7Y`FONk%Z zl~znQs~}Jk5XpLW=Abgc3Ayk`w#meW`fdtUx|CiqyMjK|F{!8{MlrSG0paNqRKi`_CEB$gv3l})i{pa#+EtuMxyrJoV?qH2gx z#Fd_6mkmxV8s*S_MZZD@s%PIo3qaXatLN-fb_CzRW_PQ}Bfs}J!A$m2zZhxTn)->L zsHp1|;{Iv~hBL$T_+mfdw%Pmi$=!fhu_{5$@dp_LS=MV9vSib zdk0r2#aFq9@9e|%yU2B;v;OK{vtfc6D(Q!X*&}JkT=|)Jx5g^YUpA<_0!==F_YvSC zhZ%NyH3ZW}@8L-_3ecQ+0ChqO>wO{tMrX}@Oc_WrLO{O~2hb@^f>c~K-oqS}7Uk$U z#EWGQ0p)gVzS0KVCqjoLM3#cwVLwe_&*K)I;XSmQjIjz3wE*OOr~?$4bIkI>JZk$b z6je`e(bCX7P|~cg2yDo@F8}K%dYBogh?({;m>I$d&Q?;i>DP!Ubtu}faaLPUh{@lo zO~FNJiQi&XH7p@CJ1F{6jB|fsew*aSCe+XbNO1tqd6+?Hd3f?cS<%`nO>aNJawh-x z6`ORk;Roh>l!i&FrC&=GDPUpi7&OdcwROM+!wFRzu`8Ibv4d}^hZxA;2rt>O640n% zlAQm8q+_d$nbvu=Hj4SWs)51*^Itv9hhE6`%CcgQ>a3(q|G$oD*g9eqNpmV|yLAv2 z*)E1Ec4w>YbYUZM2QIkwIRDLS$}*9b$_IQoNjK6{Bo&DWQ>0Ab)aUQY7r{{mM1LH$Oj%c$f3R z|39dgc~fFAC-6?OORoi4qN*Vxgc4=h zH5DTuM7ktaxzc)R>$M8qXJV?G1a+ zB0sjDRYae&;f{b-tR)B$3{U+^S`a#x424s2LzRp>Y+x*nj3w*qM=mb>`u}X+kJLyx z)QW~mNo)*JUdX@{$MIRqy0^FYUwdh6^eq1jx)NmbM&~ayj>5J79RX;+p5!qn4bQ6y z#r#Ju`&w_MKdygy`?s2L;XOu?mmp50&ezvidk6PGkk_7=KhAoF*CD6tJtsIb_IFm=?WH7%Ma=0B*ym!dx2?0>78N{O28Bpwzl(6Glg@L?$@6e1h{vf2(&> zfLS^tEIwlVOG7tY<8a%n{Z3KZF>@TXv7NlIMbljec{@?&Bo-$^DNWqOxjhpUS^H@@ z4~%>te!18=rad+@AYT96it|I^Ex+efi{^ZPFS7B~RG6aW)Ji7rr?f&oG=fO{n3qPZ zJv3x%eRMgpR*zLYI&>SK<=mr69(iSvYK8s$FUc& z6hi1M83a5IC^#T^TAP^6h=5HP4u0wx%(?|A6cNP(kA&fQ=a>_bZ&ju#hYMJ2MZ+Ta z=kQrrME4>eT(IOvyw(;>pJN)zo|}mYD5da8dZsG9 zhsxe`z)PX3Dk)wERe&Df1#Dvq>_(Qe9on_(!M%gOwL&UXyt$D<_+0*s zR0pSzf!inHI`x6m`Um5rWqYpFJ`m-s2()EC7#vw-NwO%%S zqfilAIDIR9t^nG%P|jIDc5=#|-76N`S`|er9~;XV5WDkWLq#b@8BEg1x9W!Sqs_5K zX=`iM*e0y_ic(O_&Eee(Dm;qKW)Q?Qixu)48y9AIwbq4^a70RI@f5HpOXRsEZzH~q zP4Qmj`1q(;u?U!6@IUY$zMOj>=02=i{E(8H&GJKWGG?H5adxAHJ(QUrgcta-;lTtM zRR~k6@>)#hIl~zkk}LO8-6Qg_uG^zszJi&r%8?N$HjaCN5lo3!SHyfQ70=+b# zOxL=>nj&y8X|N(~L?;`##Rn^iN-ptZJQS?c!>8lTGs_+X=dT^5P?n}n+2L#a zUs*jURphV4i|TREJ~Ms1k++gtIk9ajG5$^+t|HIsv>u^5gLUT|p9R>y*ryP_WYu`q zsp}F9+Tpr3HKN1g!RJMZ@nudS7n?38t-ZXAV)`Ri>Pt(nY$Y(+1mgc;$+fvjetR+W zMP_IqI=4Lavlg&LAiN2pvudu*{US2{=Bi6HmI46##PG(ApBA{FhNvPuzzr+Ye(5Bp z_L0@k`;Yg{el>`=KIhtMLE;{o1~K56jI1OovZXti9jb(_;x^TuT@~5;G*9l$MryM11#KG35vk zS8d*DH9pjk%@Q=rEmkhnIX!58nvVm>iBqK#W-5xaN}dn!AJJiCf~9axN;nYqhG=gP zc%}Fgm!~%_zRmj|_PVORyi;Ff7R6!haSbw9Q^TIq73@~(Y=O+?2yufyU?8Il$*X^P z%{^)ywABSH4}GUzm5wTcegzBYo^7LUWglP(O6Mz=DG+FkrqjN6t>xZ*H8HJ;Mbd>l z_-q&4!O&wW=v&8d0^`{Q{SDM<+^xkd{x~@yDC{3F@6tvTq#VWJ2$%LmG6ylERpe^D zxisET>(V3OLq)Qq!iv{wX`|bOLs~iEWOo8xGIWz#$AwT~IUmWw z)peI#IXY*+DdppYxvBrhG!re;d5F?{J^%nW60d_0Bh^mdN)&F7JSW31pqcCsH&8!& zhOZ=6#S6o7;VsAF(zRMX(268A_qxfBd|kM;ZXd1^_X{!Y%^Ms>Ih(>S=7in-eAb@# z^ELrCZ{4$hnY!yL34+;iqoXxkT4DUy1vzvxg?Phb`KE$j_QKC`c#~; zKCpMB@o`1e%Vvw^sZTg56izHBnX~4j{|6UAmAOm|U7#y=nIW@Legy1i7_SJatl08a zk$?1K_l5n*Hy%$Gl81IhM}+Drny|$ilDH)itON+p4vlUR_poRp$>~_kyk@FjDPF@j zICF)Ej7P?xD~sn>@;4fB6bq(qKpxFmLu)QHDAIrE2xXqYr8C=Y(n6K|jhZdlEK$8D zOuxtb+)##;ij4SwWJvpQF5c#X6X^EvXwn1#}Ki0-R-0D zC;$_4aqjQqjG$>p&mOzWK`xa1m|+sJSf4K|<(f3PWta)P%=9SbQwF;u2rq7 zAbx+Q{KKP}X*IO99wIEIE0cnMwgpk`cCS)A#t&-5n9^mOSK{^5kEPU+pwUorG+n8i zEDr*KIbiMJ*C4d5hy53%nNhC^W#}H)y#ZVR)M9ai2J8JDlfO1)6Pwa%Na=l>jPR~D zWN{*vLsbbD4dTsfEGmV3M#B#Le1IOYXL(x2!24ah0wi4l$dMH)e}51&`xQ%(_tfh& z=hfPOrYt*i3XBZ6$8E7dd2HSIomjl@)@s~qgc~P_p1m6jVG|?bj=5*%X#IL67V*O9 zVZsCxlu+AjnRg8nO%no#Y7K9lPK%Xmaq_I2LwBS-nZ{XNYIb$~7-}Zi$F3v0Xk&Za z8?p}5XBw;Fe@wwB7%CY=6C~Kzv%|p9#5S{9OQ9irqHWy`h{?pnMC{x_6Dn8lKCU)o z2^89UU)i2LnMV3tE_qNa)4O&Gf1c}K`=M)9HK?SCq!?=iR%cUcsuf2ijz`^(uDkDNi?s-lBIv@iG01iz zm7=VyiKc`~djzZ<)D!kSKu&JVd23;0IaEf88fYH$&<6rML5|+!-z4p>1w&UPVQ;|k zs@J0zQ=a9#Mg7q;>{{txEtygSrzContainer #1eth0172.16.1.10/24Container #2eth0172.16.1.11/24DockerHost #1Container #3eth0172.16.1.12/24Container #4eth0172.16.1.13/24DockerHost #2(Host)eth0172.16.1.253/24(IPOptional)(Host)eth0172.16.1.254/24(IPOptional)NetworkGateway172.16.1.1/24ContainersAttachedDirectlytoParentInterface.NoBridgeUsed (Docker0)MacvlanBridgeMode &IpvlanL2Mode \ No newline at end of file diff --git a/experimental/images/multi_tenant_8021q_vlans.gliffy b/experimental/images/multi_tenant_8021q_vlans.gliffy deleted file mode 100644 index 40eed17270d0..000000000000 --- a/experimental/images/multi_tenant_8021q_vlans.gliffy +++ /dev/null @@ -1 +0,0 @@ -{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":389,"height":213,"nodeIndex":276,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":5,"y":6.6999969482421875},"max":{"x":389,"y":212.14285409109937}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":64.0,"y":36.0,"rotation":0.0,"id":216,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":5.0,"strokeColor":"#e69138","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-12.0,33.0],[84.0,33.0],[84.0,86.0],[120.0,86.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":190.0,"y":32.0,"rotation":0.0,"id":254,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":11,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":5.0,"strokeColor":"#f1c232","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-142.0,16.0],[54.0,16.0],[54.0,115.0],[87.0,115.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":133.38636363636374,"y":108.14285409109937,"rotation":0.0,"id":226,"width":123.00000000000001,"height":104.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":15.147567221510933,"y":139.96785409109907,"rotation":0.0,"id":115,"width":107.40845070422536,"height":49.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":29,"lockAspectRatio":false,"lockShape":false,"children":[{"x":31.506478873239438,"y":2.4460032626429853,"rotation":0.0,"id":116,"width":44.395492957746484,"height":29.54388254486117,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":17,"lockAspectRatio":false,"lockShape":false,"children":[{"x":20.86588169014084,"y":2.637846655791175,"rotation":0.0,"id":117,"width":2.663729577464789,"height":24.268189233278818,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":26,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3318647887324033,-1.055138662316466],[1.3318647887324033,25.3233278955953]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.84825915492961,"y":2.637846655791175,"rotation":0.0,"id":118,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.8875219090985048,-1.0551386623167391],[-0.8875219090985048,25.323327895595412]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.103278873239435,"y":1.230995106035881,"rotation":0.0,"id":119,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2752008616871728,0.3517128874389471],[1.2752008616871728,26.73017944535047]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.5827079934747048,"rotation":0.0,"id":120,"width":44.395492957746484,"height":26.378466557911768,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.199347471451986,"rotation":0.0,"id":121,"width":107.40845070422536,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":28,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

container1 - vlan10

192.168.1.2/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":68.0,"y":82.69999694824219,"rotation":0.0,"id":140,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"


","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":71.0,"y":4.1999969482421875,"rotation":0.0,"id":187,"width":108.99999999999999,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0 - 802.1q trunk

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":282.0,"y":8.0,"rotation":0.0,"id":199,"width":73.00000000000003,"height":40.150000000000006,"uid":"com.gliffy.shape.network.network_v4.business.router","order":32,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.router","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":62.0,"y":55.0,"rotation":0.0,"id":210,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":5.0,"strokeColor":"#e06666","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-8.0,11.0],[-8.0,34.0],[26.0,34.0],[26.0,57.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":12.805718530101615,"y":11.940280333547719,"rotation":0.0,"id":134,"width":59.31028146989837,"height":83.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":35,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":64.0,"y":73.19999694824219,"rotation":0.0,"id":211,"width":60.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":36,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0.10

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":65.0,"y":52.19999694824219,"rotation":0.0,"id":212,"width":60.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0.20

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.386363636363733,"y":108.14285409109937,"rotation":0.0,"id":219,"width":123.00000000000001,"height":104.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":139.1475672215109,"y":139.96785409109907,"rotation":0.0,"id":227,"width":107.40845070422536,"height":49.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":55,"lockAspectRatio":false,"lockShape":false,"children":[{"x":31.506478873239438,"y":2.4460032626429853,"rotation":0.0,"id":228,"width":44.395492957746484,"height":29.54388254486117,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":43,"lockAspectRatio":false,"lockShape":false,"children":[{"x":20.86588169014084,"y":2.637846655791175,"rotation":0.0,"id":229,"width":2.663729577464789,"height":24.268189233278818,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":52,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":232,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":232,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3318647887323891,-1.055138662316466],[1.3318647887323891,25.3233278955953]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.84825915492961,"y":2.637846655791175,"rotation":0.0,"id":230,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":49,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.8875219090985048,-1.0551386623167391],[-0.8875219090985048,25.323327895595412]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.103278873239435,"y":1.230995106035881,"rotation":0.0,"id":231,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":46,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2752008616871728,0.3517128874389471],[1.2752008616871728,26.73017944535047]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.5827079934747048,"rotation":0.0,"id":232,"width":44.395492957746484,"height":26.378466557911768,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":41,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.199347471451986,"rotation":0.0,"id":233,"width":107.40845070422536,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":54,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

container2 - vlan20

172.16.1.2/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":259.38636363636374,"y":108.14285409109937,"rotation":0.0,"id":248,"width":123.00000000000001,"height":104.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":56,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":265.14756722151094,"y":139.96785409109907,"rotation":0.0,"id":241,"width":107.40845070422536,"height":49.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":73,"lockAspectRatio":false,"lockShape":false,"children":[{"x":31.506478873239438,"y":2.4460032626429853,"rotation":0.0,"id":242,"width":44.395492957746484,"height":29.54388254486117,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":61,"lockAspectRatio":false,"lockShape":false,"children":[{"x":20.86588169014084,"y":2.637846655791175,"rotation":0.0,"id":243,"width":2.663729577464789,"height":24.268189233278818,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":70,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":246,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":246,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3318647887323891,-1.055138662316466],[1.3318647887323891,25.3233278955953]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.84825915492961,"y":2.637846655791175,"rotation":0.0,"id":244,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":67,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.8875219090985048,-1.0551386623167391],[-0.8875219090985048,25.323327895595412]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.103278873239435,"y":1.230995106035881,"rotation":0.0,"id":245,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":64,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2752008616871728,0.3517128874389471],[1.2752008616871728,26.73017944535047]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.5827079934747048,"rotation":0.0,"id":246,"width":44.395492957746484,"height":26.378466557911768,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":59,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.199347471451986,"rotation":0.0,"id":247,"width":107.40845070422536,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":72,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

container3 - vlan30

10.1.1.2/16

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":65.0,"y":31.199996948242188,"rotation":0.0,"id":253,"width":60.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":74,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0.30

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":44.49612211422149,"y":17.874999999999943,"rotation":0.0,"id":266,"width":275.00609168449375,"height":15.70000000000006,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":75,"lockAspectRatio":false,"lockShape":false,"children":[{"x":68.50387788577851,"y":43.12500000000006,"rotation":0.0,"id":258,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-31.924999999999997],[197.00221379871527,-31.925000000000153]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":68.50387788577851,"y":38.55333333333314,"rotation":0.0,"id":262,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":70.50387788577851,"y":40.7533333333331,"rotation":0.0,"id":261,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":5,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#e06666","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":70.50387788577851,"y":42.88666666666643,"rotation":0.0,"id":260,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#e69138","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":73.50387788577851,"y":43.95333333333309,"rotation":0.0,"id":259,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#ffe599","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":248.0,"y":51.19999694824219,"rotation":0.0,"id":207,"width":143.0,"height":70.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Network Router (gateway)

vlan10 - 192.168.1.1/24

vlan20 - 172.16.1.1/24

vlan30 - 10.1.1.1/16

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":3.0,"y":88.19999694824219,"rotation":0.0,"id":272,"width":77.99999999999999,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":76,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Docker Host

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":80}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#e06666","strokeWidth":2,"orthoMode":1}},"textStyles":{"global":{"bold":true,"face":"Arial","size":"12px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1457586821719,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}} \ No newline at end of file diff --git a/experimental/images/multi_tenant_8021q_vlans.png b/experimental/images/multi_tenant_8021q_vlans.png deleted file mode 100644 index a38633cdbc23014364bfc611d650b2a17dc72ae0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 17879 zcmYhg1yEbx7cE?9f#O>wA2N=k^5TU; zo{GGTp7-KW?!7UgA^9LY@*H}Cd+%K1(B{(ASh93{t=X3Dy466wQ~@&Pj=v%}BW_Tv zbkUAB&>_O7chr-9U4T!T_5s~WI_wo`Hxeo-?Y#yLmK@UoPhtsg``T`mL=N9B!-bsW zgx|Q&gpY0y13~m9EY?WzZE_R{@hs0lpRCMaMHVgp79Xn2Ku{Ma|No98>dQ?kYv>Nv zsWm8Z-;KC6HhR6Lr!VeNd|tr%VOY^m zkwVRr&<8Req~^;ok(4~qc8%?}ztG$_^;BLz`tzB2Oc({;nbWga)0iI=_!KOa4M-C_ ztTazF`Hr*|1=0#(;FjKu?@{<00=iad-;Dj0b?Kb28_=j{!D5U#_8Zd^0xL57Wr;kV zW7Yogi>A0O_xXi?B{b%JsyPNb<9T4@0^Ua9m{`f@Ovrp&86MOYtf-^It+zxU^_2T1@9mNroUAc=~sP<&MwscFUeQ~U<|7u8-^w-37_ z?-JEMYVoHK&{lO$cTS!yzsMU2rqz<^>|956zA~~i8KsrX0scsyr~V=kQBHaJzO|cU zTzmPi`1-h;toXlFvEO)Dhttdt&?@q>Kd)2Vquk7t1{Yd_oSwgUmj1whTCDfD33ck9 z8RJU_(H9rX_0l_CkUw=EALt!#nWmXQAB_t;pO30$=Q^sZZaP`|Lj;nj;8ja2!7oV8 z60r=%w|IV$d3b~n<=QD^cSzQ7Vpm-Q+IaizNe1w?1stu&`ijkMd>wcd20ZSXmE!1I zI8Z;Z4{&eE;orfX6?=uD-Zc^jXFe|_NhE{gSt~z1m@cv{#2Ot7Dt%%N{W=MM*IAB6 zO*h~mm)cFI9OyBP>x`Y6Vxo^NBYlu5a$oT%!`QXsCSLEni?ZE5>9IAgThC|y@b=K) zup@H_BIEF_%5Ob&C2gXbHMgR~wd38|>Y>X)pg^&S(#@Qp{`5}_L)TAjPNKc3{R_Im zSTx*!+wnGYZWnBY3_>`pJ=Dj!#FUC~K^{-G#oe3eQeR|JSmIRTf|KTmOp)u~kKwNy ztr$AvQVd!r-YN-dJzN1!UqQ7M4I_mGlQj}eH&TSJxxDcg!oN~+fq?KYq*czb)8De< z@bw6WQp{wZ*NveGzgX|D9yD6qy=^=-BQVoy8O4?}f=3qpAOvaoMw*+Mnf-ufYlTmy zHG6OWpo!J2Z1iIa~O*@BFdJ2=tR+=&$w0&?W~!n&Tou+fz?XbS5x z?)E3!mMk5G5K4sx%>E`#WAZ0sl3d^Q$J@mmV$t>0g4BG4_>bM64d8oB1YJ65SI|}XnodMBgWbaKzxJQI_?a(SC6hSaSC6PjS3Sys<~Kr(di<~axaTe) za%Hw;r*#TBwCP%3Uo~;Q*)Af+HL~`&f5kcw9!*fzA8$9hki&vnbf2gx1HBGmr|LM$ z`@(Q`VlT9|BD@v0Osq%F*-}u*{5BzxKyc2M9V4oaBegp$`47kKyy)DwQ~J0LHDgA< zWb{EidaHNwHT|vMa~t-2Gd1GWO{fiz5JM=PAwnfkh0g9Ip9Y|WhQKM@UhRN&zPk@N8r}r7J%{fLmcR1XAlPz_PNfc zN|&SLZ2SxtKn_ed>cZM?j3(z@Qm?d4)VR4vJw<`8@OM1x#Ov9;B4#0E z4CVXs=_V=k1>gaGm2iPJZer)vq&w7Rk~oroQIV1gDlmHf{dclgvQ{qtxXoV)uLOSo zX z`CSXah0|4bZk|}UxVTK^cZ*IjP{%t|mFVyBDa8>G@=YnA?} zgD-#oF`fg9bI3JQN;mGX!GD)EonafCDf15VB z)D+V|i~tOxT6z3HYWbn_=c%>V)#cXDDJOGk&}$O{_XS^I7lH zZEVp1(PsD0r`Rw_kove#YX1(JL{n_7*`@jA$u>0>>W$>ND>KqKq}Ht`T13M%;lh2>dyc6VNPYTEIH1cr}Y|Ey8a zfu>QWO3t&dD+t;#Tx*{x3V3SpLH znu1t~d;FK-b@fQC*lQb(x=k21XO9pwH19Lwo9W8IV#p? z)@G&1;m!p8%7LJ(odTd%R+6>fYmz}chCuq(_Lj@nv-j4-x4~*4?9!r|4BSn}f|#r} z757FHa_Ywi5}df-E^S<|xZt8dV3W^5h}cR~{!AaF(d@Kv{RC)ZGv(ZLcp z>sU1pq%7n3Sj+l@fW>QXStG|drHMNll$Zv(q8sCI+I7Mt_aIJ2_zUE0RA#$Sksm8* zLS{KD)hPk)JS<899bTtfq+w`e_-!V{Oi_1@LNp>r$i|;qZ}Bt(@>wcUfsK!QZ^9x9 z_e;2Q>_Fo&8N^H-8 zA7?b&6>{I6&U#vRSdcO|)ETV+wGWAZjIbLuHj?RRL+P;Y)3ybw&ihi0u9rr6AKMkd zba9PkWo4O&L+UclrXF?+$x&-~LB=;Ky?qNcSMUjAX|ZzJY{J+s)~5OZUeu}bcM`9>7?7d0=Zy6~Y5~94 zHqIZ;oY`_Syah{NYlV+)xxLbXQR{atN zIkMpwHgL#z4=J50!Dc?&wXv>)7$HMBt7CZu2jv^_Kczn7(1g|>M9{YLw$Z^$q18?$l*f4Wg2Z`&Fwa|Jt$vzDtSl(R}P5tzI;DyAEYm=!kN>vXVM zxLuUebn3b{#i>s;%+;=b+%mbjhkDqg&Ov{*dEWQmfOm%?U3FWGbGg9R6i{sE`9>gklS7l4J#-RNg@sMFv zFyxqk_j_}|yMn6^V6`9&O%fuBY+4vDglCVl03$43_eIrxG5UqsL_NYGr@W}du2sAA zJIPSItk%GGA%bI~tWpaAC_?AG>x01TfDfNEe%T!jTL)_W>F}(oo@^*Zr>gIt#{R1VDuD*$^ zS|^}(ASNZ!>3VV@mM#QKDN4F}YVQpcARb++%x$%xZut*r`?qmc*7{NQu*dPp?ZHdC zGK#U56sz=K8-&)azkSK-oU`JM1VP{p1EX(}lUClsuKt+=C$BH(#vn=zgRmJ9#-%GE7dn}3|Q3kb|bt{!lG9d=icF zdhScP!jO%;3j8_&aZ$v*7%YL#;q=;{czRtFkMoHc2TCv-1?mGp})8NX4wIBz#d+Vuzl-*M#%(@81e)fgR>XUs^{(gVPM6UW*HV=EHlZO`8neF-+F z(hW;?u>OfdAFfaBd=)8hlv6)C$zs8c*(;jvPyJ+{nks%9>~hZ{=w=++HL-^rG8)8P>9tK$gml8CJrcltW;q!$snXiI{NYh0I8LFyWkilaW; z@n(xXY**z11v*RJ#^7q5{uOjWhH>_QU#F&-eDbtO;{!f6^+>2y56M>*gcftib0;aqY@-M!r#9+Q~ykQjU9PcrZfBmixm0dA| zhBYEv-$N4$8B4%5A5C%1tN>`RDQ5z++>P}43Hn@7$|t>C^=!&3$le`FvShp=u8k#7 zN{MeDNG_)7ywzuBI{@ej5#4bW-sm=1J7#Xb2>~6(o2GPgJ9sxse2D6Aj52kP@q9j* z@+i(ceOU6>SH_J~3H_eldKBhBK9+Tm{KgRYTmH-MquX>Ta8?Xf#F{aE;)lhj z5!JBC9m4*o$!R`{J7JY@D{}dsTJ`%eJTtIh&n1BGbQ*d@tGTHdjH%$z>l+@Sj*-d` zymFLDSD)iZNZ@Bf+=#r`t+hilrAJDneHKuurwiYSXq=pOt$0OS#H6qBhAhQK{u_xbl*gJZZGdYFlkn>Ys&Qn( zYVG5UZw}feXdn&wr!XSdi8}R6Tw|RQ&9Ym6-uHE*0$l}4C*OkIBu??oL7hwdL)IoSBB*R8Npahnzhc4b!tgvLS2o2 zTBl>?8SUah1Zwob3#$ik~fqlk!&e$)ydh zHnA*+)`U5eU8uTZPe!Brw&=-=HbvV(@BX#&|0+KYgLt&BlwC_xy0skCzX znZLO9skp03F}sKHN+&)nN#%<2>#Mvd_*H#E+^iZv0DQ~xx=X$91zn~-pRjz7ygbO< z@;e~+QgB-%6w|9zCs>}dzzLO@ROrm{h(z|W}+I28RQh#bHKL>C$FP( zysKRD(zYLRc|*-ixJb>w_BK*rh{@oK(-X?@sUctdRn{kr-XU2h2^J)?hId$t!WyO> zkMc9?-*Rb*8+%?u0eP$@UB)8jSZ2YU-3L|$(|n7;y!wvKFW0i--cL^O>lgj7YbrWb z42H0h71M5^Gv$0#*&=2<>CG;7au&oY_jAvE{5hMchsalPrjTvNNmS+#DMY^ataq+u z3rh$K|HZ)8_jZGcj5@$k@_U8PMk%!8B&=#ZhPQySrAbD#o`r@v!d!yVh6f+hE*Q^d zI*5Hfp8Q*dpT~zCS+a+aeg}pQuvOqft9ANcf;zSFSI{u;Kd4vJZkfm_%vo&75ekrq z8C{%Xw`uX^w@f-Jh6Ney?6W-R=wQxrwrmlkqBft+F-p4~MF(Jw0uUxr|3$#GLfkXd z^SCZBT{q~*+D1`bAPO`LvG0K0Lh;%i+&qAj9I~?fSOA5Dwo+$2xa9|i+5vB8uRlCP zI-J}J#@zBkU2d*+PdctPS7)>Do0@R0rM`#1f@+2vJud)l$+T@PD*v9}e{SPgYKcW- zdM;)b+%>wc?Cyk|eY!m0Gu}DPsXxA(d$QOq;oitTot7=Gi^IO=6@UhT@?39)uPx-1J`Os4e9@z2rmQrg zpVTmE^QR4wVm04w=`l`?oI})yow?Z+nMs(KTZDBIVxrWM(TB-70AfEliWk0edWuNq z_uDOmr36-nH!}F9_7QLpa)<@`J!fhipPE#LgRRNjnI@;9douW>DUQ!fr5uM@a(H4G zK2~B?@qIt5Skh2=qiPEWWOmA@M9yMzDaXgasOsE%6N50@Iz>@nbiA%E{RMOnWo)$e z5~j|PX&ZuHp`C1p5(1^&=o=e`OTUHQB1m@wMWfeb9}O`1bzVGtEy32|Cgd=#b&f{Oy+ z6*O<2DB!v2`F=S2`Res_Pl3Zi|3a=|UUfKXeVj(wImSB)Iui?yL*B?2;5va-VS|iq z939WEAZONQ1po}Iz<7-Jdp0f$4-8xRD7?_AwqIY5<>L@CGj4tkx~4$NWc)%sPt&N~qvk=b27kYF#3R=f3R6 zjhe(b)T6Z)GfZq-;9;tOnuk{Lp&c%8)(+7g^HwInMm-Q+&W52CNV53x6^5E`lg_B7PDr0APkyIFh-025+IhOK zYF&SH_mRT$qg zLSFMAkW+789n3H3{Ef@PhS>F}E5GQ@`t6lu(_iaVfcU`p(Nentf zA)7yK1krNUjpj0rN!h4!U z-re*S;|zDfG~im$Vcird>%{i*a2RwKRao_B z>B|cbi7kId^Ck5$qXpDyd~)snpTS>Wb||4{PrjTCM%T%6?i}}#Zk;XD*SlI~FyJ-w zGo-~ChiAPO89IyC9CnpbE%gC?RBQ`~8rguj5h$5edOsCl;4b(M@?wze*wp(B21On@kQuRuP$T zcaphyj@XJnKaL+G6ptvpT1FCA@qE~5g&_1)^5Knek^z zK+{*rErU0tCTxq|A?-;pFu;j5Ftg^x<7WW`G0L{>LLYFBcqMn;;eh z1^`+c@er_h3gHM<(|+o-T9#*bNSnd+L zQcN&90+Bz!+c@fD0ARjHi=Jb#m)9RKg4+w&iQ!!)kgIhDg1em?gld-MPfY@D{wURG zGO4*N*h%?q^@QU#HX`bu*1$VSGAiRJ-T;6!$o>U^F!hhUR9QqYnry0u2Gv-`SHK|j5pYZb;ubgZ3QGOtNlN&%6+S$qx&Zl25mP znzw_lw_}Ifntm^_qAaj1&60F^f2p$oa{2>i*Hi0=dGq5wn(+25p4ZKS`M@&0gkY9q zeZL!S^N0lhz41uR$Ka(gx1jru8vpG@>qMC;NNm0F+I=2kgMUp$ew;w<(L#Dn$?4kT z-zn~Ex0OZs2JQv7|HhF0i#Rt7Fgh4L*BmS%d^;MRFLUu>`l*)nwkyn|PxnDuY zGpO}ul99p=s+#_DQ*_U0xa_;JpA|~y!=yR5YJeW#L7)!K#S$Ke*a{m*tlh$Kx*4J} zOOjz$Gn?T@4R~cVH&YKYTU$!5FjVGmcU(u@x#WPr`pK=`D(^U?Oi#*VInO7J6-;$| z=M8R^$6tnW=Ke5VdzPGloQtjD|J#ZA)~0~NvxAfmcih(CQCX5K_F|t2_{ibWB^~-G zI4%f_nIrD>g?+q$~yTO{oSoY&%qqirY5sjACfNXvo8zz

b*{Hq>az{aEwl^vuL-ETW!AsvC0U0rmZ$_<6OOxU4rH z6u*cCCrj%CbZzu?LCU+fGt1_K0=ic0aiH8Tv(d}mzpAB)%@%6-6`Lyn zd;=aEyurlO2oEI|CPfQU*p&b-f0^7f+aySv?;0IYmhE8@&azM@s(W+tZ9c5e4!{sX zfiaPRB-x>31b(-@*OX3SfPO={;5>XR!!5^M3})_?`eW3RYLFL4dn&gCRlddq!UZp3 zAO=>+?ALa2%k{;xrD-8Kl++6_#b$F=O!pn7J1$t#B@!$C5)BfdlU5HN(yJrQ%j!dq}rfM(a$o8fv zTp~yzd4j8p6OX6R;`GAwKclI1Fc=V2d+jG|XGUoRj0-i(!+O4aQ6eJQWJVRWoER@>i z1n>F0IMxw9Tw>{kK1i)xicm&1#D5gu{o>fIFIqAt;KD8L+_HrIBbg;wPdL84HblQ)C+~sF>=()-`U*es#QL*>k3l!ZIIv@K;?LQ#Ty`{4Un&{&BHwE!4CHY8s zb9=V6y1JT|m)G4blMWT&;|nz-WC)pfM6;rDh2LXBA-h@)ttSbpP#BK2EA@3v!))k_I4*8zu-(cSeUL5Bkr5o$S)*>_9hh!9tbP63Ei-@-I*%W`U5q{cz|E*9v&Qg5%&dt z8!AqBkj06l=i^H)WY~-BjUhDa&H65JxDC=MS2hEuZ%EK2A?7il=<>wG#%6A#1e`7} zo5c3NGd9MIpFdt|q97+9fkL^>J9E;~(sFV}If_$KQp(F&<9&f+WOeBp)6DcfK(mM& ze>?Fg>6w+b&jHPHL|?21Nq6=$)R_j15nrFPD&Eh{H+?w}3v;%(RKEj$S!Mmq@NT8ky{N_Eq*cDRbAP`cP^8&pSqLb}@=d)^ojf1TGW= zuDwy*%gkJ?v!NjzhLx@$bKNNM;+5*d$YJ{zRg=C4TI5VM%m4OPr0(G0(9qICd@hXL z6;g5pN&P^^55gwB`9sbgRWKHhJBqdJyXfNrVPqfmezre`PZKHj!qWT@RALZRSPem- z5^p>^3k%wi;p4v4Z=Si@6@b5-guorPcC*_oI4o%WW^tQ)ge-JewU zoM=ex0>Ge^j5r+xnPav+yv)pKieCIzX%!U}w>)7m)}-_ukaFHzgi{wn7|G+5d1`x{ zr0MDDe;+en1TZl%d6)d(P0|sYq|2Usd$A8zE|HZaJf;mTq1MY{WzY(4=jWC?_Z)ui z@>{sQ6=vuSQ-CWdD5!~KaGABg4jtowUSD0oe{hF#+VlZ6_-BZIr3cSO`wR8M!;{5P z&L`WkhATD9p3M{ij5184NkCuY_wR=axPKtim(fa;f|ateva@{@{tu8YWZ2ay=;maF z@I8Y{2+_`OGnrC+00CB2FlwY`K?fuLs|<{990C|AWwK^5>2yB&!-s3o^|_v60eW*D zIjtPRgt>3DR2cA-q_psKZU(LJb|M7&gXFocbeWR(9K=jXv^Lt>+AmBjhJYXLEZjwN z+nG?T)i-~9YWJt}VS|-;lcg9Ywm)@XEfNnH|K<+Qy|wV4V^-iM73T;2p2BISVy&?R z+1aH=A{%|~ffA*ZDM)@p;7A)n;Gi}8<&9~TNoV)C((aRbW?*bgQDa%hL7|zz%%BzP zuZ%##mOR&z{*e+*!tvud{eI$Xe0+SIGM?-7tqIz>evMhj2x3da=m*aUR&H)TZ=~T$ zd9w*K#Vqo7GbmxG5D`KfMypV%*cRFuFp1Th#7&c_utafC6s0V@hnSEh6l=z zyt|W)LV62R*F7WzlgwF660sK-1E$zj*x_n>RjMHUIn zT8DC98iDbqIji4HQ0M-xXPE&3r(Lq+XgHPm=VWNyYhSJuNN)-bXyYYA4KX}?A-WZN zb>rEFp@zUGz?aO1V9cg zUQ<9y0QWk|6g3&X#u-3#Q6+3YbxzWQ4Ypf`Hc&YieLT8y*|r}!5T0qtpq1Oc+OD4C ziyrZ5{q-B}`y>Zb62pg))goLh&hEpb72S9zFOnb6KRi8D{r<8C1+?27}e0s3aI$1Q*m6Z`| z$9mVvQ^)P17IbJq=TXIentF%@*UeafK^jUZM zY%xzfxFw$W;#g%ScC@RLJViv{{DLp_=ziV&AZ?_bDw%!_85R^+K&$c+cC`b7;gf^! zdkf+K++yzA!7U(VlTN^zS(Dh!w$apvnxHq?H_9PLvkrmBv6taxYGR@0E&bY$Jxn`^ z=%9sJCCM_P>1ycq+bfLYH{4p6!&4Tkb*@^gP_cSk(^iEz7E+LhakO54^8zbDujJO_*>BO_v$z zj4LH+Ds`DR|4;;TMfm!oSDjZ-&`LOgx+g|WEv+_0b z`B9yb=ef5Ik~F%XVxI9y;y5N!Nll=ggAuL{8xrbj76_0td5R|R>l;2Cfzn=3!d;Tg zH0#m>fYa6$rzGjzU3HJ%hU1Bn!%yO6*k-7#&+0A@tKgsc{ck9_A!uFh7yJE-kH^XH zthZn0>y9|4+em&Hl=vTnhm_+q(-x^$JEaDWqgv>riK>>G`411%0U!7QNTNZop)^vXVh`0e*yCO;tD%bx59ow#0oplpi`6f zY~gW~ldgiAr6oZJSpww3S40G^TrRSUENHG~msvj@=;JJ-b1j`ZSji?Ee zLTl2nAyhWMHZ3iUzksZ{!}?{2zVfqu5>Y~5@~9WF(^_a;b~E&z=QvCjw|5WNejE?; z{%reMvCHi`dto8d?R}82^=I3&WL#s(LB292YEg%0BERP|DVnt?s>gftiWB$s=Nbvd z=SUbyI<#ttj~x{S{u2T!Q2RFLG*^wk1i9**7zqh7h@5Gl>9xo#|6N~n$3bb;6VgFN zUzJ8^$nWgB*Ikyg?flq8)>h{1cvk?-rpolPY!0(GM!SOzXP)Y2)R$YiF3cd026Zgt zC$-2(vYvx-rJwev4#xy9N*bz{jirO3CfZV~CgeytlXU)Ef;V1Vt6J?s=q7 z=djU<1Y;vHrhH(A>JE~{)8;^F*eLe7O7b%gL#p|Ep;tpwO&~;P>{6;M#4_XfS--bT zEYZIdr}5mCRMMM&O}DlQ6Ni^>a7I$R%&KRyH7)Pr_G{OY?5)>8+e3}RjDg&&Hhxi12ACsFKf`f z7oYv-$yT{+T$4%p1=MQOd3No39a3SnDEYVOLS7{rc{wd@iSWE>-p@m$%r#o02ziO% zxSH&+4z!y~N?Q zoNX(k9_6Cxns2M!L>{r^m_I8Tcf zb}|n5Q3iXZAGJYRPf|ojKYn^}?zDp~9{^7qdg++dm&hou72(25PwkVg{v+vvH1|(V zZTY~N<{za>gyBEcYJXDDYhUqd5=9N`TIFpYkmjC}Wv0L1QF^n3MhFlZVwMZM8>jvG zc8j=_#^DgaDeevn1;A16ClmhZUAZw+BJO|7GvJ0_=j9@hPU0u26PbDX zQwosiGyh(|WsVhbh7B7VSM#^2+bq^7=g9m=hABYDPgecGAu$(OENNcD;k)pY6W93} z{o=)u5!DB6WD$7xgnuu7CS28A_MgzhT{@DDctf8{@&8fwUBv4B?w2@UQwv)(U58s+ z>L-e-FMaZbnb5scP*iU^!5_+F|`*or!y+O+GPRrl6W9d9hq!*i@F(^6WPi+`|1oe#XHM#V8H?3VEHJp-9MA2BWM&*oupsHc!G$ zIl7T+C&KU#W><18`npZ12wP^0?we&E%f*<#SDY9E*M>ei&)MOq5yfCnX@Y`f~9Nw$HcbW(91%)zevdoylqjmA@%P2At{~42)X&EiW?+*+-4v4Ycp!@dWvw zDgBqLm`+2=~Fdb&CFawyt!AknMLEA8XK%Aupv%7KBaJv3dUU~F zDnhkLRK0fs$mi3UOTj*Aqy7ON6&X^UKXq(73j#;3Um*(6a7w=Eb&`O@KbAb|FG5l5 z@1^u!`!0@ondd;Z;zY&k>0abQ{OZ~A%;vBnGk7d#l4-^k?+a$ESC=ES;2A|LIw+sG zov|H??43x6y?*(tHMoJ0&o49co4MN#Rz_Y6vX6e z-(5!8HguEgP@N24RWa6d`e#;0fe(FSLq%Bx^b6%W3e2L;B^-)861&F4|)pMSa)fA5d%70C71M6))P z@6i^+GmhDfM`)-_;NQtQtm#tp>BTTUxJM5ND88t#K~=eB4*1M?e{-tjjU*7!-i@fI z1OK@F9K%`!K$E_XgkzH6ncXhYx+T$6AO;}gM<%e&Bg)$WXxf1q8@o*ynQp zYOfb;D0%56T7))UhDk!_V{bZDXuC|Hatfm5`Sk|heaUkQ4+GhwK!Ady$P(q>(9pkb zXk=u>^>o|eHA?VUb+Q?^S-X9b&=9V~`K1fl4;eWigu`zNPn6y5&tIe;*}Ov(ut@TM zQG6T}*(ppat0YdXMG1(TCjEyY5rKi}HS#1o;&8mf4~Y}wxFj4D1pp`?RzP^Q*`u1^ z+7CH=y)dE^(W%v>rJTa3etdjF^$1sc`vS!2@rb?P}6)hsEi*@mn$*rsZ z*JfPQrK6anuKW4(vrA?lGMd2=a|$k6h-LJAAtTMlC75cSiZj&6P7!sI%c0aCFCn&_ zaw0M}v%sR}WI`hFLD>DRdboJN4l-IZz@+>2#LXSmU)?JFXaW!aQqmm<)w~WAnW$&8 zO06QprL)YG)PHgvYRjT^Cx2nrbs!rfMl1Wtp(E@8wGf-nc%bO#NzDYpej0D?x4Vl5 z>m)%{(S?aP5eP~xF_48ah}6gc{lcH2I-?jlkMGVt+md@3Yx}V)kSbG6R&v++l4&6SN}?GZ zRdZTx5P5hf?(j7jkpe_LZf8E*#8~F#!JL+s`~$ggf;}>kXtlZ;G5`Fg%3Njq=b<&l zU>uvr=7(hE?<{hSeL-8xBbhI9>Yytcel^R1t$?rf&cX~r`L^i=o=O^IOom_Dd{qUJ zail2X-MQHDJkJBL`vp2MOTG)`p?pgp>l(&y%MI_{_LSQNCk`w3YSyDK0DjbJ@_kjH z;~sf4NKJJ26B_xmzpX--4KG(+W{l;!bSMkmne469Ugk|SEIl8^SpJSU@$a*kq(bN30OYWo%wjL35S$m2|v-vCEV z9;fQiEDv%U61L=z%FBOS5sN7^W_wf@xm}`e6~Qx(V3xYgj5KlI_KNU67`+1Y1GMbU zJCM?69K(%tleG#o%!G9113xSRR8o@6+FDyr)PDtYxdf^ND7r|>3+m2t;eOlHAbwrs zbw8)tp{`?#N>Hy>Vw#I7(z02B0x^N^}%SwYLlWp@+i|) zatj!bQnjjCdTV?pg>rnxS44WT0OEQfm>^wgO2=?0i6_}Y_~e$TTEI%|SPD1@R>bq< zg2`!ar%7_C%Kl<)qLZQSw{jsf^Jc+~V#S-%V{$ng&!1vV3q-tD?feCew$g(`diU5! zW=HzyUb}&!#!sNpq;x+tBf*c`0eX-_G$KL-Wq=;r!YaE6?I+d zJP4v zYwZ20rc)i-xvV)D@&Z76bEK3vf9%rU&<65}(H%_@)zH<-)#%-2Dn595eqv$TAnBkM z^?WTC_!ofY$wQ{V_+6uP$VBR2BBM`Sg;4ED@K2Etf1mSu{D-HS(;C?LO{??a92!_V z^fEQ&{q6@vX}el^h4NG4kf=6kDcv)sPjqb5d5K=xaT0#lv=c#($wC>ad^E@~Mm@Gg z*#Dobs?9oLE`6UK;Mo!1-gn+^VhULP-@Na-+)QVz4a;9j(o@sY!kuLImJ|A44rgn` zIu*tSH};M!Wk)1otS&LGhX;^ipQFMHRsVIpn(Nv(l(f-B@=!QB7Ef`Ftz2%qq+RF( z?YerZIHz%hxh0M{&AUy=+ar(f#0%E`)axho@(%&|?>IU;FY$xcE`Odt=|Q8V#;qCF^rc~|!; z$03QC1fa!sN2;rnk3x_e@|#I(4czUYba3DZ(ZWR-w~yzV%!jnS zI=|~Z2r@9^K6cOV9SQpw{wF37N%lAT=kQO~$#=au6eB#p?KtpWTcCmd!iM34ElUM` zT%NWTfA6=o639Q!#xt%X%4G|l@4IemhMEa^QItX%L_qY$Ma<64;qt#U2v=WU9$EjA z9y*uPxeXDO#I3#AAZpSPWa_)nnPJ12t%$=BrW6EHBz%c#iB`PC#H;UpUmx|IqEa}R z7rrqO^$_=QQo2H5f_61(&4qg)TW+IrnFGPhZ{~x4OK4gEcN(vBVXo1T=ck8fCUp6g%z?@m#P*^>KMXZd7=E>JyreSU^X zm&dee)0)ofFnxNm&F9I#?R$;Wa-}&AZ>SGmSY7Xaa?bw=^DkUntS0V%@Z1ESqs_;8 zB%Kt!IXVxTp73@|usNa7{M#zezDcJxbX|GuADdvInV)}7{OoD<@}Bi=_79OW>$m?g z`@eA2+2Y#lhUZV79p>-|Dl~EXVb}it@|S0quN(C$Xw0z|zW3|pzC7=e*S+%Ht15O} z@PGbzli_EFo6LXr8F5J6UioSE_0JD~Z_+CHU^$2X`F*{(@yrtv}nS5&!vBR_42NAzV-A%y8Q(dUenH`-^_q-7HNxz5MeY)8FOa zr*FOXrR@Ixx_i}SR>BV~r~Y)K1J1J{=R9QKWpYm{_9*M9=UPf z#iNJjFFzo6UDuJ@{{7O=r)w`>J9m0ZzP{XlyB||7|J(VuaDhQ-V3hUo-W%6agW2V_ zWJdk46ezQe-oO8ud;g7vb(?Rxn7;qL{e#Wx+}mI`=qZ5}=ncW#H{L8@?Uj_5D>q|nKA5%jk{U=wX7;6)2FF{BBqTqj@vwYd~H*~w%fp*k;|sH>+@1|w*I$?a-V1P zd+48%X}y>+<)EMxODP*S$b{vqQy*sV>MiBYSk->?!91O=^h+_kcTZn8ykpo_c_!IT zX|G7RN!Ox^y1HxWv*+ip+-container1 -vlan10192.168.1.2/24eth0 -802.1qtrunkNetworkRouter (gateway)vlan10 -192.168.1.1/24vlan20172.16.1.1/24vlan3010.1.1.1/16eth0.10eth0.20container2 -vlan20172.16.1.2/24container3 -vlan3010.1.1.2/16eth0.30DockerHost \ No newline at end of file diff --git a/experimental/images/vlans-deeper-look.gliffy b/experimental/images/vlans-deeper-look.gliffy deleted file mode 100644 index 4d9f2761c444..000000000000 --- a/experimental/images/vlans-deeper-look.gliffy +++ /dev/null @@ -1 +0,0 @@ -{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#FFFFFF","width":566,"height":581,"nodeIndex":500,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":{"uid":"com.gliffy.theme.beach_day","name":"Beach Day","shape":{"primary":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#AEE4F4","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#004257"}},"secondary":{"strokeWidth":2,"strokeColor":"#CDB25E","fillColor":"#EACF81","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#332D1A"}},"tertiary":{"strokeWidth":2,"strokeColor":"#FFBE00","fillColor":"#FFF1CB","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#000000"}},"highlight":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"#00A4DA","gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#ffffff"}}},"line":{"strokeWidth":2,"strokeColor":"#00A4DA","fillColor":"none","arrowType":2,"interpolationType":"quadratic","cornerRadius":0,"text":{"color":"#002248"}},"text":{"color":"#002248"},"stage":{"color":"#FFFFFF"}},"viewportType":"default","fitBB":{"min":{"x":-3,"y":-1.0100878848684474},"max":{"x":566,"y":581}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":-5.0,"y":-1.0100878848684474,"rotation":0.0,"id":499,"width":569.0,"height":582.0100878848684,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":103,"lockAspectRatio":false,"lockShape":false,"children":[{"x":374.0,"y":44.510087884868476,"rotation":0.0,"id":497,"width":145.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":101,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Network & other

Docker Hosts

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":157.40277777777783,"y":108.18042331083174,"rotation":0.0,"id":492,"width":121.19444444444446,"height":256.03113588084784,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":99,"lockAspectRatio":false,"lockShape":false,"children":[{"x":-126.13675213675185,"y":31.971494223140525,"rotation":180.0,"id":453,"width":11.1452323717951,"height":61.19357171974171,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":57,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#38761d","fillColor":"#38761d","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-121.4915197649562,-156.36606993796556],[-121.49151976495622,-99.52846483047983],[-229.68596420939843,-99.52846483047591],[-229.68596420939843,-34.22088765589871]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":289.82598824786317,"y":137.23816896148608,"rotation":180.0,"id":454,"width":11.1452323717951,"height":61.19357171974171,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":55,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#38761d","fillColor":"#38761d","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[291.05455395299924,191.93174068122784],[291.05455395299924,106.06051735724502],[186.27677617521402,106.06051735724502],[186.27677617521402,69.78655839914467]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":372.0,"y":332.0100878848684,"rotation":0.0,"id":490,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":97,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":9.5,"rotation":0.0,"id":365,"width":141.0,"height":40.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":98,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

 Parent: eth0.30

VLAN: 30

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":0.0,"rotation":0.0,"id":342,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":96,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#eb6c6c","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":52.0,"y":332.0100878848684,"rotation":0.0,"id":489,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":92,"lockAspectRatio":false,"lockShape":false,"children":[{"x":1.0,"y":10.5,"rotation":0.0,"id":367,"width":138.0,"height":40.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":93,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Parent: eth0.10

VLAN ID: 10

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":0.0,"rotation":0.0,"id":340,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":91,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#5fcc5a","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":289.40277777777794,"y":126.43727235088903,"rotation":0.0,"id":486,"width":121.19444444444446,"height":250.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":88,"lockAspectRatio":false,"lockShape":false,"children":[{"x":236.18596420940128,"y":158.89044937932732,"rotation":0.0,"id":449,"width":11.1452323717951,"height":59.50782702798556,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":53,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#cc0000","fillColor":"#cc0000","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-121.49151976495682,-152.05853787273531],[-121.49151976495682,-81.64750068755309],[-229.68596420940125,-81.64750068755139],[-229.68596420940125,-33.27817949077674]],"lockSegments":{},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":-179.77677617521388,"y":56.523633779319084,"rotation":0.0,"id":450,"width":11.1452323717951,"height":59.50782702798556,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":51,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#cc0000","fillColor":"#cc0000","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[291.0545539529992,186.6444547140887],[291.0545539529992,117.79470574474337],[186.276776175214,117.79470574474337],[186.276776175214,67.8640963321146]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":447.0,"y":150.01008788486848,"rotation":0.0,"id":472,"width":46.99999999999994,"height":27.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":87,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":473,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":86,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":5.485490196078445,"y":5.153846153846132,"rotation":0.0,"id":474,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":84,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.901960784313701,"y":9.0,"rotation":0.0,"id":475,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":82,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":368.0,"y":101.71008483311067,"rotation":0.0,"id":477,"width":140.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":80,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Gateway 10.1.30.1

  and other containers on the same VLAN/subnet

 

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":350.51767083236393,"y":87.47159983339776,"rotation":0.0,"id":478,"width":175.20345848455912,"height":73.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":79,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#cc0000","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":94.0,"y":155.01008788486848,"rotation":0.0,"id":463,"width":46.99999999999994,"height":27.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":78,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":464,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":77,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":5.485490196078445,"y":5.153846153846132,"rotation":0.0,"id":465,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":75,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.901960784313701,"y":9.0,"rotation":0.0,"id":466,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":73,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":80.0,"y":109.71008483311067,"rotation":0.0,"id":468,"width":140.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":71,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Gateway 10.1.10.1

  and other containers on the same VLAN/subnet

 

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":62.51767083236396,"y":95.47159983339776,"rotation":0.0,"id":469,"width":175.20345848455912,"height":73.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":70,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#38761d","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":341.0,"y":40.010087884868476,"rotation":0.0,"id":460,"width":46.99999999999994,"height":27.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":69,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":417,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":68,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":5.485490196078445,"y":5.153846153846132,"rotation":0.0,"id":418,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":66,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":9.901960784313701,"y":9.0,"rotation":0.0,"id":419,"width":37.09803921568625,"height":18.000000000000004,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":64,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#666666","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":198.51767083236396,"y":41.471599833397754,"rotation":0.0,"id":459,"width":175.20345848455912,"height":79.73848499971291,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":62,"lockAspectRatio":false,"lockShape":false,"children":[{"x":17.482329167636067,"y":14.23848499971291,"rotation":0.0,"id":458,"width":140.0,"height":56.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":61,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Gateway 10.1.20.1

  and other containers on the same VLAN/subnet

 

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":0.0,"rotation":0.0,"id":330,"width":175.20345848455912,"height":73.0,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":59,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#ff9900","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":279.0,"y":129.01008788486848,"rotation":0.0,"id":440,"width":5.0,"height":227.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":49,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":6.0,"strokeColor":"#ff9900","fillColor":"#ff9900","dashStyle":"1.0,1.0","startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[4.000000000000057,-25.08952732449731],[4.000000000000114,176.01117206537933]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":56.0,"y":503.0913886978766,"rotation":0.0,"id":386,"width":135.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":48,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Frontend

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":62.0,"y":420.0100878848684,"rotation":0.0,"id":381,"width":120.0,"height":74.18803418803415,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":41,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":382,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":44,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0417910447761187,"y":0.0,"rotation":0.0,"id":383,"width":98.00597014925374,"height":44.0,"uid":null,"order":47,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Container(s)

Eth0 10.1.10.0/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.955223880597016,"y":9.634809634809635,"rotation":0.0,"id":384,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":42,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":17.910447761194032,"y":19.26961926961927,"rotation":0.0,"id":385,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":40,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":382.0,"y":420.0100878848684,"rotation":0.0,"id":376,"width":120.0,"height":74.18803418803415,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":31,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":377,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0417910447761187,"y":0.0,"rotation":0.0,"id":378,"width":98.00597014925374,"height":44.0,"uid":null,"order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Container(s)

Eth0 10.1.30.0/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.955223880597016,"y":9.634809634809635,"rotation":0.0,"id":379,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":32,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":17.910447761194032,"y":19.26961926961927,"rotation":0.0,"id":380,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":214.0,"y":503.0100878848685,"rotation":0.0,"id":374,"width":135.0,"height":20.162601626016258,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":27,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Backend

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":376.0,"y":502.0100878848684,"rotation":0.0,"id":373,"width":135.0,"height":20.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":26,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Credit Cards

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":627.0,"y":99.94304076572786,"rotation":0.0,"id":364,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":25,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":363,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":342,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-183.0,310.0670471191406],[-183.0,292.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":372.0,"y":410.0100878848684,"rotation":0.0,"id":363,"width":144.0,"height":117.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":24,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#eb6c6c","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":218.0,"y":341.5100878848684,"rotation":0.0,"id":366,"width":132.0,"height":40.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Parent: eth0.20

VLAN ID: 20

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":297.0,"y":89.94304076572786,"rotation":0.0,"id":356,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":22,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":353,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":343,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-13.0,320.0670471191406],[-13.0,302.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":222.0,"y":420.0100878848684,"rotation":0.0,"id":348,"width":120.0,"height":74.18803418803415,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":21,"lockAspectRatio":false,"lockShape":false,"children":[{"x":0.0,"y":0.0,"rotation":0.0,"id":349,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":17,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[{"x":2.0417910447761187,"y":0.0,"rotation":0.0,"id":350,"width":98.00597014925374,"height":44.0,"uid":null,"order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":8,"paddingRight":8,"paddingBottom":8,"paddingLeft":8,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Container(s)

Eth0 10.1.20.0/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":8.955223880597016,"y":9.634809634809635,"rotation":0.0,"id":351,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":17.910447761194032,"y":19.26961926961927,"rotation":0.0,"id":352,"width":102.08955223880598,"height":54.91841491841488,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":13,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#4cacf5","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.97,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":212.0,"y":410.0100878848684,"rotation":0.0,"id":353,"width":144.0,"height":119.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":11,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#fca13f","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":212.0,"y":332.0100878848684,"rotation":0.0,"id":343,"width":144.0,"height":60.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#fca13f","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":203.0,"y":307.5100878848684,"rotation":0.0,"id":333,"width":160.0,"height":22.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0 Interface

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":303.0,"y":240.51008788486845,"rotation":0.0,"id":323,"width":261.0,"height":48.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":8,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

802.1Q Trunk - can be a single Ethernet link or Multiple Bonded Ethernet links

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.0,"y":291.0100878848684,"rotation":0.0,"id":290,"width":497.0,"height":80.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#cccccc","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":1.0,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":543.5100878848684,"rotation":0.0,"id":282,"width":569.0,"height":32.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":6,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Docker Host: Frontend, Backend & Credit Card App Tiers are Isolated but can still communicate inside parent interface or any other Docker hosts using the VLAN ID

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":-33.0,"y":79.94304076572786,"rotation":0.0,"id":269,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":5,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":345,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":340,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":1.0,"strokeColor":"#000000","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[157.0,330.0670471191406],[157.0,312.0670471191406]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":52.0,"y":410.0100878848684,"rotation":0.0,"id":345,"width":144.0,"height":119.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":4,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":1.0,"strokeColor":"#434343","fillColor":"#5fcc5a","gradient":false,"dashStyle":null,"dropShadow":true,"state":0,"opacity":0.99,"shadowX":4.0,"shadowY":4.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":20.0,"y":323.0100878848684,"rotation":0.0,"id":276,"width":531.0,"height":259.0,"uid":"com.gliffy.shape.basic.basic_v1.default.round_rectangle","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.round_rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#434343","fillColor":"#c5e4fc","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":0.93,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":19.609892022503004,"y":20.27621073737908,"rotation":355.62347411485274,"id":246,"width":540.0106597126834,"height":225.00000000000003,"uid":"com.gliffy.shape.cisco.cisco_v1.storage.cloud","order":2,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.storage.cloud","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":1.0,"y":99.94304076572786,"rotation":0.0,"id":394,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":3.0,"strokeColor":"#666666","fillColor":"#999999","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[261.0,233.5670471191406],[261.0,108.05111187584177]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":44.0,"y":90.94304076572786,"rotation":0.0,"id":481,"width":100.0,"height":100.0,"uid":"com.gliffy.shape.uml.uml_v2.sequence.anchor_line","order":0,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":3.0,"strokeColor":"#666666","fillColor":"#999999","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[261.0,233.56704711914062],[261.0,108.05111187584174]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":104}],"shapeStyles":{},"lineStyles":{"global":{"fill":"#999999","stroke":"#38761d","strokeWidth":3,"dashStyle":"1.0,1.0","orthoMode":2}},"textStyles":{"global":{"bold":true,"face":"Arial","size":"14px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.basic.basic_v1.default","com.gliffy.libraries.flowchart.flowchart_v1.default","com.gliffy.libraries.swimlanes.swimlanes_v1.default","com.gliffy.libraries.images","com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1458117295143,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}} \ No newline at end of file diff --git a/experimental/images/vlans-deeper-look.png b/experimental/images/vlans-deeper-look.png deleted file mode 100644 index 32d95f600e1d0f028e5a354584d7b3eac1639e35..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 38837 zcmV(?K-a&CP)`~Uy{|NsBV<^9ae%>V!XU&~tip+HNj^66}A$mRQ)nVITrYtHNc(eD3Esqa*> z`kbAd%gf76to6~-(lK|cWX@pB=>GHa@o3Xzg_^4Ws!jc*N5S0jld8K^uJzT`)$ek1 zjEs!W&(7fC;Fgw^`k+76^8b5_oPvUbLqS5dw6u?pkKFqIl9H1A{QJh>@4UUdh>3~o zZf_bI8wCUeRju;(_xAs-RR8+*@o{lbulell>t$t)3OtT%C;^muqGbEMhb*uuoa zthc;2H8U@1m?bADOrYYNL_*Bw_Ge{V*N8X=7YhCG-9?x^NsPS9$HfQ|DjO?231S5M zlL5N}0aL3>H+?Qtsp(QsPhQMaGY|=~Zwi2)wv~;4X@!Z;naVZ8!1Fgf;UAc;zXuVure|>tOWE~Z8pARn$o3h1ObAbNj!%u^* z_5J^CTT#Z>-^Nl<{-!W<+HSAO-u~F8IZIryPE6BPOvND_pf4@y_4@7P*??SStj416 zXk>tnp?7p^5>${_Fg7T04AS7|-0SlB;o#|%K{jY`-gbA9fN4Oe^_8!W{kmp&I5V+7}GvKNhH!eJfrZ;)8=# zpwqakn3Tfhgs;~cM<7#nn}SJ8E;MGj>e#%;Zg8JfSz4 zvp_CT_#;99000DZQchF9>dx@GGiCe$0F;4AL_t(|USeQi8bn|eFfcF!*t2>a$5|-4 zqi+-{DqATiEeu5j0zpGVL+6shegeP$D|}pn2ahA~{O#-}nH(wBHO4^h(YZg#^A+KN z|9(9^qXjyfdTZ6k`BKNgy1XfuI#}PWcKuvVT6W&stlrk;s=3{#zPlN!uhga2huH31 zr`8S1DKDn%eDlluV%M`h{dz*^`D*Y05VF|C*xY@XF0?m}R`!QiLc3?IW1l)P+Mkbp zJBq5g|83EGj)%%QDk1j+RInXOmzz<@tvi4Bp-w>P4brX&x2%xY?$pi^;{7l%Hg?BD zJ55Fi5fg+k(=;FYt{WK}yeAHAS9uWfbzKxoYd3T=I6sC4b7@Z&KojH&aBl%8i9-}- z?#F>Rt(WBXR7!D<-vZ}KCSI)MO^Bvvo}kYOP2n|+wT0-Tfup(p2GARf>`j9s%Aww&IJlPEu;7F=CZlaivP(gV@h;xvwx6ru^ zBi^&_U_fL%zq?{Zo@g+g&zw9$)^C)i6B$@iaQqn!=86J%h^FnBcY0rpJJ~^##7rU? z7Lv=t9CnGVe@zLhxET65jbUYDjyRLi6sJMZk+@VyPOp6Q@%}}Vp)&zXOA9BNYAhHk zPJdsifqsfY+%N|TiD4C?WD`w0`Wlr`!dH43t^GJfZmHyz6Tx(urgNIZIt%KOUYC`PTk=3+Npo2+fSsJMp3%#W~E`ov*Wx}10c*&ublvv zD(EoR5fj}jA^9-=5MTTQ=@$bRPJd^w>3lD^m1R$=xB^95O1JfLE$*m=hd7#awnFfI zD#V+HQuQK@#*E(m9aYYO(j{^!UfN2$gQhf?l2RVc(U;ow-jcc=gjz}}MQNDWSs4iZ z4QaYAlx(tTHvtlGHaP&VI~l3qsOa7lf(Ee)RZ5I*lP$iT6L-Wka{_sTCNl%-ybxkS z{t@#Gc&aLK(%N8{yDNnZLN0Vz8e5P4MVCgHiRyGxA)0AEbR!!|!|8N_D?jwJu5Tw3 zv9+~D;>yZq8tz6Ry2T}RC@Mi5{|t`x9rOAf6MZ*DzETR8mK$;(g!pI|I=C40hySKR ze=5<`MRq%#)fm!_O{IO!P!_lD_6gA)x8?gNGkhtFBlKPW4et}=M9$5q~;`woA^t;vy%i+#cf9f8d^Z zV~m=iGPKnzl@IPxpFdq)BZwWkg2s*;a^6+|hOh!Q3PzYLXneSv>ksi2fn>g0Y58;cav6&vtV5QuTJq=C zm1`|!Ie<(`5OwqQ=`#o6@>%<_hB!pK!*EQz0`XHN1fd_*ht{k7BmmmSpz(ib^o7go zvDk1~Mz#4W4|l7#>`DgLB;>vop=0fFoTu5Qd+vVz2o=M3%K1b(Ft6j^Pl02_e zl{{XD%7=@n;Xj!N;e0IiK{D(!jjy)Rf4VBDuw4Ei7W+k#G9GTKLCEPlP#(xND$UOIFwfcCXm6$eA6lTk6? zgGW%3QCeQ%P;l6+V8SQoKg7*AoY$P$a9HtgvB@6pmUVF)iW8rrDph5@wFx{db^Oj>2+;FE)9P6>}*CMg!%4=uCb!zbdotnVpiV-AAKL4T%m(quY4lYl}fqj z2MGl5-=OqBRY*~y>1&w@%HY6K^{g9{oQ;E)2eSb|VAO+d9(K znF`IM3iN7;?&#}(NjHAfHg&sFm`Ne$)6im&zB&c~;R)vU7ZJP{zPm)O(CJ(%G|@`_ zYbg-lD8(BKw=a@_!JTqz%I8m>5Tr`O>har@O6%@vI;zdK2%d;FL}KuoSH)^6Q{Cwz zL-j6;_Y`3)_Q3L3mo>wUjwvgG(9OdT(niiOZK0W{lV05nlJh~)DN5H%*s^Si;B15< zb9*}hfEJ^Zx!~<505ZJ{Z|IME+o*|tSZNK!C6T^fkj{e&tM03~0G+r(C@$o(xb?gN z9;Wc97`{T7&#BxS%6_vYVn(y4fATDF0B?+~=n+AAl-Crqe~{ z%h1errt?WDcztsr+A$OTr_5A5ajcMwusFR&?*O2!=%Ym@`UoH#U-HaG6TPjIaZHGa z6;kMYSdgCRjpDMY0pcm{q!q$N1cx$CSu|xRGV#0YBu`L>?AU16ZaLOnhAI#o7)=aj z*ny!Q*IH?{Ckx#8?cCfif43i(22Da1Q|Z9$bb3Bcw|wt+R8#?q{fS=7nJA%xwpdbZ}wzdF4J{#GU!eEC=lwfh8mJTOLdHt~K- zHWP0m{A=mbCxP~KAzShbll6&=hXSgXxtf`{H@Xc->AY(IzQ1oT#&b)((IJ3&iN;%? zd_HdHHy8Hd(uFeyA;%AoI%c{3ETEH72v_g-x*g{95SNuZ(jpk72qal`BHVKY+3UFC zr=8n{(Y2Av$e)UC@rkYcOL?J z*((j{Z@c{L^uaI)LAwnP0#sFp($DS>gN=~hjOmRhtX|cKIJgraL`@Jl%=Ew8A0gSJ zJI``ViTrjG(m&)|9KBg^^eu5Nd%Q8%*3er_`9Dg}J4VL69b2yeW96zs$Wj6Te3%db zR1_cn;f{QF5&$w9AqcqfTZ0GT&S1q<2m*p6Nw%u3d0sbLhVFSDfFmjMRE=Ip+6>1R zz3XMs2vEqFFoR8q#X}P6=_4#hK$;2JLx`_uhawioSFZnOgZI~uPEM^6v(71TRqp91 z-rE$frUB#MUv4hET3Mnv76RfL#iJ>@LjC^NCHhK$gH1yrl+|t@|I4+5aA_AI^O7Wq zkH7@#9Y{bGIx+WKVj4^YyiX4JTHfI>2zlqr5eSz-hubDJ7%MA|1fNoMidEZm1SRJ{ zPF$Pa`J=?;#``XQbuY2iPdKk6#Wn2vi(hCB^qlRbrC)8vCn4bMcr%@yprvU+qASE~ z8*GYZTlwzIJv$I{XH7!rN1g>7OV|ZZ8c;#-P`QDGryUAHM;aA8E==z?&jD6~X(}R2 zCLrJvCfS$FI5#Eio!x*5IU$8mR*P3xhg;C+P90&vj#+gY9?r{q?#g&vS;z?W)iMR!cGlMMK%z#b1VvDG{q_PqdDP0Ka#v|GIS{o}hO^0wJtA*LL?QxW_ssJ;I+wf z`Air1{-P!F#py`Xm=^(ZM(w!#Z^5U_#LgA==@nyFINs3sqCuwj7k+88Xw)l+k89MS zyhb6ahh8S9z_G}kt6x3f=>ve+ck>4!AX!ox2KU7d9;mP=vT~9uJS1sI@{4NgG6;Uz z>S{vAoM+B#B0voGfpBC14_dhrCSH6Od)fk0SHimvtF0&bZKx`|K`eq%SA1l* zm(nS;S@qBn;CQ4T;X%K{3h}DF(zGD+4gyA)A5}-JEG?d~>li9VJ`{5Nt!d;KdirW4FckZTRs>=Hm0@mtB#lrUBEul8{DW9ntGP zDs{q|a@M0l4vtBy0HC@D{ zf$-UEBUHqIbs(hnf{5Civf7${gufuC%paVxAtKV+2qejwkeYh=$D~fo2nZ}%tRBZD z559WEmwai?b<<&b;c)bE5xcb-fS|+S9(!R;s6)+xq}$L!yO49rMH~)!+U_{LHEMUK zFZLuIo=r{Tmcu@9Dd-4Q#I1Ix-ti;enAp{=X}9`$KI8J>s|OI22!-ir{3swvqW@C_ zI!My^H9-hN2=R|#@k<8Z69gl?k_6_+#dxrUv|f?+k;Ky3**J^e6tYYoCtP=)=hi$x&zZ z?mcCw=lh#6tNmuuI-)rX(4F3s8vU#~wVJ=kKl$oYc<9>hqYo3g#R{#3B!yA%_yK{H zqWP#%$W-9C1me}azw|ig^tcu2Pj)wSn_%|>06TpkQFW>>q2tm$lTl~%MCA7XCjJ4) zL=^DnQYP38;7vh)>tZB<~al}qRiJy>Jv z>X@LX&d+81F;87JQ4v4~Gj(-r$`cJIHDvshvoYzBd1O6XI$GoBJ$16wG>zT_O@=9t z#}W_oHD0)PyK}!mE9J)%ov0vEnS$1+B#spjwkC^*js(Xl@YjNqRa)Fel0sWaAXd7P z40=W3BM=ZwZV6$$_&gp)0*V3zA#|n0V<od@6h(0fX;{e?9Ujm;lYfGUv#SqC z01wv$6H?sx+}zqClDWC@agKtAz9kq{rA3Hv=OEd)PT|O076j&84h02{U-(-^%n1ZR zm2#xatavm4#trFC3{TMK2fW=6;`QE`Cuh00E)<5-q|ZZe+~E&#S8>6$rMq|kbzxy} zup=jfgM$kT|9W>~ZJZSEry=et6L*1f;lN)z>f|rA&c8`PJ21clz&0 zi~7!h(V&_3(s3h>l?P3&1f?;K1vMtQuGLFxHW&cqFjn zRAro|D=9|4aalIn;mCn^MG=fpf*JRCg+C^E~a7 z`LTNlOK*_Hg^rGerSVd{^7;R@2@J~JHS%!XmsQ3rO|Cdaejp$!MU5D)f3L(^2uV_? z@`mqpQt)lNH+i=@SqHvv^+c7%vw)Vzr@nqs8}}p{`Ay2wGP%)a3Re{%MMuJhQGBZ$%XcR;LO^~XMUw}0$QDtU2-j%mR-pT=zEm)+{O+UA`wuVhM zO@q0Gj=`ll@w^1WKAoB2_~KoJ+}hlnFqfjqcXiby_A2)*9|(v>FB6Dlc$8dUl2DmZ zN1fsO^E3ba@83N8=Gq_U=kE{e+A7Tq-0#k$k!h!;(5+_^{8Qg+x6E+~X-JnZ>e`Gn zgj)Jnsl-Uat+*M$mIEcFZCj(!4eMFJjmm1noG+UBxqr$y+UL7D>gKI=qkX%}aLDPq z;FykI`K{z=OLQh2pIiLfpdi>Th;qK;?p*mYYw$q zml=a*B8H;hgf6@X{ioSj2syquaXxz~?@p{Qu1_q8(43z;!a^{XY`gy1|D7M6RhpSxR|-OH(F~>)#l>-M0$sj^yG!FVO_SmhM3U$^wYUThFQO{tCXcV*9hA&ZiBKk~ zOyPY2fuK!*Rnc}pANArFvop5thcmP9V1(J(`}Swu4G-s4d2_`|gsV^Zy?2sU4Jii= z7Vib|8S$~;^5hQX{*z{6+%b#AJsRv-Sf8UmtT|o5rd1Sf4FNs4c))6tWjqvS0N+ct>0r z*A_a?uaAQqZb*)&M~7(ZA9Zv*BKKcCv{Fgsdjdik1wfD?g2knklzDd8D66jveKr%S z)5?sd+2QNm*JsNF$#NH3b^lrKGmmHHvl&ml%s4!YqXs;N~z zM-}1GA&_bpvbdf^8b|`Lj_=^I?T_IHXy@W!$NIh}7%@_!(2?&Ah^z<@{K(wDZtL!T z=oucKHJe$6q8QeU)Mfbo%rH2L5DbAEf2#0Y&%^Fs>mO$U?7#ErRk2aVEhMkR=lw_j z@to3RysV8{?C4m61?M7e_w8(f#X;F#b*k5r zKk|(3&__>C9qAUC0D_u;}crW0v1pNWW21LB?uw@ zLOah~h}}@za6L}Yhf5uJ^}ndK=>}^TF2J?fiU5J!V8_zFcTlC6K&NGnno26UYGQ(s zTrx~Ez1{O>2+G!FmZ#r~=TfsX-QD-eoUg#~JV!$)+G4~%!hQT9c+iI-Hs-3JVPd`e zE7So+9KMJ*8ZeKn-@11R5OOx6zR`-3usmvqdFoQ4iy1oMQxEvGWMmnDCW0$1wDWA5l*{xgACOWJO=7HbH((6Jx|5lVA@u}yxzR8lfqd9t_Y4L|Jt=h*`z z|L{O({h*<+z}S=XKOsa)=HtsNn)@Ok@j1y+-h-CpQSSED-(fk4`qZEvLEN78UhlZe z6&S?rh&LFDR%*m>O}GQ-WNJS^?gIFZ6-No+k(Vr(uVdLo56+`onEC)$r>x9AlMpEkES*F*`bpeM zpv>xptk5mNUhLZkz7&wHflFN6XWZF{w3sVW?o-Cb*yyHH-Ln^ z(9B3PivD2sO-Mjw2T>xJ1kOLpJ}riKxV?K8>?f$<#;3SphG1Aw3ly=@11AYD^fY^L z5)C;i+KbZg?fBZ=Vs3<7S)JY<(2tJ!mSa=KfiY(b^&iXI4WFc&Rin?hF5bq|QQ_y- z4Qqoxb1ndOFUr#f-fDds3fXL3LG_OyQ3wbG;|s{B)1XwKNDazxF#M<*0tuDHSf7nQ z%EYu`^RogxAYfLkcI#~b(a98gkUoXni>MLK?@sT2`9&ub3}O@?On&)iZn9xD0I)&q zD~^ZFch3}qBvG^dPY^2DFzm_ItVjn?8#8)8b)@Ik7XSeyeDJuszi0m+d72-Y&0=OFGggn7F=%-7upZOcV~tO>N%;`n}m zCN7WEYr8DaFQe)wox)VUSRt3ZuOg9HW>O#<|Z>64|W9s#{lRZS{S6jD}`npzG zfU5`qm^iZqbgpLTJ`T#*`t}!R5bbJ59#X6MtanDd-q?wfQ+RF#{Tld z8(SCvP7{jan7QTYkN^8?=4mH@!ML>qkXZqca+x4Jf}>yLXhB}6M76ii763v= z`asGNjnza3#!~)KgLBmHtZ-;OOi~fr)K%>W7yI=p2ILEY0FOig5_ti0^c{BvMvYz z-ni@LM!yw6$b2{U_zy3>3ny7Xx}vlt47e|!zxmd5qc3Oyysa1z^EIS~Sjq$PYaSd{ z#s>xG>R_%aovRORQ@x{SOl(>hoWc*~g}RGBv_RMjX&-VZKq#fuTvJh_QL<$2g!w*V zH;}z8T(ewm=VQalF#|HOAD6);>Z;kAx~c$|LAos@dHcDi(V>vO2gE!h z0bZ*J13KergegxoP%7$rBCCOzUSHWZmaIo)O3ifGOLNTt%I=QEr2X%+$8Cu77!9tsdbSD&jt*Xmd@ zf47F{5{v3cOchLwc)@!KsnT8VF1Kz$8VNisAdBabf|N*5W?XeDKw6jR1Q9>rCQpNb z#*}}^-yb<)+ZejpW&lX3-vY+j2{NB2T0vSfO~z#r0|KOnPn&OyIH%CAa;kYF3}9jt zZ1sNa-7Ns*Z$+#xqZL!CP8^DUR~hv=I5bTDnc4R4d8Rn^62gL<&!QL)6gMUL@w>tY z@o(=)p`(f&?Diuu$K?UxN;M?W#0)uW!HzDmOu77ko^0f-t(iu{*p}H@#CCLK=e7yxhF5qCH}(2M{H`)Y?aFd!iA&^t0d#Q>YefHY69)JCjz z7?8-=PSoQJUD|R~7=8v|%U3&zEXejUcD1CHvS7(#D+K$jw;Wif4kS5|D*=%e*a--T zYx`}TX_W3ksN?}an-jI@G^bR7U3W%nW-&qm$e2}lkP5)q7$8}>D(Jfnn6_}Rm1Kn+ zky8w8@ilflaA!c z{^0|d&;A#-xEo)?#M$3yX+FY3FwvODDytz(O}&UmWl4?;HG_78C4#HW>e82jMx`6< zR#4#02uRkNTarfacJ+$E81e5QHQrhUWZdB8&S{+9U85Tr7$em z=LNxOFHp*XYHwp0WAle+$!sy~(sBOoA}KjKsw^Ig((o;wAZbW`!ccv&G93s=e?w1V z3e|{v%uhRgH@#rj+WJ_JmL%k}e7@6c8Ddv((BNsOJ>+^G+H70#Zfheg+usF8U4P!H z3uKnJ2ikT*BUE}Lg;+=WadUbq)W=)L3RcSN@6wQd^wS|vIB;m8UUm#3E{n_S1{vB& zwBV9BmKEt#3Xm!m;HI1`fu7=}d&l4f>ClTtJbdR2N?vWa4PCV$^OjI~Ndi*d^ag`N z39J_oDw2+Lf~;T$enPrKD7h)yg8W@=`b9vb5~&)A@+w-gO0Nr@(i%;sFs}2CvkeudabsMCH#XP%yghe~sF-GH!RmL}1)Vf#G6SPpV9x|ghDo??fLMwC{ zbLyv)e$Eug%WIiA*r;Qnd7kGWIJ7`&QOv>Jv$CAk?X;=?51COnRRh3B9OuT;YPAvB zJ-gK%NUJf25M2E&AG-bjdN3vGaaMukja6@?icFh4Q_D#imHBzs=0Ibu>e`svQOo?t zfH#jDcu518`!Ug6M=QONIYiN?`QXJ3;#>9FexQ=D@JU`i7TkMI7Vc0WnKwUgsB~g) zqTotEaEyZUa8be(l)97Y(wn?G=Bvusevj;3%PCf)jCdkHZm$OGTW?H9ngakj8snpZ zKVd*Jj@W7-ZrXX9HWJZG+nmpM=0&gcBl6qPDjoTY3{xL2ep8O4HwpkUa(!HVMa1u%gcl%hzO;S%?Ao*L>%-K$eM%gPI%*9O zSj$T}0j{XCnzQ;{ElGO-Y#EqU!(UE^)SgRk{=n5%kNPv1`r)2hFVTPB)J>BnLJuhzaL$2kZdo0~7VZYSzk`sCe$Z}k*@f352DqIK% zu~WICG$&i)F`mt`WPYtHGacK6(!xXHlcewx!tB$S<22wR5pFqx`Hz90x1 zwSEL^Yfx5iG}WD^jrI6n=;{PX6hXvaF@ED_fOcIOo16T7f7C3~vTf*}z}xkT-}1(q zk-(OABe30YTH2(xKQkXQ{Vq8_dG0TS`SE{JvWL=9QD9+2Qo02t>nA>uMlE#+?t@en zVm@5269`CC83n;I``N>vdV7bZ&Qb%KhMP|}l2((o2f!E2&W)rY<48AoE*c!4<7&;{ z0+2Cy)5~`dAb{REJJd)e9LurEPhM+XBcW+$53lCbH+}!;w?)%=q_B{UUE(Rp{<;@#kGqUiI!4(Mk(`bjDILi<5 zbzwdf?*j1^hs+mcy9$C-^JV)k-+G@V3qT<^eee8sA$7YR4p4Os6_LL zRMQFB>HdrAV3bWNeSb*z^t*Y3Kj}!0(D4k=NA1<7W-A5uevd~8`=*)}Hdes@kqu$2yNf}N3=qr!0(N7@u!>8}&k zP$vQ;xw-4s4}@__pt=X_S`DEMM-Ko#?fugr;ZAi1AJ?w*C7M^%oX_BUz7?f1T34;T zg;O`?*^qWQ_=p09dbaaRi*xjzaUkLNOH9#!_^;d0YpBY7iI&15S(_j`q)``H6MY*5 zoCOR6f*QQ?(``D6Y{OJG$x;*xVw$iR`J(`3K5@dV5?Up)6rj-%Kwwv; z?Gy`DZ6~}O3keES-B3QZx2>G-zJ`h3k0~gF5pjPVFCR@zEUmAtElo^Jpw|=d9Un`X zW5InT#z+-ksFd^(E;G#Um3l$|qz3naFAqqrL`o|M@V}Y69?wRyI1b@~MW@@A0eX^z zlE_G%%#De)Bgx)e2wgX+UO9J{BhF^AdLfn^t~R%VJDlFpVJW2=iUu-V=(!vrAt_qe zN}zRE!2JXJUS=kn?R#&2bjI3GTZHK}olm~s&wJnZ{b8q8a;r8}IbRDiNq5rsJpjK7 z;Gq+GaM2$8cyP2g*T-bBV$W4TwZ59KsUS|@bjfVNTrPm0$|^K zW>%5oAWi}JW)0P>d1;;m%%Azo-XE%?l~82BUetd>qV5eqIMiGHpvr%NAH#ahiCJlm z6Oub7LhSC3U=x(S-UX#U>IkT=F3OpGQP=~c1=OHi4 zi+LVGZAl-E-|;+OeHhA#OAsRZMwq=?_&1$S{{e9|nsf-Q@If?Y*0BLQLf%z%E;}Lw z@M@)AKkKO}z^*+b9!XEE$q8uFn8#vLqnpT<**u42UzeNZRvHbP^{{9=( zriMr~FjE_%4hR7OAjK9jd$IzjL@KZx@JVm0OGbN5a40jkSB^k|A%O!`e_ZL%y!yK`Y3vk=>T2=$?flmB-c~?nPq5%tTM%yjfVwV5>g_FYY6>-s^Dm+jyJxNA5#cf z`0sJ`x#S=$A@^$a;c$3StJP4s`_rbvdwtU03Bl`1QL#K)jJ-LbT8JnXi(>mHT1MJN z%-HHVA|z}a7lvKF|1gb^a$|ux*#zW}!(8jm-bKBFh8V}1O;uB5mUG1h8UP{yUkN$t z_xl4tZZn5z2u4UIcS?Etd?b$TL#Tv+0B>Z|MFYSuLdwj8ott|Fjw4wK>S)Gl%_rYL zyHu}`6X-j)kToF;g^<~l$++xfrw+`*=SVz79eL!Qkn?J{{YC55 z?s~JSs!$`8DMA|R(Ddr_%31Bx;de+c=I3`3HNtZm5FK`HV)11!LmuHePYB+m1Fd?^ zSQZG_k35?BtYCt0{hbLZX39@d7n2%>Ivl!j)>6Zsl-VTYLu$WsZw`0i9ZzZFqwB`#1K`F&wqRV1As{&;1RxOC%s#-lxBvSP z3vf5Dp=OYfrCNw$oXCFSVt$AmF*2NfsY>eKEw*#qZjZW%x1I2 z>@8f<2w|n5;eK2YVmhsOJnW|MObJWXa{{)PL;@kQs;V0A-vbml!DkD(LN3etp7OGC zZ{<8oK$${F!aPxTH9v$)=*4WYh#YW(#7TxBKqOg+Rw|YLl6`xA-=bzGg8!m!d)Y7T zrDG!6q-Cn9&k4@m$Rl1dvWFre-bFO&=EZ|;63WE}PRPMQ2}=_G=$5_qMz`^Mb%ltB zI3cqHheg)y$fML^a5hmD38u5eq{7QbJH)}*m%4?#W$*e~BS*4$B3zM@tEK~mLQ(~d zgoKpT8I%;efjBTIkn$TEe4Mkva~o~6-{6>;J8*Cad<@KGPR<7t3|wFsv*Qo2c(M)e z7?=-m@2RR(wB_ryT4n6r^)GO>)uo2+pI*H`Rqwr<64E^YA-0k2-*IEk+-IlTu} z2{NKHqNl_e+uwcto3BTJYyZAMNON&^cHvnj#Cqt&s%PWX%6wgr>4YF7Otn;C^x^NiTkA^)(eL$ddv)Gr--;B{frJf;(Z9*jO1+?W3m zg0f(>`mWtdNVy1a$0EA_m4n=aA7YaaS6RF}_A$(S5hSiD%9Nyxxr{}R+n=z%A7Y6Q z)t@53Dgjd^#H7LrnR{iB((UrL87|Ou(8+j`2SMMEn;T|?P7LgYPKc9fLbms2F;S7N zC~L)sC`b2CX$rl-QnS}H7iRM4zPU4;qvm-l6*uo(0t787VR~Q zymqlKq9i1@M2LMq1W%njPVl`XQ8}KTjrQH7um7#i2-_p%k@_L_QPn|ea&G4nqAo5A zt4mgRbaeK%v`NUHEE9s;^qDgoWt^zcV3B*yTtdcM!Is(=5-!g%5GyeZ+*ALpz>;}T9YJ@u?y3tb^GV6Ep^Cd7%-RC}6sK%hqQ z#}miN-X0wvVe0z{jF@q9etdj{ajxj>`1p^N<9HWG$Ilu$@mNhfKIxsA=HAXRp28L` z7GKygaVl%-B+zsuZRt4H2_dbDjm6v=AKf7ma&dTwqw^L<%sn`P@fi>jq9qoAUOa{i zKmN;jvP&Z$uZdF~;eZ!$gl|}v5Jbfi zV^7ZqiB8U5M7I!f-f2R*?g$BacGz{HB&0(^`iTU)Wpqf$rXNDyy?>3>0HCc6Xl3~S zJ&f;xkWZkcKL7#OFk+4AcV7Xn`zi~4t+z~1yn^d6k{yCBS?Skq5DabXX=`-3eL|c@ zn{dKX?AGf`bTlXD{Yg0-8v+Etk;X7X6(RTC`8m8%!nX}!tkew+jCuDh=#))D$feT8 z2kIOTc_V*c=Mu(OJs|)fK3onVZ2vW^P zkk*Yi>&xAR5GPcX(9%Lg#EN-o2m8MVsD5}?C>dCz;mws&4Odb%z<8;22t1^i)AsoRH# zjeL7sjB^e=G+~>^f`VM&W|2#^;z(#7ndZLMC1f1gPn7|Y=B4w%$WER;J31d--B?o0 zh!~H~?c)dyV|5(od0f|mGRD$02?AWCOrIOvTotiz(%I}w$QXQ`228D6Zd=+Z9Z>Nd z34vl--=6eKmh7cNGICG)Y6)r~NkC^KQUC+E8VuM$y|IoA8}~0ECZ3#VN*I>upAA1) z>_~`mO|()+J%HKa*1;D+>fQvU6sZ6%ii8OugJ%{M7PNSNsu%!hCCFwWQn@(Nugyr zxIk%Auy|Q ziB{l(2E)S2ih_yUFFj2Pxs!j(%Vua(vflkWnF3~)m^*9F=q0iX7gN4hm60t4Ip$${ zbK>z;-o#7>Zj?MHDXm+-%(j+Y8{RAZyk@2!Uy$>;$ABEGNuNYEMN%++-7SM^0#s}JwMYxa3B|<=g+|1!Ux7gX-y1ovmbpM53PTM8BQc-uhg`gc2)uom zMPPPl!oGxTy-Il0*26DrO!6S1b-ebQCW@-6EIrRF%c_c^rdhVJ0Kp1|TUeUPu@Fr* zNkWVtasVLKBm_r%*qAQT9*l!`_9X-{M?wsEwX9u~4dxDzW+B=meOQ4C(F+jTD4X6b zkV$Ev<1u-;iyvaTBjEA2nSO{;Zeg7cEd!HShlw7)gcwr7TqH%$3UxK`6$7NkwZ&^@ zfh&@_jWWJY^mb<|qjF@DglzgD#>yhQC64l@6{%8=6ok31wD3HB3E7ZwuL@&|@f?tJ z=57T`gCbxQjphDU-z|oCjHG0O4zc2gXf`}QmvMBeqywvh+k<__aQlOh@v>RxwQvKZ zB~g;0kphw=!S`sL51xw*S^|rTsx*$WDOKQ9531RINaj_3jK(4xmeaJx!0peD5W|W7 zW@Y5><#A0}Dv@Y%sEG4+ZyA-wqZ*|@up+3#lIvf5!eMKIe#q7S9f>3Z6P%Y38XF0S zEi+a;U01p)(ZlEv%bOc=`>KM$ga5U2I|lbfp`CxwMIv8D-c)|TC}UaMtALM9^|ES~ zYmi_;85$yqOh=+xG%$`{ah&-JB4oTikULPwLlKx&gQWoyB;xh0j;67)2nxoweMQc_ z5?NTZ$bvM=b?S?DYt_|M#LH4Ex1S#&)`f~MYwgk)hbF*KS>1*h)r)#Rlk*I~&km0c zPh_{~Kkvf@4=N#_%2hIoqQ>`^;U1Du3peefhMJ--*N8Lppe+IMnn|}#Gzr23^)fc9Gp9Gi;3Uik`2F^>0RguzK z#(PFwJP{%}Y1-Hg05?1uhLE;1APHV{U3ZoS|M|m@KYsHZ{{IV@y!DWpQ1ja zNNAle{HWwxmb@oIluP61XgHfRN9t~ZvYrs?eun*!zkd(!zeGY9-PmLW3~msTQ1s>$ z6#|%OP&W-!kS9WZ+NG(QMIH+bl_8`*V;=pp;}g0eI;plsbNiYn>7!4Sba_ zD(X7U+jZzim6uH@xAjEGW;i3`=xMffEdcn`vmQaQ(twJAs}<_(=g*%f3@3;lbrW|%b z_T^Yav{?cuN07Zj;f!9HpQ}%%oNu zp*r?Iuy?X$$1?3Ux``z7p&j3V=Gu|BCkU~>XSi)JrNr-GK zTsg{wE-L^;T#_kfw?nZmX5m{?Ve6Ypp7tvTd2K7VpX2h3D0!wz+0^_uXx2vQmoKPy z=G!joqqpAr4RkKXj{!Ns)T!EgDcikP*?tLtT_0yWr%pL3lnvt2!0_C7~IVu^iTmYbJjK9*;jK#N91VXKn_87t<<)>29b2Tb0 zCUh~Dk@KTEHBHR{Kt1U4^|{OTaEWn5t6V%5cPI@hIY`BpZj4Zl%#?opP7Y94xGZ#h z*Ura}AAioZ04ZDx2A!qgTwQX4u*x_A0YTJ~oOA^MtztkBaMF)KknZ%b(grPVl&-mo z!TWWFk+J|FSbB1RnjW=eDxKi-+X2QEsLTNbq9!7KS4tRaLCDXf7#9Gynk0q`@x)q~ z@Qg;b*{H&eEG`LU_$qt`qe;ghjG^LNCRwhdp5od0Nn{l z`y&Soh_LWAOKq&TEJRq9Tzjon4GV!@Z7q2ShzTF7Kvhd2bvF2*&e%g331~#IP+0vN z(EK_TlQwrMuyf}sfL2jqAt=eR7oVi&JrskFY$_6R7GzRXXYVYpK7z)?giR7DISc^J zZI$~G2wQ2X-d<6FP+}}M=yLL;G>{Y;tliq=VvLwL~!>IRg-BFuI`t2)(^I49KRC zE-yX0opCnbg`xw?8!M_V%DYfLi%)75D6imS=^}hQdHQDKiqeRYtESYw{Iupd6Nn`M zIJrvjJdqBk#Lt9GHa`Ky#X#u$^imi#^O4WE`NVos=^`HT2@dMVzdA8o)=tzOahZwVFpbbC^j>GaYhps6 z=?F43;VV&EGXBWp7w8&5j$iO?W5ZhdIY1ETGP#&*Wyen*b1#`HfDk#W?3F*!s^A}O z70AwZ`;SFge6wR5RDAa!8wq3jh-11Ws`?@sjPSb6$`-^|kZm|? zbd)i%b>c4;c=Wl;_WEO5GAY8_hHodn9@v8nOYEc15 zMNLqC?ek0m0R5!@;`y)SH_p6Qg<7?c;YFo*uHaE;KZq>`m`kKs1=wL0$A_vyyb5En zg|jezt2n9rxuUI|BmEl@FEl340KG)@Psb9oOQ&?{(d=E1hb&hDq6_jjmEv||C{dW4 zo>vgm7ZMp?d>2jsXh)>Z!n07qn*DZ{1uq{U9SaA*doHV;p0|)+-YPkEVv1hLMji;V3qV+i$ySTBvw496q093R9c)8 zBK}Mj@*>Ux?1)KOoXj;m%W)^?A6=K@F?Re3lwzuuysA@aYI!xL0+&Dc<>hq;l)OSb z`$u_B_NF(~ZUcli_QQ7{S-`B5hY&1FumrG#K`jVF%K1p3dDpMF#XiV5RaIn0p22wBvtw5@=Zp(Zx%5sRIL5rA@7=XMper@B(;`mRU0<^S{ z;lY7{F!U*nt4(5Lb})biD1n@XjO2q|FAFD3S*3tkf)xXp17jn==7@EGAaECK5(9@3 zM`CNqfdLBw2!XK)2HKy3N*lKbrNK1+K;Nu3bridm?6BC7uYvE(?3>lFAC2D33aydx zP{aab>{#dQPXidlVgRb-D3Qan8>9v@k{{B|x$j2~gd~Q-xKbE;FCe1efI3wOLLmT9 z72wbT|JWHoM+Y36d|1)c*na)x%YXgiFb=JI1f+?+{74MoAgP-lHiV%7xF{qB-UG-$ z;+kOL2%WJ+xvU}bG0Mzi)SxNnh_N!sK{S<{6p$c~Au<)HF>*f;%t>1Gep5!qUedDn zOAi@h^Tv&|2Tn7cZhDBmx5%HR)9DuVY@}bL8yvCq;zhdYAbLTdcNo}gwpe)Lpt-Su z(*qg0q=f>6GYZo{1M=y12lP8QfED^* zJkznafH3g3iylDh2C0SMDQ_S++vH6Gk|r-Y2u<>P9zsKT3)(ZQ0o0v*8&Qog93d-Q zGd@1`k3NS!jX?-QLm(jL*YsSBG9s&x*BOCOPXTZc66BL60hy$NMnI;?%K)rGu7K33 zLxocZ0;mBaAV0N%kUX+OAon_fpaPQa075zh5(FZu5r!lfyrd1EOMnAoiju^p=>!A7LZRhaUvk3kY@3teIu)8Xr$b%e`E;bxQ70{&KzPAI5exPy>u(f@!1z`cXpz)LDkZ^%OjNa<%N+V#fXhKzJ z*E_tU0Xq&b60$##LweWwTh2QI-gSJ|{@~&v0U2}77Z6c?NJ=1kZyh_dqpRAWaI}8B zqf=C=-Gk78nCA)zqDmHDJIERDys(`7*akn62Q|Oc5pWbwu;)B}Q}}Kn=o~odO=@8u z1Q1d?2jIylG7u1yg>hKKw_;d_Kv2|a#KB7!)%N5=0fI^=>mf`I+Le937eM0Lr48Y? z$F9WScN}I%AEi%bc;9ck?Y!;Tk3>@6Xo3Jej*Ia~H30ASDeyXeo`%3UAH%f(ey-MgKO zKah{q6cM}fwLxtl5S*=p2>9WMWRY6tTdEtXDL4%S6$w2K5RiQ^IYcWb%CVk!VBWIl z$6;N{+)92l5%1+FIDCL<7+a$ zx+$N`0{4N`q;zfhvoVv&_2*?WYwOo*8L8iTAal!m(#~4)ATlG9>zOC)e|pKyls3A( zFb{6MgaU-0$7Qd7PpStX;N8|o@veMLpHj;rFLO6*JMv~;#v>g-ejcfAS*z8ZgMZK6 zS{kXzzj^vUP}Fi$Bb)B*aCN6t)k{l}@1qy=JCTuBnTvvT1#<3|y&nhVp$lOE>2Zc| zu_vV!)#akIm79&^Woq^DT{*h;4iJ68sIDg?ltZd|&ay0-tm#w2*vmaPa4&1wnS-j` zXCR2pjBQ!Ae17IYv{UWW2h@XIhQk2D>eJJcW%8~-Hl=jkYzOAw~H+d>*nH^IYdvV zJrR(h*kIhXEGue52uYorj@ipup_bA2am8IAAbsKukWHD~pOGm*)&a!ZI(R%+S{kn2 z?GJ$b`1l8XW5gpMdTKTDO3&+eMus<|3(&(p#PdAP!VniL6S^L?-1wk5&@+(Xl?kh~ z*iUj90XeIkA>vbMyHbvNTT=Gpp)^)!SsE+St$7|UI3VS4A*InGmyHR)9sAVq# z)Us2CmyJf_EAb6nAs;t9GFn8R^*&_z;_TI{mp}jP`mN|tZyUoEefIKafBEQ>Pd@s4 ze;7baP1DTYMlU!Afhafw68b2GO6U0I$|0aKMvfG!!c|q(sk_630BUDkfPXe2df?%- z8jY~Nq56$hGgd(u2Ey=S&ZSU?<3PuQ3?fA^&|Pp)+#IYvfC$dco%LxP+kbn3&NFX#hFE6nW!+5$#H}w;u2V{R6iwZvw>;Qm5UwaXJ*{71_t4d>T zGzTpJcw1F#7q*8_&|uyn*bU)8qDYLd`%#lX4#&kH5+(kGAWCWvv;HDo5Id>_1Q%__ zOvD;uixESR*OIBWgv`L6N!u!rt#j7>0~0t%hD`1Lg35@%h2@)>dYnogU71P#5=cBxRg(!xp0t%cYui8=$2Ujfh!%@O zAasK+hYv!G!M()@GHCKvgh5?Q10hokp_G_XC>Sb@#Z#f1HbV!00%xeb^%HpM6#7AW zzB|3)sG*JSC%-)YqX)$E^CJl%$G0pP_p(?ObkOfG6h z2#k{b^jpF7D~JDXgXunrAZZqI((q7!UI>iGv)hH?yckzfO`OHzVIEbCz&J~;!= zU2Pu2iV;H2*UK$nK>_9jt-!!`x$Z;K{)P~e-Sa6Ldf=9B=XNxtNYWp|x)3Tb zo1sr6MF*`_)qrv#{fk`4Yb=KYgQuL~dmnu*~2Hg&+31JvdCOD8YR*0gQJ}Z2vC18wq1tMd-oyizukzo!{ zLI%AXV(Sp%3jU(TagGxw?{Gw~+z?U8pcK-p2|?)Uz^YjZq7>D(hsU^#{lg3Hsv`hEs+^Z_M zzdHBabE@cs;w2VMQy3M`G)Ici7R|P)B+%ew6Cem#7lCN8WU*LG4pa>jJ{!7)4r16e zMc>Drs@Bq4$pMVu(n=OvI1y<@Xk!Dw5ReZaViaJv?f3n6Q0i<$R_3z65Z$GL#VLc>9_UBNyeRtQh(Rvj;^EA z3mEGF0LXM0XC-~H1B0nt2L!XMzT~(X=S3A;)n!dM3~qbc5JQDU?FFZ}_XQ127-F@Q zQRYX6==2$@x0bP~Dnlz2jh=%Bh;9YsU*8r;$lNfra(P*D3nLvjyQe2S&m8Hv%>l=Q_ata|h4b@&t6RTTq&{B^&KttO8_~^T5gW5$(YwQ z+jVo+MkQytmX*y~?7+5c@))ShN@p2kc7|CNbMsl2se~2*`McYNQpvK7N*A8;10K?D zZ#o^cXQp#JVuiNJJ7;Zn=%Fcb7!URR^#q2RY^fdaHVC1Q^-IhFkh6s2o+*oW6kXqB z1sy;XpTlsYhZKu7R_{5OQC@t>>cz5i1a*k{J#Fw-)fuYQl!l>YULO`%vB8{S*=gO5_ zSP9oEb7@2jDW9`W(pD25kj2W>gqNJy0J3dmY5wzINkE#F49ori5L(qcrfzN?mjHyf z5g_)CkDY?&w0Aw{Y|%N^6BI<0byhg;v%L}T?0WEm5nqacSTz3$eVy^m36QCW(8ZpL zpgxWvoChs6Ssga`=}TTT&RJua;zw0}YE(IH_)|lrjny)+4Ffi$_yI5YzURPwra+df z0m4b}RzM&>5r`YQ-4j{LHoI0%?lvoPuG{UpZXPfyYhlG*L$JU|1PKd6LaA%zD>V5T zb`gkt6OdnBi6JJcT79Qb-~z}#D?koS=S;`p2_Sa_5R2@H9{}P2*3w8US%^P~_WOM4 zcvlCE5kkpzF(f{YA%lTx^cr-v(=w+2TwHBfUD}C&6qmsxMnINe9|I9k20oT7UQi7~ z>kSN}z>)y+3oThPq-!-dLIEW2h8r6jSqVVoSs?DlMl*W>h;3v3U8ph~NFo~zk(IO@J(thXB-WyN?yEa0Vy>NQbpId0*czDQ(UU+nb|4J8pAF zPu%DsLj(0$_5a!F_dNnKFusFoG>TOx0s=&_R^%Z^MzwKTMo=$DKw3U8QYb%9#eF^; zIP4T2lwu7v{&VfJ-n$-1ZVuBYed&g@WDyW7TN0M6xm-5_5=wcoWPO>l?6ljIb52yj33LMzv2D}sS(sQtRPCyXUJ6?j=G0u70 zb6A14z33S2!@!P}fSG+poyR6;Fz9z?fXoDSQq=EwP;+QKDjMH9yy0^IX#q&0%jD{8w6zMoGwv}JI+oG8fzHm_~gYO+x9}b=%%tlu=;4LJZG$o2Z++ z%(XJI1rLFjbXhnK>bAuY<*`OFd)qoeD|9P^AqO&mV3d?00|sBeWF;0$ZIK`<`$14D zZF+qV$z3T3*7fIoPw{Y^`|bTcxd^@mL0ebWgT7Zo%2Df&bo^=)mcF;%C-Hd9Jz)+{v{1hB_zeySH#jb1Iaqn(o_ zR%`62&{8`pHA7WQEsHjesGtBH*?Tu@O8izuyVHhGUjH}R94Qiae8q^czA4Mr0!^sc5CKbz&C=SR`@0(Pl~~*8_Q%G6gbQTpSmwv`Kk4(&Lv3y=2nJ zFc}%?kqS*48=(J;K;HX>ii6IyO=!O?+~O$@wk= zdH557pdNlL5a~@bF-p?ZE=?>F$<^v3+20-r6=|bJC_>ehv3=T$ghVHq)*{DiR6-bk z6bL@1-VmczhnBCXdKE2G%hX`0!Y4kWv6@)lq6W4pkOi?!LPJ@LC|! zc($h#D?uiog2=^p8fJJ%<8|%rf$WzMw^2Am+8)iTVjg-5?D&LvpWt|TOgE&=y(o}%1CGI4L%hK6{;O7i9%ne+KF?BG``U9`^d>7 zr%~29ci7(UK4*-#m76@|S|H1)BpPw!J3egGMWE1@eWV$2RCUpzQW}qljd5j%JLu?f z#`zIU)APhG1Hnu_{N$U3`P=WZ9^8BVm|m8pSC=jVk>=bSO}VvgTVo*G%)&&c8M86n zmH^`BWZ4aE8+9*Cz8EH@yG-OCZjObr^tK+d=Yw|-sKjDYVn(86TA;0 zm1X9>y2QIahoFTW~dAmZiY|K6Hkoxkmp1-bkF%18f!ckdoPeLAybA(z1P zgT~*0AtKatDJQWo`4w9L0So|XR;U=6$>s+-87CkV8v31)vxfqEp<|ut7lFL-q`t^sJa3nZC!E7~IwL|k1@ije?mrY4`}fCJ zJOqMloaP;Acmza4+j8m#JfwjJnS5$#K=xQ`km7ZaD;oaN>2mD)CF}mDzj=zcBkylL zT75GA0`q&jS{8`>?$yfIAARt_C!aKDUlBoqC%bNC>>;x4<~K0YSr^IqED+Li;f5Ol z3A3&MVpG}oGLSExZGHNIkUx1dE52g#XmOS(*jX{`lF}2cOWjKKxU1nY=>CR1uYwb6zAMumQx;_b5*pJs&wds_n&CG79P# z#2NrHTm}?6)9k4PkdL2z@%Yn^zFt{*wYvJ`$@>p(?I9rY+ZT@>eFbSsGqcxqrN3F( z36L<9;0J`lW_Fr@%#DGNhDxwBi6LVk-K#+UvbBXvk$gd~Wlbfa6gqm)(E&uc10egT z?K!A#^$RFA9s(9y4ItufqLy5ZiTuU)YUPN z(Tu@3R;0KLC$gZF{G3_wIwccQ3stC)>FH|V zm{^%Seh455eV>hENC`l=!&%|%j^9y4^&X>{_mSl2v?gYl|oB*=6h6DY%X1=nGj`7cORAkJ# zYgnl z7zo2trAW0DkBO3|8Bqo{Z;`q%gr!qf!~>Ltr7K-Jbm)SF#D>HR@Bl2(g-75WcnZ$G z94F$afs$kBFU7XbiK^yHe2(>d%wom}BpktyAqprC0>V;p8wh`tTR}}9;Z2QQaF8vl zxf-uYf)yNHK-?1$5)f8Kt0(N8gDRsQtTO7PkQF(Hx`5dKi9pCv%?3udK4SfDHK>Fv z;wHnTX&T0q_&S){^%+=WF=V#>Rw9sT>!u!-)O{en{BR50o~RGRK0^q^^Q^lPMG=fO zCr~$s=ww^;0%7-idwq}*F)gmR$wprg#d?5rs(;8*aV%`M_JPQVa|i-a2&7wVw&sY} zAb=F}#6Z+QZ^+RAVf|#t`jz_~i~k(5HgCfFLxN>WK=i5f{*cM8_yUq%*c`BTqeojv z0fkMLf2R3(8VU$Y=Z~^LlErMEB9M_jTf-bljt9($FRKcHz4jrv3cF5^FIRd zc&KoCzDOcL9>KE62}m42JUh3Jgxu_F2hS|#5H-@peQjS63Ax3tyIEchnA9;9DSh(- zeuP9uQM9_+rdM3UL}GU2;g|Nm4Vm>1~y>j+F5KREP)hbv4j0_ z=wV@Dt9Bxs2uWdc+<_q6D-6DYwJ%_6ZR-n|!($h(n!xU_U;f4BgCq?R*uPy?Y4!S& zj)6H&4&?Tx=SWD$W~e1gb+1+N{q}ksmv^U3gy6cjN_X`3^l>qY`>*E)31MNjqfM9V z&*|!H43DetO^m>AV*~t<&b~qBMu?YnBgR~zC4^9z{<_A-7+aY*pUq<{6uE*;%&Iw%mqS_!0M{XjQO3Iab6mO`UW9Gin(82%viNy zAO^#e=<{w4u28|_BPyRw#_D5x81+L#^ME{l*fhU=XhS_k=*uUSA<6ncp{cP=xwOUS{XID0*xVWbv{e#=4MrLehV~Ljs9U zUV*4wf$+Yc7KrfhM}e08m_eR>WXr<%Kp;sHX0$-?r#d6?MO+0!17^#5yE%~Y{AVC? zUm*MpY3(-5kKr>!0)&m9AwS9kurg(5h{(kZ0XsvkBX+-O%MuV;LdWgsvm0s?`lsVPh?G3rC6t(_!5^`R3Ufk_8|vwE}x64Ip}nv(EgWzYsG z+5tJMLKA*Tcy5gE4>9G&v6=)%AukWYu>=JNFb(Oq=i#S%r7oaVO6xgw&kooOg@9iz zd}W&kMF7_#2aS!uDLiOW>xeZqg`E;d>3l7=J%*;-*R?>F;VQByUzbJEOs)jZ1$AX5 zEPdwNMUb8Dd?QsWSJ$ zJJZMocMfvHHhsc3w!_zDdDH_fqs_`ii3R{IXUy6*5XJGasWRQcA%U^zqo2X>C) zsEb_+#fx~*42BHm3LRV!QK59umeFIuWUw|vhd72V!6anPs2+baB~CKo_nKhyj1KOR}u+uP`0v`Hba8K7vA+E+5KFrEc)eQlhrTxZ6 zR#N}zyd3~yZ85|^gr8pce*;qS_GZf0Pf!JwW>~S3uNszq{ib2je#35_J@by z9GDG9m<-M;fjk$%Cl@>3CP12p>Ao!x1_3XZ3rz-GElQq?0Qr90d=yA=Wa%sKj}F7q zJihYFqAF&;mc-Ec^5*&K9;xYmf3hJEZzq+I@h}a@?Y6UGBXe{T#6W;h69ym*1Kohy z3;-s#kWbPX(^E^N3Z!&o`Fexc)vKuMGStCLR%G&o03Jqk1Jx!#ylF!T(c3#qqynUT zWbNJexSfTO>k^uhBN(ylVOFhVYX9SGpOn7wK_q??`#P?4w&03XisE*H*qa{a4pcJtn z8Uy1#0VKhTx z2w7K=>YXv&Q^zw466DoTzpB@Iez(0t8rSiDQPn03bg8z1_l*E3q$^f zuJtl72p9oTAs_@)nUER=2`CC2kkILpnpKWvGIBL+&kH8_BzL{)-vm#Mn8SuH)BgOsx9J8FSKnpb*HVkvZ>aS$m`Zx zUs}Bqy36cst+nCNiulf@`-iT-_zrIPFe3ymVf*MdJREx^=0jTDSlh&{wrpJl8kiZt zS`lkwDqXD17+YbA`t~26gOQmFcJ2wGam#oWh}^dQ(CThsQ5QzL z-zHBQ{{R!e|I0US^t-Pi7hkY5FNC;#x^=?!ihGFHRz%ZU$C}l_b#mPeMw{3+FO2G> z?yoH`txUL@h_`DXM7ELs^s}GLq%4S#gAkNj9#Vd7S#4CyY;tX6Aln9PGu^DUEXFpM z8rOwPkhHfiX(-lF`wX(y84-dK0}@T0Kkt=D9WqGvXb#v3Mbfejz@lacXV|`Z$z!IqJ zCkt_ZV+Ftx%PR{o)epg-P1h)$!GpEUbW)GpvMRS$RMTA{0F%Ff>#QHIhQI-PBm^SF z(c>bE+bOk7n`jm4u{LckJEnDCP04%twSgTITV4mMxK$IqD_%z5J3;_fC4Yt~`o{tno_9=|xPZQH?g-IACfLXBf|KJKa^}0eKR8(kv@M=U zZHyo0@IxhGAYz@FRm6g93^Orkor%n=>_(YY&vlQygAfh-D0G)MoRqTmsmJIIuZ>}G z&$DLGxyhqOWeLj0!I-?tSZKhB=}9^vd{;;&c=QA&h_ey0r%@Ie-EisZL`G#_MLG1W zk$F#&K8%bJ!3bR%qE(KR!T6pK#?x=ylzrD8cVg&->;nWEB0eIR_>@qL2{h!!?+DgW zSi;lrWIplG=dl&!6(J~qvDWEA9E>82e2fV3C?OR2jzAoYhOi+NBV}MMs_cloSA<9y zYyE7ls2^YyReKo4*ufluAO|DFcU&Z`#{p(~fZZ3uKK_rp?c#BSJX#IeZ@})@z`Ngf z4VL?d+l5FxirqZKdsT@1?vu~nIVEM?haG6gFgFjum?aqB7s5FE_6dBw!n}|J48IPx z-;glbfFI}|enklJKmO`{xG3x7QP%l)ayS-p+z8?bxuXg14lzXT@5W;xFP=Y#%jD*Z z`s-i>VB~+n2rTXkLE@L+K7-r*&DRj`xM75LFuH$)@6agrj)dHN{q>h{f4~b;*5yKo zD$BCn2&NJQkK)#DkayG$Mcs#=nOQ>}d4Ld-v_MO$M)lNX{ML@-bucGHAfW;FTgY0o z5pvY%;9z~&G_G3EN|!wtKWYadsH*ck`Uqx-kC?LNh1539b6>6Mj1yFq(T%})Mu<|P z{`EUYHRLE|9W}JFd7d*l)hk43sBL6@G9yF%37Gi3@<4s%0On`_s~iji3={7}A&|38q}?Vd-wb!0}!%sgZV z+r0|jGtnNlTVP6n=AI!lLS||Rz6T?BVPp?;Yj#V7PZjd0H3W0nV^Rf~o04&s`54v_ zHButd0Amluc|zcMrgBDb7>wkS2;p(ykxFF(UIkT|fcPVF2MAyTh{yv>!laRTLotyF zeuI$NQ5F(`AVlU29MCXe7+~Apgxd|+F^Ov8ydfCL9^)AyXO6O#c(svBx7`GX>7u6|jY|hei>38Q=$I%hfeGuXtIo&g*N_WO z13DH$kELQxwNY?h2*F{rKTopQqi*YCyhCe()F#LUqs~3}6 zjwl3}6QXVPo*4?W2H)4q^UGeRE!tP=+(ymUfF5W)#pAOs_bBTtn&tSIemaA;j$wgb|m^7D4p=tz$bO{@O+4zae4Wbc{Z{sAHbK z6oPmKLR`<}2M~S1LCD&0SsGDx>#m`1H9}rn)IrE_W$JEZ8=is?Hj=6^aEt~wRBDP? zvp?=qmSAWAAr(`aJ@1D1v?@j>9aG%o!&S+KvRp2vHwZbJ7|suS9~dDXDlO*qqF7Z$ z&$H!*uR0Heph_=_BrY14>H`~>izRf=9c}pBl=ablAzT#;TeXI(#mH6XYN|nQ1BR}T zfH`#RgKeP?BTMlmLQ+@Mp+@?xMQqvgxJ%)P>fHvIs$8YZA|LFi0k$H%?)+0z*5ghL zNz5<_rSw86h-f^*8XPtPlS(zTl9;ImF;+E=l(&>HLC&oqKe{6Xvj*cZmOfCaXnX)d zlMFzOA2!vN*@Q8`1i%=%WMYT`fJv+bj~n7Q0{(|WH3WLAU;_j&-5Im2X&g+91kVV0 z+*3&p6GOV2BjMdNcKeu;m+Poo5WJs0kq6AwH;0KK-odD&Y=Ou%x`!Q@TNpimV)(~{ zkS)NYcVN5TY+Y>+S(YS@f2L{P0tT+*V)Ga9HQ_LfqN!?qusrX(X*r5dtS$ zD|9goskbZyzBVK$mu@zSBX!Cs3ob`^io;7`45Be(^FrWq1VJu^RZ;qug}|km2_nS9 z4~-5=(GcY-n~xBev;H0s5>fw;k1R0td%A}*5!9TEjHxNzhG#gHk4F7+NdB$EZ13&ja^DP#;8x|Kqq z(Em`s%Tbk(_}V+{XCnkgJX=rC_wIC`E@px&4?zNMP@#nCjVNTpJkiL!<~T*A+aXZo zTDQ4383P$7Aae->nKA}R zGRJ5y&`bMQJD<)1$w-qVYjp@bvU@vJ#1q2>NE;;^vC>XK;F0s~vmi3)0rejf62LN+#(>R&cVij^XA*hZv8HL|%HM%_YMOKwh~8fk!^_ybUBvsMb!0K$ZU1B!sM$ zQDVZc>I7MB6)s?kqZ^bEQ$Hk$xxK~7KL~;j`)NL4-eeSHG02vtEL-rDrg!Cl29Y6Y z3$>=f#cmZtp3^u4?1T%1U#B4Gj=cX$2O)H{HjTTaOB!|iO0V`yHi$z|m>8K`K~`Jz z*?DAlUa7k9MXfX!Cj8Qef^2rNw^QU=2a#3xWDRo(g3I~)9akp-WWwk{8s-)x{GNJ; z7jO4I+;V?ZNQgt3P`5*{EaAboo5KLI`=rerg4hRPq|?tKWLhXihAoSz-!ve1?0w83 zSfgn4S`c3-gc9?uizOYyPLW?R%vnhGE%bam8jqg29fD^y={AZpZ?Ys83q78iY;EfS?M|BRfGh@G_UC1g zb??mX*$>Uef=cyUd9hOwi>+zg%0lFk>Mu#GP<7-%*>V85yq+h!)3?l=)M zUnEu4drySu%X^c*jvXBTIP!X7I)kV8>bcx*y|Ul$=j9or{J6B^l3}BoBh?N1 zt9^qm(qrJcEB#KFEHc=9ulg(xWDiAsoK|E$eo}pH_IQTB>@C?yk ze9&ac!W?gALf5vD^?Dgt@O%Ew=Kj>_ zO>74y+j#Hz!c+H`KF#cV5Td?V%ZixE7NgmS^KdhwG~BWUQijH6nvbY8W>vycdX1ph zqq9^x{>eEVpNXKHjnHqIUz#Dnqi0Ber3HcRSysQ>agi-SfShq(23J;p)s+TM7~J6K zr7IfkU=0Bwm%GV(+OyX*40&evc*y6wFxzpybGR_oI80V%uicPZg@hE()JY=_&xzFR z)QY1K-IDa=JU)qrxbDeVW(b19u_=Q_JUUOU^9DZ|BB?e*nlETh(lNBZ;3b&lm#nr6 zyj%rVNB7+BAn0EN?u95#fxFV&7lQ!|RtE;J?TWMs^uq~x5>iSn>tk*0Pi=lVv3gS{ z$-;Fq-__>trqg)7LFgNA?*mgcNlk%Wj~ zHj9R%go2QqE$Ei9Fkd7maWsSX7bB$G?_$EO1(r8JJsJ$IK7fe25Bp;fvYgt}HQj|LYoFf|;(X-udAOS-bH4{g;eWM_`x8=CbO^mhZDNg> zUW1TE68^w8`37Bn=U-00Pr8H#cB%uRhc6>QOVRGm)%qH}mElQSux#K+$qDs~Q8X{_z zHI7qgcNm)NhL3a3&s#K3>6ma3LboDC2!`?4ibph$sdX&~X`~3Updn!%^6SPIY6wsc zA)05k2ikX1wN*j{uG^NPz7i!1e*J^nx2)CSgcx;BIj3P}gcQ;}-`!Aj4BngeEZ-3> ze`kRZKDXBvME$^n2j`JaDZQ1L%ML?ZdZNY)G5TW^X zqjd(6Z;j(TV&aSl8dB0s9Z*Xi6+i8j%~3nhG_BojN_gRdrG7`F!ljv6*KP=*?s&k!OrWbXkZ`r@c2-+M7| z0HTow*;ft~rx-T3Z%cWWr5}|EP5YD~PygoF1y@o6Ewua29N5a8**Mogqg8ITpQ_4ax5aWzDqeeq4nORplYL5Ny2IGsriREA`R@A?7bn)*U!R^HfBQT2&7NOQ zga(uVsXNZA+Cu z*T<*LW3?V8zFG6qcP6EzNZoOkul{h_#5Gd?j)c|QzkT~vIrtxKcWA>f5JLeJnVsZP zOP20v3$s9FDd3lQh3*iAhX&sQ9U;SYfmTtXD1mMK;E_+hb?zm0wD|oPu>RF>-_(tOV={cR5ofFR&WGK(>9ql*aQ&^`|7krmK=~9 zzE}Jwn4&B+(lrB(`22bx$yqI=jt&87kcSmd$Y@N~mjiHg$=)uz!j18PPf7EDL4FL7 z?;xH-^6|!i#LM30#2`6+Bk}KmKteEw_@^w|CFKYJI6)D9UYZlwJYy%K&XXIijOzhz zuDcdc;6^~GvPZ7S(JpCprWz~1X=$!4u+*?BR&Lk@+3pI8i2Ceg9#Je(dpyIo6x7dyNFsWU2^M(!qFa4!F$RI8R4F81K5n#3W(33H$Gc0l@`T)6@VFgfUA5jFD05 zBa8^65s)0M^&&c_MTlb*!Hl=+Qw|Y8T~bxO8{)A%C}L+;h>ek?#p3(tA)v#H>5k<^ zn2fC8W>uk>AfPxDx0rtMb%c1-PFr0B6UPghW%U`8nPU9AUq?SFsel4+o$*Kvki>As zT$dwkJ|A#wJ^>F}cPvX)hjulh7{{KNF?Nk~F{VroHOt>IB3=Z77u64xO^Yf6jFPnw zYhH*8)ldWiKH_YEApi+9XvoN6?AYjr#X;^_ZYv}=3kY3&x<4FH4kOmKv@W#; zgVBQP%0xUg!xx*`2pg^~QvwYxJnizt6$rk2Isn>`T^ZSmfMr<`=u#)bjL68Y&11us zPr8WbIeOo7+vP4bfJea({^G6Qbg`_+*kF1X+3uVbB98u4orgP*i~5$E)BTKVa~Z|O zxb4npVcjlwF~mymyED2Ej%08I5Nx>wH>{&csFatY;%teBubvcMj z42_vIO7LE$RBu-RtNZ?Y+}r$-g7d_0!-y6dW@Mqf&xM{>GqUQ)t|^Qw1138Cr7nBt<`c&eqU zs^vqzn3rGdZ)JBw)Y2YP;JGzR>xCcJ^dWOIpd6j+-Rog`l+{k%lBBzwsaHRa(;nOpJM5>qO^kx&{z@%+d3;;QbF;HfWwmQjb5f!b4r^WwdO^Z|G9D zotCuhcN7=0roL;Gy5c=+&5AH`(%=}N>p@cod7hx=Ys)$~$__6obGP5`-#j3aPn**1 zZL@yg402|$>2>b;8c?4ZQZZ+ga?{ZYxvn8B04_rMdS%zYZ_75CN}Fc_cQM zgSO=VuE{f2^ilUIYUzWb#!NrphOrgy||^s6Hazo4yjHXFQO zQ`J*{Q>B!H3<=~$Hu`7=KQ4I}nq;M({4fv^B^)j7Lz2_EB_YH#Ow+1sJtocQJbOplT{AlSKTSMw!3Ob=ev4#e|xi0NF` zvmoeJ^y8hkJ^Z5l7YGPGJB?_wb5VYCygYmxiOrgIKnQX`*8*LDa9r(ULQ6Y*PSYP7 zr4{k}A0F!u3tC$0aKH7$bk@_Al;Pi-5Lrtiy%JUL*}y4 z*;?N@^zPrgkXG71bd8KmNYfjLn0}=P;$fG5Om_z2$yUJ%f8TZPblYXWwFe8>YV7j@ z;qkf^wF-N|-@49W^}jx}(zE%&F9+vUx40~vd=S(9brrAcAtH`CcyVF|6v1A`8|7CI zcJN(2XfN0D{DPiISC(#5LKv@^e%0tXOTDHSyeM_WhDz}lTHjswf-^n3tG#*4gG!*TFn)sLmbB==mQtw^)rZX{Ni%R{ij)U-IOdc~AEnor^t> zO0Q7*w0?XnJ$AIy5TQlWf1(AAZfkkyK^XCG8+g5^?K-8$PgbJu%MnKHmu*P4I77aB zf8#v_FY1ycJw^+fBn`th5IrN^Z%g}SNm>bODu+06S&GDl6tzl{WCh!LN2)a6Nmq?7 zMFrKTJX+Kun$z~Rt+X$e2awYR?O3Z6)$pzwZd&{1Rp}Y#(TwDIQWbsbE$Q7EwcLA@ z4nL}LIbY5<(|#*mY3oC+#}N+Cck;T<9=>&L1)h_mJZ+Y|@?|@n*HkC1YtBrXONm4EyG^)X(dz2moFPz*g471s}aJt z)R($f=ta$PK7Gj%yzoP1QPTAupOYlB`$?DYz{2FIW`0`@6$d;j<#QVlhH1J-nu`$zj4#AERtcrQE(WyQ*|C=Cshxz z;$qu%QYitu3SssX_7~!el5(k0Tva%bmhFg;jLqJ(9h)P>o>hn~7>Zz|d}Lqw*s)PY z;XvGW(g6mkdcCgjG_$&@$i_uQ$k@bCcxN`n!wvLs`;p?Zw|3*=%56gryv(i&)Rqy- ztX2dH{K&BR_G$<|6CT*HUBTrMLlqIjju1y&q4c;|&y@QY_4qhLzygt7>^!RQvW#%% zQANfa8S7#Ofh|NGT(C)FdsQKhLNX}@R-(NcQ5Zl?Kpznfrd+QG*eF(P*-6QWL+#l* zm|V5pjLQQ&!bU*CuFJCQI_}L+>X=dtxZ%cL*;tF=gX12;$$K>cF#>mrp~J*6MIaTA zvKAT`W>j(@VFba9&CELigpFxa3Wg|+1yI6AFvj#^n>cpIw3+b{CNzcx4URR)gqMgS zjwcEH*Z^+nfk@kCB;r^yu@LK{v9XC89Mj1x(8MSuD1nY)hz(;H7^~rtV+2U}M4dqc z5jG8;Ppp9L__}#S6BFg*zaF}|+DW|f2~IK$>KHr#8H2~d8j$>@>2sinm8hz60QGx_7jT8T@< zWKd#xN+ul+k+>uUIycOa>13x@GBQFt;>bK1OT`b|2$Ud@u>#4+EEvLcehKG~hU2sX zaUiGGSQppbM0wi$p+ChofsPOnfW8(rcG8p)y{2q1pi`15OlhV;t_3)8FakJ<0K(VZ zu;~&c$RxwZ=>-l5EC(VP0Z2oD4=fG^-pvC-SPmv%9V~}&l9d=}Rv?IT)tL41ND5)Q zf?^ep#}@%*=?vo-+kFm;h2s$6Nor5NY?$F#4hC`aWrTUu?(YKV)BM>2|AXElX-UBI%fzz(P&?7DWH+{zAk0^+=^q=csanP&hp zwqk25VJ4N55wcg~mj{7`#R1cXttgNQFl1u}PO!nIOE?60!dB_6{Pnj*7h!oUN*`FV z(=dGshA_^g>h!@bwqugQrtFf|a<^y`%qC5pi#oq3^%;{8&aegK3gDDDDdMon8O6FS z6JnGsp*&!27?YsF4?VHHcG;3%5eUy+DSL@qrRLgmYFZQ^spgy z%)yt|8@*D57t@ZE$9F&`LU>Vyk$gB`L4zdY_(1x^z&^N@a6l^#GBk7KrKj@`^SndMF2GD|415J;%g(X9f+ca~j=ESFPuWv`SV8N9C5Z0b!(@ z9Wc#~x&f5q2tNBE#SV~*PoL2n2LvzZQFB#E^y5zb-3LU7aj#xX56)m6^7EH19fG=Uh0S!ZG^EQ9U%U=#p3<<|dO$cjrxMiK z>b@R`KW*H%`1WvJg|*X$c6qmGMF=vaFE*b4zCzAA6%F2zoqX`gN<9M36Fm^iCF|>F;I~fLlr}g*nkU_M_PN-w%3f(45Iuqn z+MqZ6cj`ROSyX&c>x(bub_U|T1M%qD*`LYGkj`A5?L=Sg_&Dd)f0-4}m+gedN-{rcU8mvc7XRC+xSh?HccMd8{Jpo% zYFiMHLN{D|jZZ$DOJ247^>-Wuqgd8n-yQI1Vv5lLqH(g-uMVT(ft>%S96*g6yKnqzZG-kLnxIz2b*^wAi%5C z%)D2P5c+aYl@4%I`i@d@ea$Lod$iOmtYs$|5{U)#8NKNq!s^LzSUr3b7S#O%dJjqv z&(2n-=$*MYm05X~>_b;-^mT>3}DA@$=$t9FT9%J->Os^yg4a4`$40 z5i+DtYbD)pl`5FN-o?2cMe{L_&(;Rb@}Te;fBbATo(^zajcIDZ(ux7KG02cSS}3)3 z5T$dLklD1Ny@z56G9+BA&JJ#MWUWsh+=Hw_Tx%HuvhjP5oOdce2_H?RI>-%L+ACHh z`_R&sw~V8=7kTdI@5IgJ^24SUXGn*Z15vBgRJ`bgh|osXWOdoMwqlpeAO*H&-h2ZUgz$7-dKKcP z4z6_RQWOh&TMZR`DX9>Ug|$@iDGU#8^b_tn1SEciwr!sMVni|m64=KOpv$O?Eepx0 zz++hvsI15WZ@2;@P<#%F6|e)^29tLMf?URfO+AnWjAU1kc|j%^cpR2NMkcb$6Ov(W z44GtH0RRBOtYPLLwvLV1499FDLynL7g6)pLH5)^YjWFmS3GfIw%P20#MA;!h23H6% zn8;ujfGacW&|`B>U}wfZM`1w7n4oH~IRGQZ25_ARDQ6D?0yMZmBR8rBoO!;>>&k9p~*R9^rlY`hu8=1$p;28iH8sYDPUmM!e{(rC5pL;cFYDn z*1#TNMU)XE6R}7l8vEnO*iB-MFcHGV;$&imv;dDI<-lNT@UeyG1X$%)cCYFo!pe9``VxW|5_GAWXZHCAqhIxjC$9KOUX4J zOgdv?8k7+^k{byTOh$uap^4ei-*{;1o12J_`BOc(rXmPW&?L&&VNVzAI?Sm-)=p?{ z!u&tAvx!PvmAGytZl;!!YvOa-Pe_8OBIW*9EbMrTEGUr5^Hzux(A1|L7zLUFaV};$ zmMr*l2n?v@nKjw3*P-+n5Cc@D^DJU}z~t zJ1`0?4FT-iAr1f_2td)o#{F+>V$PyTF}xS4e~d(w-H&0(j3&$tSqIkk0iiCo-SqvCT7M#14aQe6999SUnert*{%Qp N002ovPDHLkV1f$s#LfT! diff --git a/experimental/images/vlans-deeper-look.svg b/experimental/images/vlans-deeper-look.svg deleted file mode 100644 index 96cd21d52ff3..000000000000 --- a/experimental/images/vlans-deeper-look.svg +++ /dev/null @@ -1 +0,0 @@ -DockerHost:Frontend,Backend &CreditCardAppTiersareIsolatedbutcanstillcommunicateinsideinterfaceoranyotherDockerhostsusingtheparentVLANID802.1QTrunk -canbeasingleEthernetlinkorMultipleBondedEthernetlinksInterfaceeth0Container(s)Eth010.1.20.0/24Parent:eth0.20VLANID:20CreditCardsBackendContainer(s)Eth010.1.30.0/24Container(s)Eth010.1.10.0/24FrontendGateway10.1.20.1andothercontainersonthesameVLAN/subnetGateway10.1.10.1andothercontainersonthesameVLAN/subnetGateway10.1.30.1andothercontainersonthesameVLAN/subnet:Parenteth0.10VLANID:10Parent:eth0.30VLAN:30NetworkotherDockerHosts \ No newline at end of file diff --git a/experimental/vlan-networks.md b/experimental/vlan-networks.md deleted file mode 100644 index e1ef471d2963..000000000000 --- a/experimental/vlan-networks.md +++ /dev/null @@ -1,632 +0,0 @@ -# Ipvlan Network Driver - -### Getting Started - -The Ipvlan driver is currently in experimental mode in order to incubate Docker -users use cases and vet the implementation to ensure a hardened, production ready -driver in a future release. Libnetwork now gives users total control over both -IPv4 and IPv6 addressing. The VLAN driver builds on top of that in giving -operators complete control of layer 2 VLAN tagging and even Ipvlan L3 routing -for users interested in underlay network integration. For overlay deployments -that abstract away physical constraints see the -[multi-host overlay](https://docs.docker.com/network/network-tutorial-overlay/) -driver. - -Ipvlan is a new twist on the tried and true network virtualization technique. -The Linux implementations are extremely lightweight because rather than using -the traditional Linux bridge for isolation, they are simply associated to a Linux -Ethernet interface or sub-interface to enforce separation between networks and -connectivity to the physical network. - -Ipvlan offers a number of unique features and plenty of room for further -innovations with the various modes. Two high level advantages of these approaches -are, the positive performance implications of bypassing the Linux bridge and the -simplicity of having fewer moving parts. Removing the bridge that traditionally -resides in between the Docker host NIC and container interface leaves a simple -setup consisting of container interfaces, attached directly to the Docker host -interface. This result is easy access for external facing services as there is -no need for port mappings in these scenarios. - -### Pre-Requisites - -- The examples on this page are all single host and require using Docker - experimental features to be enabled. -- All of the examples can be performed on a single host running Docker. Any - example using a sub-interface like `eth0.10` can be replaced with `eth0` or - any other valid parent interface on the Docker host. Sub-interfaces with a `.` - are created on the fly. `-o parent` interfaces can also be left out of the - `docker network create` all together and the driver will create a `dummy` - interface that will enable local host connectivity to perform the examples. -- Kernel requirements: - - To check your current kernel version, use `uname -r` - - Ipvlan Linux kernel v4.2+ (support for earlier kernels exists but is buggy) - -### Ipvlan L2 Mode Example Usage - -An example of the ipvlan `L2` mode topology is shown in the following image. -The driver is specified with `-d driver_name` option. In this case `-d ipvlan`. - -![Simple Ipvlan L2 Mode Example](images/ipvlan_l2_simple.png) - -The parent interface in the next example `-o parent=eth0` is configured as follows: - -```bash -$ ip addr show eth0 -3: eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 - inet 192.168.1.250/24 brd 192.168.1.255 scope global eth0 -``` - -Use the network from the host's interface as the `--subnet` in the -`docker network create`. The container will be attached to the same network as -the host interface as set via the `-o parent=` option. - -Create the ipvlan network and run a container attaching to it: - -```bash -# Ipvlan (-o ipvlan_mode= Defaults to L2 mode if not specified) -$ docker network create -d ipvlan \ - --subnet=192.168.1.0/24 \ - --gateway=192.168.1.1 \ - -o ipvlan_mode=l2 \ - -o parent=eth0 db_net - -# Start a container on the db_net network -$ docker run --net=db_net -it --rm alpine /bin/sh - -# NOTE: the containers can NOT ping the underlying host interfaces as -# they are intentionally filtered by Linux for additional isolation. -``` - -The default mode for Ipvlan is `l2`. If `-o ipvlan_mode=` are left unspecified, -the default mode will be used. Similarly, if the `--gateway` is left empty, the -first usable address on the network will be set as the gateway. For example, if -the subnet provided in the network create is `--subnet=192.168.1.0/24` then the -gateway the container receives is `192.168.1.1`. - -To help understand how this mode interacts with other hosts, the following -figure shows the same layer 2 segment between two Docker hosts that applies to -and Ipvlan L2 mode. - -![Multiple Ipvlan Hosts](images/macvlan-bridge-ipvlan-l2.png) - -The following will create the exact same network as the network `db_net` created -prior, with the driver defaults for `--gateway=192.168.1.1` and `-o ipvlan_mode=l2`. - -```bash -# Ipvlan (-o ipvlan_mode= Defaults to L2 mode if not specified) -$ docker network create -d ipvlan \ - --subnet=192.168.1.0/24 \ - -o parent=eth0 db_net_ipv - -# Start a container with an explicit name in daemon mode -$ docker run --net=db_net_ipv --name=ipv1 -itd alpine /bin/sh - -# Start a second container and ping using the container name -# to see the docker included name resolution functionality -$ docker run --net=db_net_ipv --name=ipv2 -it --rm alpine /bin/sh -$ ping -c 4 ipv1 - -# NOTE: the containers can NOT ping the underlying host interfaces as -# they are intentionally filtered by Linux for additional isolation. -``` - -The drivers also support the `--internal` flag that will completely isolate -containers on a network from any communications external to that network. Since -network isolation is tightly coupled to the network's parent interface the result -of leaving the `-o parent=` option off of a `docker network create` is the exact -same as the `--internal` option. If the parent interface is not specified or the -`--internal` flag is used, a netlink type `dummy` parent interface is created -for the user and used as the parent interface effectively isolating the network -completely. - -The following two `docker network create` examples result in identical networks -that you can attach container to: - -```bash -# Empty '-o parent=' creates an isolated network -$ docker network create -d ipvlan \ - --subnet=192.168.10.0/24 isolated1 - -# Explicit '--internal' flag is the same: -$ docker network create -d ipvlan \ - --subnet=192.168.11.0/24 --internal isolated2 - -# Even the '--subnet=' can be left empty and the default -# IPAM subnet of 172.18.0.0/16 will be assigned -$ docker network create -d ipvlan isolated3 - -$ docker run --net=isolated1 --name=cid1 -it --rm alpine /bin/sh -$ docker run --net=isolated2 --name=cid2 -it --rm alpine /bin/sh -$ docker run --net=isolated3 --name=cid3 -it --rm alpine /bin/sh - -# To attach to any use `docker exec` and start a shell -$ docker exec -it cid1 /bin/sh -$ docker exec -it cid2 /bin/sh -$ docker exec -it cid3 /bin/sh -``` - -### Ipvlan 802.1q Trunk L2 Mode Example Usage - -Architecturally, Ipvlan L2 mode trunking is the same as Macvlan with regard to -gateways and L2 path isolation. There are nuances that can be advantageous for -CAM table pressure in ToR switches, one MAC per port and MAC exhaustion on a -host's parent NIC to name a few. The 802.1q trunk scenario looks the same. Both -modes adhere to tagging standards and have seamless integration with the physical -network for underlay integration and hardware vendor plugin integrations. - -Hosts on the same VLAN are typically on the same subnet and almost always are -grouped together based on their security policy. In most scenarios, a multi-tier -application is tiered into different subnets because the security profile of each -process requires some form of isolation. For example, hosting your credit card -processing on the same virtual network as the frontend webserver would be a -regulatory compliance issue, along with circumventing the long standing best -practice of layered defense in depth architectures. VLANs or the equivocal VNI -(Virtual Network Identifier) when using the Overlay driver, are the first step -in isolating tenant traffic. - -![Docker VLANs in Depth](images/vlans-deeper-look.png) - -The Linux sub-interface tagged with a vlan can either already exist or will be -created when you call a `docker network create`. `docker network rm` will delete -the sub-interface. Parent interfaces such as `eth0` are not deleted, only -sub-interfaces with a netlink parent index > 0. - -For the driver to add/delete the vlan sub-interfaces the format needs to be -`interface_name.vlan_tag`. Other sub-interface naming can be used as the -specified parent, but the link will not be deleted automatically when -`docker network rm` is invoked. - -The option to use either existing parent vlan sub-interfaces or let Docker manage -them enables the user to either completely manage the Linux interfaces and -networking or let Docker create and delete the Vlan parent sub-interfaces -(netlink `ip link`) with no effort from the user. - -For example: use `eth0.10` to denote a sub-interface of `eth0` tagged with the -vlan id of `10`. The equivalent `ip link` command would be -`ip link add link eth0 name eth0.10 type vlan id 10`. - -The example creates the vlan tagged networks and then start two containers to -test connectivity between containers. Different Vlans cannot ping one another -without a router routing between the two networks. The default namespace is not -reachable per ipvlan design in order to isolate container namespaces from the -underlying host. - -**Vlan ID 20** - -In the first network tagged and isolated by the Docker host, `eth0.20` is the -parent interface tagged with vlan id `20` specified with `-o parent=eth0.20`. -Other naming formats can be used, but the links need to be added and deleted -manually using `ip link` or Linux configuration files. As long as the `-o parent` -exists anything can be used if compliant with Linux netlink. - -```bash -# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged -$ docker network create -d ipvlan \ - --subnet=192.168.20.0/24 \ - --gateway=192.168.20.1 \ - -o parent=eth0.20 ipvlan20 - -# in two separate terminals, start a Docker container and the containers can now ping one another. -$ docker run --net=ipvlan20 -it --name ivlan_test1 --rm alpine /bin/sh -$ docker run --net=ipvlan20 -it --name ivlan_test2 --rm alpine /bin/sh -``` - -**Vlan ID 30** - -In the second network, tagged and isolated by the Docker host, `eth0.30` is the -parent interface tagged with vlan id `30` specified with `-o parent=eth0.30`. The -`ipvlan_mode=` defaults to l2 mode `ipvlan_mode=l2`. It can also be explicitly -set with the same result as shown in the next example. - -```bash -# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged. -$ docker network create -d ipvlan \ - --subnet=192.168.30.0/24 \ - --gateway=192.168.30.1 \ - -o parent=eth0.30 \ - -o ipvlan_mode=l2 ipvlan30 - -# in two separate terminals, start a Docker container and the containers can now ping one another. -$ docker run --net=ipvlan30 -it --name ivlan_test3 --rm alpine /bin/sh -$ docker run --net=ipvlan30 -it --name ivlan_test4 --rm alpine /bin/sh -``` - -The gateway is set inside of the container as the default gateway. That gateway -would typically be an external router on the network. - -```bash -$$ ip route - default via 192.168.30.1 dev eth0 - 192.168.30.0/24 dev eth0 src 192.168.30.2 -``` - -Example: Multi-Subnet Ipvlan L2 Mode starting two containers on the same subnet -and pinging one another. In order for the `192.168.114.0/24` to reach -`192.168.116.0/24` it requires an external router in L2 mode. L3 mode can route -between subnets that share a common `-o parent=`. - -Secondary addresses on network routers are common as an address space becomes -exhausted to add another secondary to an L3 vlan interface or commonly referred -to as a "switched virtual interface" (SVI). - -```bash -$ docker network create -d ipvlan \ - --subnet=192.168.114.0/24 --subnet=192.168.116.0/24 \ - --gateway=192.168.114.254 --gateway=192.168.116.254 \ - -o parent=eth0.114 \ - -o ipvlan_mode=l2 ipvlan114 - -$ docker run --net=ipvlan114 --ip=192.168.114.10 -it --rm alpine /bin/sh -$ docker run --net=ipvlan114 --ip=192.168.114.11 -it --rm alpine /bin/sh -``` - -A key takeaway is, operators have the ability to map their physical network into -their virtual network for integrating containers into their environment with no -operational overhauls required. NetOps simply drops an 802.1q trunk into the -Docker host. That virtual link would be the `-o parent=` passed in the network -creation. For untagged (non-VLAN) links, it is as simple as `-o parent=eth0` or -for 802.1q trunks with VLAN IDs each network gets mapped to the corresponding -VLAN/Subnet from the network. - -An example being, NetOps provides VLAN ID and the associated subnets for VLANs -being passed on the Ethernet link to the Docker host server. Those values are -simply plugged into the `docker network create` commands when provisioning the -Docker networks. These are persistent configurations that are applied every time -the Docker engine starts which alleviates having to manage often complex -configuration files. The network interfaces can also be managed manually by -being pre-created and docker networking will never modify them, simply use them -as parent interfaces. Example mappings from NetOps to Docker network commands -are as follows: - -- VLAN: 10, Subnet: 172.16.80.0/24, Gateway: 172.16.80.1 - - `--subnet=172.16.80.0/24 --gateway=172.16.80.1 -o parent=eth0.10` -- VLAN: 20, IP subnet: 172.16.50.0/22, Gateway: 172.16.50.1 - - `--subnet=172.16.50.0/22 --gateway=172.16.50.1 -o parent=eth0.20 ` -- VLAN: 30, Subnet: 10.1.100.0/16, Gateway: 10.1.100.1 - - `--subnet=10.1.100.0/16 --gateway=10.1.100.1 -o parent=eth0.30` - -### IPVlan L3 Mode Example - -IPVlan will require routes to be distributed to each endpoint. The driver only -builds the Ipvlan L3 mode port and attaches the container to the interface. Route -distribution throughout a cluster is beyond the initial implementation of this -single host scoped driver. In L3 mode, the Docker host is very similar to a -router starting new networks in the container. They are on networks that the -upstream network will not know about without route distribution. For those -curious how Ipvlan L3 will fit into container networking see the following -examples. - -![Docker Ipvlan L2 Mode](images/ipvlan-l3.png) - -Ipvlan L3 mode drops all broadcast and multicast traffic. This reason alone -makes Ipvlan L3 mode a prime candidate for those looking for massive scale and -predictable network integrations. It is predictable and in turn will lead to -greater uptimes because there is no bridging involved. Bridging loops have been -responsible for high profile outages that can be hard to pinpoint depending on -the size of the failure domain. This is due to the cascading nature of BPDUs -(Bridge Port Data Units) that are flooded throughout a broadcast domain (VLAN) -to find and block topology loops. Eliminating bridging domains, or at the least, -keeping them isolated to a pair of ToRs (top of rack switches) will reduce hard -to troubleshoot bridging instabilities. Ipvlan L2 modes is well suited for -isolated VLANs only trunked into a pair of ToRs that can provide a loop-free -non-blocking fabric. The next step further is to route at the edge via Ipvlan L3 -mode that reduces a failure domain to a local host only. - -- L3 mode needs to be on a separate subnet as the default namespace since it - requires a netlink route in the default namespace pointing to the Ipvlan parent - interface. -- The parent interface used in this example is `eth0` and it is on the subnet - `192.168.1.0/24`. Notice the `docker network` is **not** on the same subnet - as `eth0`. -- Unlike ipvlan l2 modes, different subnets/networks can ping one another as - long as they share the same parent interface `-o parent=`. - -```bash -$$ ip a show eth0 -3: eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 - link/ether 00:50:56:39:45:2e brd ff:ff:ff:ff:ff:ff - inet 192.168.1.250/24 brd 192.168.1.255 scope global eth0 -``` - -- A traditional gateway doesn't mean much to an L3 mode Ipvlan interface since - there is no broadcast traffic allowed. Because of that, the container default - gateway simply points to the containers `eth0` device. See below for CLI output - of `ip route` or `ip -6 route` from inside an L3 container for details. - -The mode ` -o ipvlan_mode=l3` must be explicitly specified since the default -ipvlan mode is `l2`. - -The following example does not specify a parent interface. The network drivers -will create a dummy type link for the user rather than rejecting the network -creation and isolating containers from only communicating with one another. - -```bash -# Create the Ipvlan L3 network -$ docker network create -d ipvlan \ - --subnet=192.168.214.0/24 \ - --subnet=10.1.214.0/24 \ - -o ipvlan_mode=l3 ipnet210 - -# Test 192.168.214.0/24 connectivity -$ docker run --net=ipnet210 --ip=192.168.214.10 -itd alpine /bin/sh -$ docker run --net=ipnet210 --ip=10.1.214.10 -itd alpine /bin/sh - -# Test L3 connectivity from 10.1.214.0/24 to 192.168.212.0/24 -$ docker run --net=ipnet210 --ip=192.168.214.9 -it --rm alpine ping -c 2 10.1.214.10 - -# Test L3 connectivity from 192.168.212.0/24 to 10.1.214.0/24 -$ docker run --net=ipnet210 --ip=10.1.214.9 -it --rm alpine ping -c 2 192.168.214.10 - -``` - -> **Note** -> -> Notice that there is no `--gateway=` option in the network create. The field -> is ignored if one is specified `l3` mode. Take a look at the container routing -> table from inside of the container: -> -> ```bash -> # Inside an L3 mode container -> $$ ip route -> default dev eth0 -> 192.168.214.0/24 dev eth0 src 192.168.214.10 -> ``` - -In order to ping the containers from a remote Docker host or the container be -able to ping a remote host, the remote host or the physical network in between -need to have a route pointing to the host IP address of the container's Docker -host eth interface. More on this as we evolve the Ipvlan `L3` story. - -### Dual Stack IPv4 IPv6 Ipvlan L2 Mode - -- Not only does Libnetwork give you complete control over IPv4 addressing, but -it also gives you total control over IPv6 addressing as well as feature parity -between the two address families. - -- The next example will start with IPv6 only. Start two containers on the same -VLAN `139` and ping one another. Since the IPv4 subnet is not specified, the -default IPAM will provision a default IPv4 subnet. That subnet is isolated -unless the upstream network is explicitly routing it on VLAN `139`. - -```bash -# Create a v6 network -$ docker network create -d ipvlan \ - --subnet=2001:db8:abc2::/64 --gateway=2001:db8:abc2::22 \ - -o parent=eth0.139 v6ipvlan139 - -# Start a container on the network -$ docker run --net=v6ipvlan139 -it --rm alpine /bin/sh -``` - -View the container eth0 interface and v6 routing table: - -```bash -# Inside the IPv6 container -$$ ip a show eth0 -75: eth0@if55: mtu 1500 qdisc noqueue state UNKNOWN group default - link/ether 00:50:56:2b:29:40 brd ff:ff:ff:ff:ff:ff - inet 172.18.0.2/16 scope global eth0 - valid_lft forever preferred_lft forever - inet6 2001:db8:abc4::250:56ff:fe2b:2940/64 scope link - valid_lft forever preferred_lft forever - inet6 2001:db8:abc2::1/64 scope link nodad - valid_lft forever preferred_lft forever - -$$ ip -6 route -2001:db8:abc4::/64 dev eth0 proto kernel metric 256 -2001:db8:abc2::/64 dev eth0 proto kernel metric 256 -default via 2001:db8:abc2::22 dev eth0 metric 1024 -``` - -Start a second container and ping the first container's v6 address. - -```bash -# Test L2 connectivity over IPv6 -$ docker run --net=v6ipvlan139 -it --rm alpine /bin/sh - -# Inside the second IPv6 container -$$ ip a show eth0 -75: eth0@if55: mtu 1500 qdisc noqueue state UNKNOWN group default - link/ether 00:50:56:2b:29:40 brd ff:ff:ff:ff:ff:ff - inet 172.18.0.3/16 scope global eth0 - valid_lft forever preferred_lft forever - inet6 2001:db8:abc4::250:56ff:fe2b:2940/64 scope link tentative dadfailed - valid_lft forever preferred_lft forever - inet6 2001:db8:abc2::2/64 scope link nodad - valid_lft forever preferred_lft forever - -$$ ping6 2001:db8:abc2::1 -PING 2001:db8:abc2::1 (2001:db8:abc2::1): 56 data bytes -64 bytes from 2001:db8:abc2::1%eth0: icmp_seq=0 ttl=64 time=0.044 ms -64 bytes from 2001:db8:abc2::1%eth0: icmp_seq=1 ttl=64 time=0.058 ms - -2 packets transmitted, 2 packets received, 0% packet loss -round-trip min/avg/max/stddev = 0.044/0.051/0.058/0.000 ms -``` - -The next example with setup a dual stack IPv4/IPv6 network with an example -VLAN ID of `140`. - -Next create a network with two IPv4 subnets and one IPv6 subnets, all of which -have explicit gateways: - -```bash -$ docker network create -d ipvlan \ - --subnet=192.168.140.0/24 --subnet=192.168.142.0/24 \ - --gateway=192.168.140.1 --gateway=192.168.142.1 \ - --subnet=2001:db8:abc9::/64 --gateway=2001:db8:abc9::22 \ - -o parent=eth0.140 \ - -o ipvlan_mode=l2 ipvlan140 -``` - -Start a container and view eth0 and both v4 & v6 routing tables: - -```bash -$ docker run --net=ipvlan140 --ip6=2001:db8:abc2::51 -it --rm alpine /bin/sh - -$ ip a show eth0 -78: eth0@if77: mtu 1500 qdisc noqueue state UNKNOWN group default - link/ether 00:50:56:2b:29:40 brd ff:ff:ff:ff:ff:ff - inet 192.168.140.2/24 scope global eth0 - valid_lft forever preferred_lft forever - inet6 2001:db8:abc4::250:56ff:fe2b:2940/64 scope link - valid_lft forever preferred_lft forever - inet6 2001:db8:abc9::1/64 scope link nodad - valid_lft forever preferred_lft forever - -$$ ip route -default via 192.168.140.1 dev eth0 -192.168.140.0/24 dev eth0 proto kernel scope link src 192.168.140.2 - -$$ ip -6 route -2001:db8:abc4::/64 dev eth0 proto kernel metric 256 -2001:db8:abc9::/64 dev eth0 proto kernel metric 256 -default via 2001:db8:abc9::22 dev eth0 metric 1024 -``` - -Start a second container with a specific `--ip4` address and ping the first host -using IPv4 packets: - -```bash -$ docker run --net=ipvlan140 --ip=192.168.140.10 -it --rm alpine /bin/sh -``` - -> **Note** -> -> Different subnets on the same parent interface in Ipvlan `L2` mode cannot ping -> one another. That requires a router to proxy-arp the requests with a secondary -> subnet. However, Ipvlan `L3` will route the unicast traffic between disparate -> subnets as long as they share the same `-o parent` parent link. - -### Dual Stack IPv4 IPv6 Ipvlan L3 Mode - -**Example:** IpVlan L3 Mode Dual Stack IPv4/IPv6, Multi-Subnet w/ 802.1q Vlan Tag:118 - -As in all of the examples, a tagged VLAN interface does not have to be used. The -sub-interfaces can be swapped with `eth0`, `eth1`, `bond0` or any other valid -interface on the host other then the `lo` loopback. - -The primary difference you will see is that L3 mode does not create a default -route with a next-hop but rather sets a default route pointing to `dev eth` only -since ARP/Broadcasts/Multicast are all filtered by Linux as per the design. Since -the parent interface is essentially acting as a router, the parent interface IP -and subnet needs to be different from the container networks. That is the opposite -of bridge and L2 modes, which need to be on the same subnet (broadcast domain) -in order to forward broadcast and multicast packets. - -```bash -# Create an IPv6+IPv4 Dual Stack Ipvlan L3 network -# Gateways for both v4 and v6 are set to a dev e.g. 'default dev eth0' -$ docker network create -d ipvlan \ - --subnet=192.168.110.0/24 \ - --subnet=192.168.112.0/24 \ - --subnet=2001:db8:abc6::/64 \ - -o parent=eth0 \ - -o ipvlan_mode=l3 ipnet110 - - -# Start a few of containers on the network (ipnet110) -# in separate terminals and check connectivity -$ docker run --net=ipnet110 -it --rm alpine /bin/sh -# Start a second container specifying the v6 address -$ docker run --net=ipnet110 --ip6=2001:db8:abc6::10 -it --rm alpine /bin/sh -# Start a third specifying the IPv4 address -$ docker run --net=ipnet110 --ip=192.168.112.30 -it --rm alpine /bin/sh -# Start a 4th specifying both the IPv4 and IPv6 addresses -$ docker run --net=ipnet110 --ip6=2001:db8:abc6::50 --ip=192.168.112.50 -it --rm alpine /bin/sh -``` - -Interface and routing table outputs are as follows: - -```bash -$$ ip a show eth0 -63: eth0@if59: mtu 1500 qdisc noqueue state UNKNOWN group default - link/ether 00:50:56:2b:29:40 brd ff:ff:ff:ff:ff:ff - inet 192.168.112.2/24 scope global eth0 - valid_lft forever preferred_lft forever - inet6 2001:db8:abc4::250:56ff:fe2b:2940/64 scope link - valid_lft forever preferred_lft forever - inet6 2001:db8:abc6::10/64 scope link nodad - valid_lft forever preferred_lft forever - -# Note the default route is simply the eth device because ARPs are filtered. -$$ ip route - default dev eth0 scope link - 192.168.112.0/24 dev eth0 proto kernel scope link src 192.168.112.2 - -$$ ip -6 route -2001:db8:abc4::/64 dev eth0 proto kernel metric 256 -2001:db8:abc6::/64 dev eth0 proto kernel metric 256 -default dev eth0 metric 1024 -``` - -> *Note* -> -> There may be a bug when specifying `--ip6=` addresses when you delete a -> container with a specified v6 address and then start a new container with the -> same v6 address it throws the following like the address isn't properly being -> released to the v6 pool. It will fail to unmount the container and be left dead. - -```console -docker: Error response from daemon: Address already in use. -``` - -### Manually Creating 802.1q Links - -**Vlan ID 40** - -If a user does not want the driver to create the vlan sub-interface it simply -needs to exist prior to the `docker network create`. If you have sub-interface -naming that is not `interface.vlan_id` it is honored in the `-o parent=` option -again as long as the interface exists and is up. - -Links, when manually created, can be named anything as long as they exist when -the network is created. Manually created links do not get deleted regardless of -the name when the network is deleted with `docker network rm`. - -```bash -# create a new sub-interface tied to dot1q vlan 40 -$ ip link add link eth0 name eth0.40 type vlan id 40 - -# enable the new sub-interface -$ ip link set eth0.40 up - -# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged -$ docker network create -d ipvlan \ - --subnet=192.168.40.0/24 \ - --gateway=192.168.40.1 \ - -o parent=eth0.40 ipvlan40 - -# in two separate terminals, start a Docker container and the containers can now ping one another. -$ docker run --net=ipvlan40 -it --name ivlan_test5 --rm alpine /bin/sh -$ docker run --net=ipvlan40 -it --name ivlan_test6 --rm alpine /bin/sh -``` - -**Example:** Vlan sub-interface manually created with any name: - -```bash -# create a new sub interface tied to dot1q vlan 40 -$ ip link add link eth0 name foo type vlan id 40 - -# enable the new sub-interface -$ ip link set foo up - -# now add networks and hosts as you would normally by attaching to the master (sub)interface that is tagged -$ docker network create -d ipvlan \ - --subnet=192.168.40.0/24 --gateway=192.168.40.1 \ - -o parent=foo ipvlan40 - -# in two separate terminals, start a Docker container and the containers can now ping one another. -$ docker run --net=ipvlan40 -it --name ivlan_test5 --rm alpine /bin/sh -$ docker run --net=ipvlan40 -it --name ivlan_test6 --rm alpine /bin/sh -``` - -Manually created links can be cleaned up with: - -```bash -$ ip link del foo -``` - -As with all of the Libnetwork drivers, they can be mixed and matched, even as -far as running 3rd party ecosystem drivers in parallel for maximum flexibility -to the Docker user. From ffe40dc6b6126b488e724ae7cf19b70ce2e4cbac Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 30 Apr 2021 12:08:28 +0200 Subject: [PATCH 049/127] docs: update some examples for proxy configuration Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 68284ff591979005ab6618040b9d62f0d43bcffe) Signed-off-by: Sebastiaan van Stijn --- docs/reference/builder.md | 7 ++++--- docs/reference/commandline/cli.md | 16 +++++++++------- man/Dockerfile.5.md | 8 ++++++-- 3 files changed, 19 insertions(+), 12 deletions(-) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index bc6c746776af..07e6e241cbe0 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -1974,10 +1974,11 @@ corresponding `ARG` instruction in the Dockerfile. - `NO_PROXY` - `no_proxy` -To use these, simply pass them on the command line using the flag: +To use these, pass them on the command line using the `--build-arg` flag, for +example: -```bash ---build-arg = +```console +$ docker build --build-arg HTTPS_PROXY=https://my-proxy.example.com . ``` By default, these pre-defined variables are excluded from the output of diff --git a/docs/reference/commandline/cli.md b/docs/reference/commandline/cli.md index f82d2deb8836..363c0ae5c2a7 100644 --- a/docs/reference/commandline/cli.md +++ b/docs/reference/commandline/cli.md @@ -238,10 +238,12 @@ be set for each environment: * `ftpProxy` (sets the value of `FTP_PROXY` and `ftp_proxy`) * `noProxy` (sets the value of `NO_PROXY` and `no_proxy`) -> **Warning**: Proxy settings may contain sensitive information (for example, -> if the proxy requires authentication). Environment variables are stored as -> plain text in the container's configuration, and as such can be inspected -> through the remote API or committed to an image when using `docker commit`. +> **Warning** +> +> Proxy settings may contain sensitive information (for example, if the proxy +> requires authentication). Environment variables are stored as plain text in +> the container's configuration, and as such can be inspected through the remote +> API or committed to an image when using `docker commit`. Once attached to a container, users detach from it and leave it running using the using `CTRL-p CTRL-q` key sequence. This detach key sequence is customizable @@ -301,13 +303,13 @@ Following is a sample `config.json` file: "proxies": { "default": { "httpProxy": "http://user:pass@example.com:3128", - "httpsProxy": "http://user:pass@example.com:3128", - "noProxy": "http://user:pass@example.com:3128", + "httpsProxy": "https://my-proxy.example.com:3129", + "noProxy": "intra.mycorp.example.com", "ftpProxy": "http://user:pass@example.com:3128" }, "https://manager1.mycorp.example.com:2377": { "httpProxy": "http://user:pass@example.com:3128", - "httpsProxy": "http://user:pass@example.com:3128" + "httpsProxy": "https://my-proxy.example.com:3129" }, } } diff --git a/man/Dockerfile.5.md b/man/Dockerfile.5.md index 57fc089b29cb..0b1fb99a330c 100644 --- a/man/Dockerfile.5.md +++ b/man/Dockerfile.5.md @@ -438,8 +438,12 @@ A Dockerfile is similar to a Makefile. * `NO_PROXY` * `no_proxy` - To use these, simply pass them on the command line using the `--build-arg - =` flag. + To use these, pass them on the command line using `--build-arg` flag, for + example: + + ``` + $ docker build --build-arg HTTPS_PROXY=https://my-proxy.example.com . + ``` **ONBUILD** -- `ONBUILD [INSTRUCTION]` From ee20fa1ec44fd234d5893f52d4c50d10c0dfb4b6 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 30 Apr 2021 14:49:14 +0200 Subject: [PATCH 050/127] docs: add reference for "docker config" commands This is mostly a copy of the equivalent `docker secret` commands, which uses the same mechanisms behind the hood (hence, are 90% the same). We can make further refinements to these docs, but this gives us a starting point. Adding these documents, because there were some links pointing to these pages in the docs, but there was no markdown file to link to on GitHub. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 276e7180f2dde5f69461eaae6cfbdfce1ecc73bd) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/config.md | 35 +++++ docs/reference/commandline/config_create.md | 99 ++++++++++++ docs/reference/commandline/config_inspect.md | 97 ++++++++++++ docs/reference/commandline/config_ls.md | 155 +++++++++++++++++++ docs/reference/commandline/config_rm.md | 53 +++++++ 5 files changed, 439 insertions(+) create mode 100644 docs/reference/commandline/config.md create mode 100644 docs/reference/commandline/config_create.md create mode 100644 docs/reference/commandline/config_inspect.md create mode 100644 docs/reference/commandline/config_ls.md create mode 100644 docs/reference/commandline/config_rm.md diff --git a/docs/reference/commandline/config.md b/docs/reference/commandline/config.md new file mode 100644 index 000000000000..67329bd94075 --- /dev/null +++ b/docs/reference/commandline/config.md @@ -0,0 +1,35 @@ +--- +title: "config" +description: "The config command description and usage" +keywords: "config" +--- + +# config + +```markdown +Usage: docker config COMMAND + +Manage Docker configs + +Options: + --help Print usage + +Commands: + create Create a config from a file or STDIN + inspect Display detailed information on one or more configs + ls List configs + rm Remove one or more configs + +Run 'docker config COMMAND --help' for more information on a command. +``` + +## Description + +Manage configs. + +## Related commands + +* [config create](config_create.md) +* [config inspect](config_inspect.md) +* [config list](config_ls.md) +* [config rm](config_rm.md) diff --git a/docs/reference/commandline/config_create.md b/docs/reference/commandline/config_create.md new file mode 100644 index 000000000000..957484626502 --- /dev/null +++ b/docs/reference/commandline/config_create.md @@ -0,0 +1,99 @@ +--- +title: "config create" +description: "The config create command description and usage" +keywords: ["config, create"] +--- + +# config create + +```Markdown +Usage: docker config create [OPTIONS] CONFIG [file|-] + +Create a config from a file or STDIN as content + +Options: + -l, --label list Config labels + --template-driver string Template driver +``` + +## Description + +Creates a config using standard input or from a file for the config content. + +For detailed information about using configs, refer to [store configuration data using Docker Configs](https://docs.docker.com/engine/swarm/configs/). + +> **Note** +> +> This is a cluster management command, and must be executed on a swarm +> manager node. To learn about managers and workers, refer to the +> [Swarm mode section](https://docs.docker.com/engine/swarm/) in the +> documentation. + +## Examples + +### Create a config + +```bash +$ printf | docker config create my_config - + +onakdyv307se2tl7nl20anokv + +$ docker config ls + +ID NAME CREATED UPDATED +onakdyv307se2tl7nl20anokv my_config 6 seconds ago 6 seconds ago +``` + +### Create a config with a file + +```bash +$ docker config create my_config ./config.json + +dg426haahpi5ezmkkj5kyl3sn + +$ docker config ls + +ID NAME CREATED UPDATED +dg426haahpi5ezmkkj5kyl3sn my_config 7 seconds ago 7 seconds ago +``` + +### Create a config with labels + +```bash +$ docker config create \ + --label env=dev \ + --label rev=20170324 \ + my_config ./config.json + +eo7jnzguqgtpdah3cm5srfb97 +``` + +```bash +$ docker config inspect my_config + +[ + { + "ID": "eo7jnzguqgtpdah3cm5srfb97", + "Version": { + "Index": 17 + }, + "CreatedAt": "2017-03-24T08:15:09.735271783Z", + "UpdatedAt": "2017-03-24T08:15:09.735271783Z", + "Spec": { + "Name": "my_config", + "Labels": { + "env": "dev", + "rev": "20170324" + }, + "Data": "aGVsbG8K" + } + } +] +``` + + +## Related commands + +* [config inspect](config_inspect.md) +* [config ls](config_ls.md) +* [config rm](config_rm.md) diff --git a/docs/reference/commandline/config_inspect.md b/docs/reference/commandline/config_inspect.md new file mode 100644 index 000000000000..e93b67ede9da --- /dev/null +++ b/docs/reference/commandline/config_inspect.md @@ -0,0 +1,97 @@ +--- +title: "config inspect" +description: "The config inspect command description and usage" +keywords: ["config, inspect"] +--- + +# config inspect + +```Markdown +Usage: docker config inspect [OPTIONS] CONFIG [CONFIG...] + +Display detailed information on one or more configs + +Options: + -f, --format string Format the output using the given Go template + --help Print usage +``` + +## Description + +Inspects the specified config. + +By default, this renders all results in a JSON array. If a format is specified, +the given template will be executed for each result. + +Go's [text/template](http://golang.org/pkg/text/template/) package +describes all the details of the format. + +For detailed information about using configs, refer to [store configuration data using Docker Configs](https://docs.docker.com/engine/swarm/configs/). + +> **Note** +> +> This is a cluster management command, and must be executed on a swarm +> manager node. To learn about managers and workers, refer to the +> [Swarm mode section](https://docs.docker.com/engine/swarm/) in the +> documentation. + +## Examples + +### Inspect a config by name or ID + +You can inspect a config, either by its *name*, or *ID* + +For example, given the following config: + +```bash +$ docker config ls + +ID NAME CREATED UPDATED +eo7jnzguqgtpdah3cm5srfb97 my_config 3 minutes ago 3 minutes ago +``` + +```bash +$ docker config inspect config.json +``` + +The output is in JSON format, for example: + +```json +[ + { + "ID": "eo7jnzguqgtpdah3cm5srfb97", + "Version": { + "Index": 17 + }, + "CreatedAt": "2017-03-24T08:15:09.735271783Z", + "UpdatedAt": "2017-03-24T08:15:09.735271783Z", + "Spec": { + "Name": "my_config", + "Labels": { + "env": "dev", + "rev": "20170324" + }, + "Data": "aGVsbG8K" + } + } +] +``` + +### Formatting + +You can use the --format option to obtain specific information about a +config. The following example command outputs the creation time of the +config. + +```bash +$ docker config inspect --format='{{.CreatedAt}}' eo7jnzguqgtpdah3cm5srfb97 + +2017-03-24 08:15:09.735271783 +0000 UTC +``` + + +## Related commands + +* [config create](config_create.md) +* [config ls](config_ls.md) +* [config rm](config_rm.md) diff --git a/docs/reference/commandline/config_ls.md b/docs/reference/commandline/config_ls.md new file mode 100644 index 000000000000..4befdfdee4e8 --- /dev/null +++ b/docs/reference/commandline/config_ls.md @@ -0,0 +1,155 @@ +--- +title: "config ls" +description: "The config ls command description and usage" +keywords: ["config, ls"] +--- + +# config ls + +```Markdown +Usage: docker config ls [OPTIONS] + +List configs + +Aliases: + ls, list + +Options: + -f, --filter filter Filter output based on conditions provided + --format string Pretty-print configs using a Go template + --help Print usage + -q, --quiet Only display IDs +``` + +## Description + +Run this command on a manager node to list the configs in the swarm. + +For detailed information about using configs, refer to [store configuration data using Docker Configs](https://docs.docker.com/engine/swarm/configs/). + +> **Note** +> +> This is a cluster management command, and must be executed on a swarm +> manager node. To learn about managers and workers, refer to the +> [Swarm mode section](https://docs.docker.com/engine/swarm/) in the +> documentation. + +## Examples + +```bash +$ docker config ls + +ID NAME CREATED UPDATED +6697bflskwj1998km1gnnjr38 q5s5570vtvnimefos1fyeo2u2 6 weeks ago 6 weeks ago +9u9hk4br2ej0wgngkga6rp4hq my_config 5 weeks ago 5 weeks ago +mem02h8n73mybpgqjf0kfi1n0 test_config 3 seconds ago 3 seconds ago +``` + +### Filtering + +The filtering flag (`-f` or `--filter`) format is a `key=value` pair. If there is more +than one filter, then pass multiple flags (e.g., `--filter "foo=bar" --filter "bif=baz"`) + +The currently supported filters are: + +- [id](#id) (config's ID) +- [label](#label) (`label=` or `label==`) +- [name](#name) (config's name) + +#### id + +The `id` filter matches all or prefix of a config's id. + +```bash +$ docker config ls -f "id=6697bflskwj1998km1gnnjr38" + +ID NAME CREATED UPDATED +6697bflskwj1998km1gnnjr38 q5s5570vtvnimefos1fyeo2u2 6 weeks ago 6 weeks ago +``` + +#### label + +The `label` filter matches configs based on the presence of a `label` alone or +a `label` and a value. + +The following filter matches all configs with a `project` label regardless of +its value: + +```bash +$ docker config ls --filter label=project + +ID NAME CREATED UPDATED +mem02h8n73mybpgqjf0kfi1n0 test_config About an hour ago About an hour ago +``` + +The following filter matches only services with the `project` label with the +`project-a` value. + +```bash +$ docker service ls --filter label=project=test + +ID NAME CREATED UPDATED +mem02h8n73mybpgqjf0kfi1n0 test_config About an hour ago About an hour ago +``` + +#### name + +The `name` filter matches on all or prefix of a config's name. + +The following filter matches config with a name containing a prefix of `test`. + +```bash +$ docker config ls --filter name=test_config + +ID NAME CREATED UPDATED +mem02h8n73mybpgqjf0kfi1n0 test_config About an hour ago About an hour ago +``` + +### Format the output + +The formatting option (`--format`) pretty prints configs output +using a Go template. + +Valid placeholders for the Go template are listed below: + +| Placeholder | Description | +| ------------ | ------------------------------------------------------------------------------------ | +| `.ID` | Config ID | +| `.Name` | Config name | +| `.CreatedAt` | Time when the config was created | +| `.UpdatedAt` | Time when the config was updated | +| `.Labels` | All labels assigned to the config | +| `.Label` | Value of a specific label for this config. For example `{{.Label "my-label"}}` | + +When using the `--format` option, the `config ls` command will either +output the data exactly as the template declares or, when using the +`table` directive, will include column headers as well. + +The following example uses a template without headers and outputs the +`ID` and `Name` entries separated by a colon (`:`) for all images: + +```bash +$ docker config ls --format "{{.ID}}: {{.Name}}" + +77af4d6b9913: config-1 +b6fa739cedf5: config-2 +78a85c484f71: config-3 +``` + +To list all configs with their name and created date in a table format you +can use: + +```bash +$ docker config ls --format "table {{.ID}}\t{{.Name}}\t{{.CreatedAt}}" + +ID NAME CREATED +77af4d6b9913 config-1 5 minutes ago +b6fa739cedf5 config-2 3 hours ago +78a85c484f71 config-3 10 days ago +``` + +## Related commands + +* [config create](config_create.md) +* [config inspect](config_inspect.md) +* [config rm](config_rm.md) diff --git a/docs/reference/commandline/config_rm.md b/docs/reference/commandline/config_rm.md new file mode 100644 index 000000000000..72a64da60585 --- /dev/null +++ b/docs/reference/commandline/config_rm.md @@ -0,0 +1,53 @@ +--- +title: "config rm" +description: "The config rm command description and usage" +keywords: ["config, rm"] +--- + +# config rm + +```Markdown +Usage: docker config rm CONFIG [CONFIG...] + +Remove one or more configs + +Aliases: + rm, remove + +Options: + --help Print usage +``` + +## Description + +Removes the specified configs from the swarm. + +For detailed information about using configs, refer to [store configuration data using Docker Configs](https://docs.docker.com/engine/swarm/configs/). + +> **Note** +> +> This is a cluster management command, and must be executed on a swarm +> manager node. To learn about managers and workers, refer to the +> [Swarm mode section](https://docs.docker.com/engine/swarm/) in the +> documentation. + +## Examples + +This example removes a config: + +```bash +$ docker config rm my_config +sapth4csdo5b6wz2p5uimh5xg +``` + +> **Warning** +> +> Unlike `docker rm`, this command does not ask for confirmation before removing +> a config. + + +## Related commands + +* [config create](config_create.md) +* [config inspect](config_inspect.md) +* [config ls](config_ls.md) From ed71df1b9f2ac34e2cab320202829fdc99c75740 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 30 Apr 2021 14:59:05 +0200 Subject: [PATCH 051/127] docs: cleanup / refactor cli doc More improvements can be made, but this makes a start on cleaning up this page: - Reorganise configuration file options into sections - Use tables for related options to make them easier to find - Add warning about the config file's possibility to contain sensitive information - Some MarkDown touch-ups (use "console" code-hint to assist copy/paste) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 3c8d65963d65a154a504afee6acfd9e39d3298b0) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/cli.md | 208 ++++++++++++++---------------- 1 file changed, 100 insertions(+), 108 deletions(-) diff --git a/docs/reference/commandline/cli.md b/docs/reference/commandline/cli.md index 363c0ae5c2a7..b2988adcbecf 100644 --- a/docs/reference/commandline/cli.md +++ b/docs/reference/commandline/cli.md @@ -1,7 +1,7 @@ --- title: "Use the Docker command line" description: "Docker's CLI command description and usage" -keywords: "Docker, Docker documentation, CLI, command line" +keywords: "Docker, Docker documentation, CLI, command line, config.json, CLI configuration file" redirect_from: - /go/experimental/ - /engine/reference/commandline/engine/ @@ -62,30 +62,22 @@ the [installation](https://docs.docker.com/install/) instructions for your opera ## Environment variables -For easy reference, the following list of environment variables are supported -by the `docker` command line: - -* `DOCKER_API_VERSION` The API version to use (e.g. `1.19`) -* `DOCKER_CONFIG` The location of your client configuration files. -* `DOCKER_HOST` Daemon socket to connect to. -* `DOCKER_STACK_ORCHESTRATOR` Configure the default orchestrator to use when using `docker stack` management commands. -* `DOCKER_CONTENT_TRUST` When set Docker uses notary to sign and verify images. - Equates to `--disable-content-trust=false` for build, create, pull, push, run. -* `DOCKER_CONTENT_TRUST_SERVER` The URL of the Notary server to use. This defaults - to the same URL as the registry. -* `DOCKER_HIDE_LEGACY_COMMANDS` When set, Docker hides "legacy" top-level commands (such as `docker rm`, and - `docker pull`) in `docker help` output, and only `Management commands` per object-type (e.g., `docker container`) are - printed. This may become the default in a future release, at which point this environment-variable is removed. -* `DOCKER_CONTEXT` Specify the context to use (overrides DOCKER_HOST env var and default context set with "docker context use") -* `DOCKER_DEFAULT_PLATFORM` Specify the default platform for the commands that take the `--platform` flag. - -#### Shared Environment variables - -These environment variables can be used both with the `docker` command line and -`dockerd` command line: - -* `DOCKER_CERT_PATH` The location of your authentication keys. -* `DOCKER_TLS_VERIFY` When set Docker uses TLS and verifies the remote. +The following list of environment variables are supported by the `docker` command +line: + +| Variable | Description | +|:------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------| +| `DOCKER_API_VERSION` | Override the negotiated API version to use for debugging (e.g. `1.19`) | +| `DOCKER_CERT_PATH` | Location of your authentication keys. This variable is used both by the `docker` CLI and the [`dockerd` daemon](dockerd.md) | +| `DOCKER_CONFIG` | The location of your client configuration files. | +| `DOCKER_CONTENT_TRUST_SERVER` | The URL of the Notary server to use. Defaults to the same URL as the registry. | +| `DOCKER_CONTENT_TRUST` | When set Docker uses notary to sign and verify images. Equates to `--disable-content-trust=false` for build, create, pull, push, run. | +| `DOCKER_CONTEXT` | Name of the `docker context` to use (overrides `DOCKER_HOST` env var and default context set with `docker context use`) | +| `DOCKER_DEFAULT_PLATFORM` | Default platform for commands that take the `--platform` flag. | +| `DOCKER_HIDE_LEGACY_COMMANDS` | When set, Docker hides "legacy" top-level commands (such as `docker rm`, and `docker pull`) in `docker help` output, and only `Management commands` per object-type (e.g., `docker container`) are printed. This may become the default in a future release, at which point this environment-variable is removed. | +| `DOCKER_HOST` | Daemon socket to connect to. | +| `DOCKER_STACK_ORCHESTRATOR` | Configure the default orchestrator to use when using `docker stack` management commands. | +| `DOCKER_TLS_VERIFY` | When set Docker uses TLS and verifies the remote. This variable is used both by the `docker` CLI and the [`dockerd` daemon](dockerd.md) | Because Docker is developed using Go, you can also use any environment variables used by the Go runtime. In particular, you may find these useful: @@ -98,7 +90,7 @@ These Go environment variables are case-insensitive. See the [Go specification](http://golang.org/pkg/net/http/) for details on these variables. -### Configuration files +## Configuration files By default, the Docker command line stores its configuration files in a directory called `.docker` within your `$HOME` directory. @@ -124,7 +116,7 @@ specified, then the `--config` option overrides the `DOCKER_CONFIG` environment variable. The example below overrides the `docker ps` command using a `config.json` file located in the `~/testconfigs/` directory. -```bash +```console $ docker --config ~/testconfigs/ ps ``` @@ -133,79 +125,56 @@ configuration, you can set the `DOCKER_CONFIG` environment variable in your shell (e.g. `~/.profile` or `~/.bashrc`). The example below sets the new directory to be `HOME/newdir/.docker`. -```bash -echo export DOCKER_CONFIG=$HOME/newdir/.docker > ~/.profile +```console +$ echo export DOCKER_CONFIG=$HOME/newdir/.docker > ~/.profile ``` -### `config.json` properties +## Docker CLI configuration file (`config.json`) properties + + -The `config.json` file stores a JSON encoding of several properties: +Use the Docker CLI configuration to customize settings for the `docker` CLI. The +configuration file uses JSON formatting, and properties: + +By default, configuration file is stored in `~/.docker/config.json`. Refer to the +[change the `.docker` directory](#change-the-docker-directory) section to use a +different location. + +> **Warning** +> +> The configuration file and other files inside the `~/.docker` configuration +> directory may contain sensitive information, such as authentication information +> for proxies or, depending on your credential store, credentials for your image +> registries. Review your configuration file's content before sharing with others, +> and prevent committing the file to version control. + +### Customize the default output format for commands + +These fields allow you to customize the default output format for some commands +if no `--format` flag is provided. + +| Property | Description | +|:-----------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `configFormat` | Custom default format for `docker config ls` output. Refer to the [**format the output** section in the `docker config ls` documentation](config_ls.md#format-the-output) for a list of supported formatting directives. | +| `imagesFormat` | Custom default format for `docker images` / `docker image ls` output. Refer to the [**format the output** section in the `docker images` documentation](images.md#format-the-output) for a list of supported formatting directives. | +| `nodesFormat` | Custom default format for `docker node ls` output. Refer to the [**formatting** section in the `docker node ls` documentation](node_ls.md#formatting) for a list of supported formatting directives. | +| `pluginsFormat` | Custom default format for `docker plugin ls` output. Refer to the [**formatting** section in the `docker plugin ls` documentation](plugin_ls.md#formatting) for a list of supported formatting directives. | +| `psFormat` | Custom default format for `docker ps` / `docker container ps` output. Refer to the [**formatting** section in the `docker ps` documentation](ps.md#formatting) for a list of supported formatting directives. | +| `secretFormat` | Custom default format for `docker secret ls` output. Refer to the [**format the output** section in the `docker secret ls` documentation](secret_ls.md#format-the-output) for a list of supported formatting directives. | +| `serviceInspectFormat` | Custom default format for `docker service inspect` output. Refer to the [**formatting** section in the `docker service inspect` documentation](service_inspect.md#formatting) for a list of supported formatting directives. | +| `servicesFormat` | Custom default format for `docker service ls` output. Refer to the [**formatting** section in the `docker service ls` documentation](service_ls.md#formatting) for a list of supported formatting directives. | +| `statsFormat` | Custom default format for `docker stats` output. Refer to the [**formatting** section in the `docker stats` documentation](stats.md#formatting) for a list of supported formatting directives. | + + +### Custom HTTP headers The property `HttpHeaders` specifies a set of headers to include in all messages sent from the Docker client to the daemon. Docker does not try to interpret or -understand these header; it simply puts them into the messages. Docker does +understand these headers; it simply puts them into the messages. Docker does not allow these headers to change any headers it sets for itself. -The property `psFormat` specifies the default format for `docker ps` output. -When the `--format` flag is not provided with the `docker ps` command, -Docker's client uses this property. If this property is not set, the client -falls back to the default table format. For a list of supported formatting -directives, see the -[**Formatting** section in the `docker ps` documentation](ps.md) - -The property `imagesFormat` specifies the default format for `docker images` output. -When the `--format` flag is not provided with the `docker images` command, -Docker's client uses this property. If this property is not set, the client -falls back to the default table format. For a list of supported formatting -directives, see the [**Formatting** section in the `docker images` documentation](images.md) - -The property `pluginsFormat` specifies the default format for `docker plugin ls` output. -When the `--format` flag is not provided with the `docker plugin ls` command, -Docker's client uses this property. If this property is not set, the client -falls back to the default table format. For a list of supported formatting -directives, see the [**Formatting** section in the `docker plugin ls` documentation](plugin_ls.md) - -The property `servicesFormat` specifies the default format for `docker -service ls` output. When the `--format` flag is not provided with the -`docker service ls` command, Docker's client uses this property. If this -property is not set, the client falls back to the default json format. For a -list of supported formatting directives, see the -[**Formatting** section in the `docker service ls` documentation](service_ls.md) - -The property `serviceInspectFormat` specifies the default format for `docker -service inspect` output. When the `--format` flag is not provided with the -`docker service inspect` command, Docker's client uses this property. If this -property is not set, the client falls back to the default json format. For a -list of supported formatting directives, see the -[**Formatting** section in the `docker service inspect` documentation](service_inspect.md) - -The property `statsFormat` specifies the default format for `docker -stats` output. When the `--format` flag is not provided with the -`docker stats` command, Docker's client uses this property. If this -property is not set, the client falls back to the default table -format. For a list of supported formatting directives, see -[**Formatting** section in the `docker stats` documentation](stats.md) - -The property `secretFormat` specifies the default format for `docker -secret ls` output. When the `--format` flag is not provided with the -`docker secret ls` command, Docker's client uses this property. If this -property is not set, the client falls back to the default table -format. For a list of supported formatting directives, see -[**Formatting** section in the `docker secret ls` documentation](secret_ls.md) - - -The property `nodesFormat` specifies the default format for `docker node ls` output. -When the `--format` flag is not provided with the `docker node ls` command, -Docker's client uses the value of `nodesFormat`. If the value of `nodesFormat` is not set, -the client uses the default table format. For a list of supported formatting -directives, see the [**Formatting** section in the `docker node ls` documentation](node_ls.md) - -The property `configFormat` specifies the default format for `docker -config ls` output. When the `--format` flag is not provided with the -`docker config ls` command, Docker's client uses this property. If this -property is not set, the client falls back to the default table -format. For a list of supported formatting directives, see -[**Formatting** section in the `docker config ls` documentation](config_ls.md) + +### Credential store options The property `credsStore` specifies an external binary to serve as the default credential store. When this property is set, `docker login` will attempt to @@ -221,11 +190,17 @@ credentials for specific registries. If this property is set, the binary for a specific registry. For more information, see the [**Credential helpers** section in the `docker login` documentation](login.md#credential-helpers) + +### Orchestrator options for docker stacks + The property `stackOrchestrator` specifies the default orchestrator to use when running `docker stack` management commands. Valid values are `"swarm"`, `"kubernetes"`, and `"all"`. This property can be overridden with the `DOCKER_STACK_ORCHESTRATOR` environment variable, or the `--orchestrator` flag. + +### Automatic proxy configuration for containers + The property `proxies` specifies proxy environment variables to be automatically set on containers, and set as `--build-arg` on containers used during `docker build`. A `"default"` set of proxies can be configured, and will be used for any docker @@ -233,10 +208,17 @@ daemon that the client connects to, or a configuration per host (docker daemon), for example, "https://docker-daemon1.example.com". The following properties can be set for each environment: -* `httpProxy` (sets the value of `HTTP_PROXY` and `http_proxy`) -* `httpsProxy` (sets the value of `HTTPS_PROXY` and `https_proxy`) -* `ftpProxy` (sets the value of `FTP_PROXY` and `ftp_proxy`) -* `noProxy` (sets the value of `NO_PROXY` and `no_proxy`) +| Property | Description | +|:---------------|:--------------------------------------------------------------------------------------------------------| +| `httpProxy` | Default value of `HTTP_PROXY` and `http_proxy` for containers, and as `--build-arg` on `docker build` | +| `httpsProxy` | Default value of `HTTPS_PROXY` and `https_proxy` for containers, and as `--build-arg` on `docker build` | +| `ftpProxy` | Default value of `FTP_PROXY` and `ftp_proxy` for containers, and as `--build-arg` on `docker build` | +| `noProxy` | Default value of `NO_PROXY` and `no_proxy` for containers, and as `--build-arg` on `docker build` | + +These settings are used to configure proxy settings for containers only, and not +used as proxy settings for the `docker` CLI or the `dockerd` daemon. Refer to the +[environment variables](#environment-variables) and [HTTP/HTTPS proxy](https://docs.docker.com/config/daemon/systemd/#httphttps-proxy) +sections for configuring proxy settings for the cli and daemon. > **Warning** > @@ -245,6 +227,8 @@ be set for each environment: > the container's configuration, and as such can be inspected through the remote > API or committed to an image when using `docker commit`. +### Default key-sequence to detach from containers + Once attached to a container, users detach from it and leave it running using the using `CTRL-p CTRL-q` key sequence. This detach key sequence is customizable using the `detachKeys` property. Specify a `` value for the @@ -263,11 +247,17 @@ Users can override your custom or the default key sequence on a per-container basis. To do this, the user specifies the `--detach-keys` flag with the `docker attach`, `docker exec`, `docker run` or `docker start` command. +### CLI Plugin options + The property `plugins` contains settings specific to CLI plugins. The key is the plugin name, while the value is a further map of options, which are specific to that plugin. -Following is a sample `config.json` file: + +### Sample configuration file + +Following is a sample `config.json` file to illustrate the format used for +various fields: ```json {% raw %} @@ -310,7 +300,7 @@ Following is a sample `config.json` file: "https://manager1.mycorp.example.com:2377": { "httpProxy": "http://user:pass@example.com:3128", "httpsProxy": "https://my-proxy.example.com:3129" - }, + } } } {% endraw %} @@ -338,16 +328,18 @@ list of root Certificate Authorities. To list the help on any command just execute the command, followed by the `--help` option. - $ docker run --help +```console +$ docker run --help - Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] +Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] - Run a command in a new container +Run a command in a new container - Options: - --add-host value Add a custom host-to-IP mapping (host:ip) (default []) - -a, --attach value Attach to STDIN, STDOUT or STDERR (default []) - ... +Options: + --add-host value Add a custom host-to-IP mapping (host:ip) (default []) + -a, --attach value Attach to STDIN, STDOUT or STDERR (default []) +<...> +``` ### Option types @@ -368,7 +360,7 @@ container **will** run in "detached" mode, in the background. Options which default to `true` (e.g., `docker build --rm=true`) can only be set to the non-default value by explicitly setting them to `false`: -```bash +```console $ docker build --rm=false . ``` @@ -377,7 +369,7 @@ $ docker build --rm=false . You can specify options like `-a=[]` multiple times in a single command line, for example in these commands: -```bash +```console $ docker run -a stdin -a stdout -i -t ubuntu /bin/bash $ docker run -a stdin -a stdout -a stderr ubuntu /bin/ls @@ -386,7 +378,7 @@ $ docker run -a stdin -a stdout -a stderr ubuntu /bin/ls Sometimes, multiple options can call for a more complex value string as for `-v`: -```bash +```console $ docker run -v /host:/container example/mysql ``` From 1ff45aac40088c195d36ca6328a4df496ed0a74b Mon Sep 17 00:00:00 2001 From: Chris Vermilion Date: Sat, 3 Apr 2021 17:13:01 -0400 Subject: [PATCH 052/127] Update stop.md Updates the stop.md doc to mention that the stop signal can be changed, either with the Dockerfile or via `docker run --stop-signal`. This is a real gotcha if you're not familiar with this feature and build a container that extends a container that uses `STOPSIGNAL`. Signed-off-by: Christopher Vermilion (cherry picked from commit 41d169d211d44eb49c1d678a52ecbe721d8480c5) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/stop.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/reference/commandline/stop.md b/docs/reference/commandline/stop.md index e4c567fb7829..282a37858293 100644 --- a/docs/reference/commandline/stop.md +++ b/docs/reference/commandline/stop.md @@ -19,7 +19,9 @@ Options: ## Description The main process inside the container will receive `SIGTERM`, and after a grace -period, `SIGKILL`. +period, `SIGKILL`. The first signal can be changed with the `STOPSIGNAL` +instruction in the container's Dockerfile, or the `--stop-signal` option to +`docker run`. ## Examples From 4fbdf3f362130c5a60932029cbcfeab5c448371c Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 17 Apr 2021 15:13:20 +0200 Subject: [PATCH 053/127] docs: document log-opts for "dual logging" cache These options are available in Docker 20.10 and up, but were previously only available in Docker EE, and not documented. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 2586decba8bdf4525b0267256581391e4ce16843) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/dockerd.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index a482577fb776..0ac52c826a1d 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -1400,6 +1400,10 @@ This is a full example of the allowed configuration options on Linux: "log-driver": "json-file", "log-level": "", "log-opts": { + "cache-disabled": "false", + "cache-max-file": "5", + "cache-max-size": "20m", + "cache-compress": "true", "env": "os,customer", "labels": "somelabel", "max-file": "5", From 8264f5be8d470db3a7a19ae07907d91792660da0 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 12 May 2021 09:31:50 +0200 Subject: [PATCH 054/127] docs: dockerd: fix broken link and markdown touch-ups Jekyll doesn't work well with markdown links that are wrapped, so changing the link to be on a single line. While at it, also added/changed some code-hints. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit f3034ee9289bc2182e9d1b6381276ab20478fb64) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/dockerd.md | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index 0ac52c826a1d..e3414168e044 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -1203,8 +1203,8 @@ command line or Docker's Engine API are allowed or denied by the plugin. If you have multiple plugins installed, each plugin, in order, must allow the request for it to complete. -For information about how to create an authorization plugin, see [authorization -plugin](../../extend/plugins_authorization.md) section in the Docker extend section of this documentation. +For information about how to create an authorization plugin, refer to the +[authorization plugin](../../extend/plugins_authorization.md) section. ### Daemon user namespace options @@ -1232,10 +1232,16 @@ Docker supports softlinks for the Docker data directory (`/var/lib/docker`) and for `/var/lib/docker/tmp`. The `DOCKER_TMPDIR` and the data directory can be set like this: - DOCKER_TMPDIR=/mnt/disk2/tmp /usr/local/bin/dockerd -D -g /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1 - # or - export DOCKER_TMPDIR=/mnt/disk2/tmp - /usr/local/bin/dockerd -D -g /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1 +```console +$ DOCKER_TMPDIR=/mnt/disk2/tmp /usr/local/bin/dockerd -D -g /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1 +``` + +or + +```console +$ export DOCKER_TMPDIR=/mnt/disk2/tmp +$ /usr/local/bin/dockerd -D -g /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1 +```` #### Default cgroup parent @@ -1564,7 +1570,9 @@ previously configured cluster configurations. ### Run multiple daemons -> **Note:** Running multiple daemons on a single host is considered as "experimental". The user should be aware of +> **Note:** +> +> Running multiple daemons on a single host is considered as "experimental". The user should be aware of > unsolved problems. This solution may not work properly in some cases. Solutions are currently under development > and will be delivered in the near future. @@ -1616,7 +1624,7 @@ The `--tls*` options enable use of specific certificates for individual daemons. Example script for a separate “bootstrap” instance of the Docker daemon without network: -```bash +```console $ sudo dockerd \ -H unix:///var/run/docker-bootstrap.sock \ -p /var/run/docker-bootstrap.pid \ From 00755d7dba80d35b15b1a05a325336752642a5d3 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 4 May 2021 18:40:23 +0900 Subject: [PATCH 055/127] printServerWarningsLegacy: silence "No kernel memory limit support" The kernel memory limit is deprecated in Docker 20.10.0, and its support was removed in runc v1.0.0-rc94. So, this warning can be safely removed. Relevant: https://github.com/moby/moby/pull/41254/commits/b8ca7de823acf572cad9becb74fd5cdac1748057 Signed-off-by: Akihiro Suda (cherry picked from commit 731f52cfe8182c459e49cf05344e7e5e0b931b3c) Signed-off-by: Sebastiaan van Stijn --- cli/command/system/info.go | 3 --- cli/command/system/info_test.go | 1 - .../system/testdata/docker-info-daemon-warnings.json.golden | 2 +- cli/command/system/testdata/docker-info-warnings.golden | 1 - 4 files changed, 1 insertion(+), 6 deletions(-) diff --git a/cli/command/system/info.go b/cli/command/system/info.go index 0e9bd0db42ce..80616de3b1dd 100644 --- a/cli/command/system/info.go +++ b/cli/command/system/info.go @@ -402,9 +402,6 @@ func printServerWarningsLegacy(dockerCli command.Cli, info types.Info) { if !info.SwapLimit { fmt.Fprintln(dockerCli.Err(), "WARNING: No swap limit support") } - if !info.KernelMemory { - fmt.Fprintln(dockerCli.Err(), "WARNING: No kernel memory limit support") - } if !info.OomKillDisable { fmt.Fprintln(dockerCli.Err(), "WARNING: No oom kill disable support") } diff --git a/cli/command/system/info_test.go b/cli/command/system/info_test.go index 04e52450b77b..d3762ea783dc 100644 --- a/cli/command/system/info_test.go +++ b/cli/command/system/info_test.go @@ -248,7 +248,6 @@ func TestPrettyPrintInfo(t *testing.T) { sampleInfoDaemonWarnings.Warnings = []string{ "WARNING: No memory limit support", "WARNING: No swap limit support", - "WARNING: No kernel memory limit support", "WARNING: No oom kill disable support", "WARNING: No cpu cfs quota support", "WARNING: No cpu cfs period support", diff --git a/cli/command/system/testdata/docker-info-daemon-warnings.json.golden b/cli/command/system/testdata/docker-info-daemon-warnings.json.golden index 5b7b23124fdd..09e1ebd9c54f 100644 --- a/cli/command/system/testdata/docker-info-daemon-warnings.json.golden +++ b/cli/command/system/testdata/docker-info-daemon-warnings.json.golden @@ -1 +1 @@ -{"ID":"EKHL:QDUU:QZ7U:MKGD:VDXK:S27Q:GIPU:24B7:R7VT:DGN6:QCSF:2UBX","Containers":0,"ContainersRunning":0,"ContainersPaused":0,"ContainersStopped":0,"Images":0,"Driver":"aufs","DriverStatus":[["Root Dir","/var/lib/docker/aufs"],["Backing Filesystem","extfs"],["Dirs","0"],["Dirperm1 Supported","true"]],"Plugins":{"Volume":["local"],"Network":["bridge","host","macvlan","null","overlay"],"Authorization":null,"Log":["awslogs","fluentd","gcplogs","gelf","journald","json-file","logentries","splunk","syslog"]},"MemoryLimit":true,"SwapLimit":true,"KernelMemory":true,"KernelMemoryTCP":false,"CpuCfsPeriod":true,"CpuCfsQuota":true,"CPUShares":true,"CPUSet":true,"PidsLimit":false,"IPv4Forwarding":true,"BridgeNfIptables":true,"BridgeNfIp6tables":true,"Debug":true,"NFd":33,"OomKillDisable":true,"NGoroutines":135,"SystemTime":"2017-08-24T17:44:34.077811894Z","LoggingDriver":"json-file","CgroupDriver":"cgroupfs","NEventsListener":0,"KernelVersion":"4.4.0-87-generic","OperatingSystem":"Ubuntu 16.04.3 LTS","OSVersion":"","OSType":"linux","Architecture":"x86_64","IndexServerAddress":"https://index.docker.io/v1/","RegistryConfig":{"AllowNondistributableArtifactsCIDRs":null,"AllowNondistributableArtifactsHostnames":null,"InsecureRegistryCIDRs":["127.0.0.0/8"],"IndexConfigs":{"docker.io":{"Name":"docker.io","Mirrors":null,"Secure":true,"Official":true}},"Mirrors":null},"NCPU":2,"MemTotal":2097356800,"GenericResources":null,"DockerRootDir":"/var/lib/docker","HttpProxy":"","HttpsProxy":"","NoProxy":"","Name":"system-sample","Labels":["provider=digitalocean"],"ExperimentalBuild":false,"ServerVersion":"17.06.1-ce","Runtimes":{"runc":{"path":"docker-runc"}},"DefaultRuntime":"runc","Swarm":{"NodeID":"","NodeAddr":"","LocalNodeState":"inactive","ControlAvailable":false,"Error":"","RemoteManagers":null},"LiveRestoreEnabled":false,"Isolation":"","InitBinary":"docker-init","ContainerdCommit":{"ID":"6e23458c129b551d5c9871e5174f6b1b7f6d1170","Expected":"6e23458c129b551d5c9871e5174f6b1b7f6d1170"},"RuncCommit":{"ID":"810190ceaa507aa2727d7ae6f4790c76ec150bd2","Expected":"810190ceaa507aa2727d7ae6f4790c76ec150bd2"},"InitCommit":{"ID":"949e6fa","Expected":"949e6fa"},"SecurityOptions":["name=apparmor","name=seccomp,profile=default"],"DefaultAddressPools":[{"Base":"10.123.0.0/16","Size":24}],"Warnings":["WARNING: No memory limit support","WARNING: No swap limit support","WARNING: No kernel memory limit support","WARNING: No oom kill disable support","WARNING: No cpu cfs quota support","WARNING: No cpu cfs period support","WARNING: No cpu shares support","WARNING: No cpuset support","WARNING: IPv4 forwarding is disabled","WARNING: bridge-nf-call-iptables is disabled","WARNING: bridge-nf-call-ip6tables is disabled"],"ClientInfo":{"Debug":true,"Context":"default","Plugins":[],"Warnings":null}} +{"ID":"EKHL:QDUU:QZ7U:MKGD:VDXK:S27Q:GIPU:24B7:R7VT:DGN6:QCSF:2UBX","Containers":0,"ContainersRunning":0,"ContainersPaused":0,"ContainersStopped":0,"Images":0,"Driver":"aufs","DriverStatus":[["Root Dir","/var/lib/docker/aufs"],["Backing Filesystem","extfs"],["Dirs","0"],["Dirperm1 Supported","true"]],"Plugins":{"Volume":["local"],"Network":["bridge","host","macvlan","null","overlay"],"Authorization":null,"Log":["awslogs","fluentd","gcplogs","gelf","journald","json-file","logentries","splunk","syslog"]},"MemoryLimit":true,"SwapLimit":true,"KernelMemory":true,"KernelMemoryTCP":false,"CpuCfsPeriod":true,"CpuCfsQuota":true,"CPUShares":true,"CPUSet":true,"PidsLimit":false,"IPv4Forwarding":true,"BridgeNfIptables":true,"BridgeNfIp6tables":true,"Debug":true,"NFd":33,"OomKillDisable":true,"NGoroutines":135,"SystemTime":"2017-08-24T17:44:34.077811894Z","LoggingDriver":"json-file","CgroupDriver":"cgroupfs","NEventsListener":0,"KernelVersion":"4.4.0-87-generic","OperatingSystem":"Ubuntu 16.04.3 LTS","OSVersion":"","OSType":"linux","Architecture":"x86_64","IndexServerAddress":"https://index.docker.io/v1/","RegistryConfig":{"AllowNondistributableArtifactsCIDRs":null,"AllowNondistributableArtifactsHostnames":null,"InsecureRegistryCIDRs":["127.0.0.0/8"],"IndexConfigs":{"docker.io":{"Name":"docker.io","Mirrors":null,"Secure":true,"Official":true}},"Mirrors":null},"NCPU":2,"MemTotal":2097356800,"GenericResources":null,"DockerRootDir":"/var/lib/docker","HttpProxy":"","HttpsProxy":"","NoProxy":"","Name":"system-sample","Labels":["provider=digitalocean"],"ExperimentalBuild":false,"ServerVersion":"17.06.1-ce","Runtimes":{"runc":{"path":"docker-runc"}},"DefaultRuntime":"runc","Swarm":{"NodeID":"","NodeAddr":"","LocalNodeState":"inactive","ControlAvailable":false,"Error":"","RemoteManagers":null},"LiveRestoreEnabled":false,"Isolation":"","InitBinary":"docker-init","ContainerdCommit":{"ID":"6e23458c129b551d5c9871e5174f6b1b7f6d1170","Expected":"6e23458c129b551d5c9871e5174f6b1b7f6d1170"},"RuncCommit":{"ID":"810190ceaa507aa2727d7ae6f4790c76ec150bd2","Expected":"810190ceaa507aa2727d7ae6f4790c76ec150bd2"},"InitCommit":{"ID":"949e6fa","Expected":"949e6fa"},"SecurityOptions":["name=apparmor","name=seccomp,profile=default"],"DefaultAddressPools":[{"Base":"10.123.0.0/16","Size":24}],"Warnings":["WARNING: No memory limit support","WARNING: No swap limit support","WARNING: No oom kill disable support","WARNING: No cpu cfs quota support","WARNING: No cpu cfs period support","WARNING: No cpu shares support","WARNING: No cpuset support","WARNING: IPv4 forwarding is disabled","WARNING: bridge-nf-call-iptables is disabled","WARNING: bridge-nf-call-ip6tables is disabled"],"ClientInfo":{"Debug":true,"Context":"default","Plugins":[],"Warnings":null}} diff --git a/cli/command/system/testdata/docker-info-warnings.golden b/cli/command/system/testdata/docker-info-warnings.golden index a7a4d792b0b6..579a8d422a9f 100644 --- a/cli/command/system/testdata/docker-info-warnings.golden +++ b/cli/command/system/testdata/docker-info-warnings.golden @@ -1,6 +1,5 @@ WARNING: No memory limit support WARNING: No swap limit support -WARNING: No kernel memory limit support WARNING: No oom kill disable support WARNING: No cpu cfs quota support WARNING: No cpu cfs period support From 12e2f94eba9c562c7a697aa85bc7d7f32e43eb9c Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 4 May 2021 18:43:18 +0900 Subject: [PATCH 056/127] printServerWarningsLegacy: silence "No oom kill disable support" on cgroup v2 The warning should be ignored on cgroup v2 hosts. Relevant: https://github.com/moby/moby/pull/41894/commits/8086443a449af8ef5c5b0574de8957df7e52f296 Signed-off-by: Akihiro Suda (cherry picked from commit 05ec0188fa0a9d722949304c60a264c065f3d326) Signed-off-by: Sebastiaan van Stijn --- cli/command/system/info.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cli/command/system/info.go b/cli/command/system/info.go index 80616de3b1dd..c19946d09e45 100644 --- a/cli/command/system/info.go +++ b/cli/command/system/info.go @@ -402,7 +402,7 @@ func printServerWarningsLegacy(dockerCli command.Cli, info types.Info) { if !info.SwapLimit { fmt.Fprintln(dockerCli.Err(), "WARNING: No swap limit support") } - if !info.OomKillDisable { + if !info.OomKillDisable && info.CgroupVersion != "2" { fmt.Fprintln(dockerCli.Err(), "WARNING: No oom kill disable support") } if !info.CPUCfsQuota { From 78fcd905c65fa3c059cfb29cc0e75095d106ac1e Mon Sep 17 00:00:00 2001 From: Erik Humphrey Date: Thu, 13 May 2021 10:10:38 -0400 Subject: [PATCH 057/127] docs: Fix broken jump link Signed-off-by: Erik Humphrey (cherry picked from commit 57e7680591c89bc42fd5d03ec9aa416e61ea7628) Signed-off-by: Sebastiaan van Stijn --- docs/reference/run.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/run.md b/docs/reference/run.md index 28c60b3f6cbb..d95b1a8aeba0 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -587,7 +587,7 @@ $ docker inspect -f "{{ .State.StartedAt }}" my-container Combining `--restart` (restart policy) with the `--rm` (clean up) flag results in an error. On container restart, attached clients are disconnected. See the -examples on using the [`--rm` (clean up)](#clean-up-rm) flag later in this page. +examples on using the [`--rm` (clean up)](#clean-up---rm) flag later in this page. ### Examples From f291a49ba5fb369261ce9eac6d74f24c02e74bd1 Mon Sep 17 00:00:00 2001 From: Tianon Gravi Date: Tue, 4 May 2021 09:45:10 -0700 Subject: [PATCH 058/127] Swap "LABEL maintainer" for the OCI pre-defined "org.opencontainers.image.authors" https://github.com/opencontainers/image-spec/blob/v1.0.1/annotations.md#pre-defined-annotation-keys Signed-off-by: Tianon Gravi (cherry picked from commit 782192a6e50bacd73dcd2e9f9128f1708435b555) Signed-off-by: Sebastiaan van Stijn --- docs/reference/builder.md | 2 +- docs/reference/commandline/pull.md | 2 +- man/src/image/pull.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index 07e6e241cbe0..d5651db8ea60 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -963,7 +963,7 @@ easily, for example with `docker inspect`. To set a label corresponding to the `MAINTAINER` field you could use: ```dockerfile -LABEL maintainer="SvenDowideit@home.org.au" +LABEL org.opencontainers.image.authors="SvenDowideit@home.org.au" ``` This will then be visible from `docker inspect` with the other labels. diff --git a/docs/reference/commandline/pull.md b/docs/reference/commandline/pull.md index 40cc99ff7d13..7d02c356e620 100644 --- a/docs/reference/commandline/pull.md +++ b/docs/reference/commandline/pull.md @@ -160,7 +160,7 @@ Digest can also be used in the `FROM` of a Dockerfile, for example: ```dockerfile FROM ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 -LABEL maintainer="some maintainer " +LABEL org.opencontainers.image.authors="some maintainer " ``` > **Note** diff --git a/man/src/image/pull.md b/man/src/image/pull.md index 3c9c9dd6b130..13d601e99f4f 100644 --- a/man/src/image/pull.md +++ b/man/src/image/pull.md @@ -111,7 +111,7 @@ pull the above image by digest, run the following command: Digest can also be used in the `FROM` of a Dockerfile, for example: FROM ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 - LABEL maintainer="some maintainer " + LABEL org.opencontainers.image.authors="some maintainer " > **Note**: Using this feature "pins" an image to a specific version in time. > Docker will therefore not pull updated versions of an image, which may include From 706ca7985bfb6a7360ef95581063712d04466c8d Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 25 May 2021 12:30:31 +0200 Subject: [PATCH 059/127] Revert "[20.10] Revert "Ignore SIGURG on Linux."" This reverts commit f33a69f6eef118195e741d158cfb8ee7a7391ddb. Signed-off-by: Sebastiaan van Stijn --- cli/command/container/attach.go | 3 +- cli/command/container/client_test.go | 8 +++ cli/command/container/run.go | 3 +- cli/command/container/signals.go | 57 +++++++++++++++++++++ cli/command/container/signals_linux.go | 11 ++++ cli/command/container/signals_linux_test.go | 57 +++++++++++++++++++++ cli/command/container/signals_notlinux.go | 9 ++++ cli/command/container/signals_test.go | 48 +++++++++++++++++ cli/command/container/start.go | 3 +- cli/command/container/tty.go | 29 ----------- 10 files changed, 196 insertions(+), 32 deletions(-) create mode 100644 cli/command/container/signals.go create mode 100644 cli/command/container/signals_linux.go create mode 100644 cli/command/container/signals_linux_test.go create mode 100644 cli/command/container/signals_notlinux.go create mode 100644 cli/command/container/signals_test.go diff --git a/cli/command/container/attach.go b/cli/command/container/attach.go index 854aa7395224..8470855992c8 100644 --- a/cli/command/container/attach.go +++ b/cli/command/container/attach.go @@ -97,7 +97,8 @@ func runAttach(dockerCli command.Cli, opts *attachOptions) error { } if opts.proxy && !c.Config.Tty { - sigc := ForwardAllSignals(ctx, dockerCli, opts.container) + sigc := notfiyAllSignals() + go ForwardAllSignals(ctx, dockerCli, opts.container, sigc) defer signal.StopCatch(sigc) } diff --git a/cli/command/container/client_test.go b/cli/command/container/client_test.go index 3643550b92c8..6aa7d9991e34 100644 --- a/cli/command/container/client_test.go +++ b/cli/command/container/client_test.go @@ -32,6 +32,7 @@ type fakeClient struct { containerExportFunc func(string) (io.ReadCloser, error) containerExecResizeFunc func(id string, options types.ResizeOptions) error containerRemoveFunc func(ctx context.Context, container string, options types.ContainerRemoveOptions) error + containerKillFunc func(ctx context.Context, container, signal string) error Version string } @@ -154,3 +155,10 @@ func (f *fakeClient) ContainerExecResize(_ context.Context, id string, options t } return nil } + +func (f *fakeClient) ContainerKill(ctx context.Context, container, signal string) error { + if f.containerKillFunc != nil { + return f.containerKillFunc(ctx, container, signal) + } + return nil +} diff --git a/cli/command/container/run.go b/cli/command/container/run.go index 74bee8cd12e1..fec9995841f8 100644 --- a/cli/command/container/run.go +++ b/cli/command/container/run.go @@ -131,7 +131,8 @@ func runContainer(dockerCli command.Cli, opts *runOptions, copts *containerOptio return runStartContainerErr(err) } if opts.sigProxy { - sigc := ForwardAllSignals(ctx, dockerCli, createResponse.ID) + sigc := notfiyAllSignals() + go ForwardAllSignals(ctx, dockerCli, createResponse.ID, sigc) defer signal.StopCatch(sigc) } diff --git a/cli/command/container/signals.go b/cli/command/container/signals.go new file mode 100644 index 000000000000..06e4d9eb6624 --- /dev/null +++ b/cli/command/container/signals.go @@ -0,0 +1,57 @@ +package container + +import ( + "context" + "fmt" + "os" + gosignal "os/signal" + + "github.com/docker/cli/cli/command" + "github.com/docker/docker/pkg/signal" + "github.com/sirupsen/logrus" +) + +// ForwardAllSignals forwards signals to the container +// +// The channel you pass in must already be setup to receive any signals you want to forward. +func ForwardAllSignals(ctx context.Context, cli command.Cli, cid string, sigc <-chan os.Signal) { + var s os.Signal + for { + select { + case s = <-sigc: + case <-ctx.Done(): + return + } + + if s == signal.SIGCHLD || s == signal.SIGPIPE { + continue + } + + // In go1.14+, the go runtime issues SIGURG as an interrupt to support pre-emptable system calls on Linux. + // Since we can't forward that along we'll check that here. + if isRuntimeSig(s) { + continue + } + var sig string + for sigStr, sigN := range signal.SignalMap { + if sigN == s { + sig = sigStr + break + } + } + if sig == "" { + fmt.Fprintf(cli.Err(), "Unsupported signal: %v. Discarding.\n", s) + continue + } + + if err := cli.Client().ContainerKill(ctx, cid, sig); err != nil { + logrus.Debugf("Error sending signal: %s", err) + } + } +} + +func notfiyAllSignals() chan os.Signal { + sigc := make(chan os.Signal, 128) + gosignal.Notify(sigc) + return sigc +} diff --git a/cli/command/container/signals_linux.go b/cli/command/container/signals_linux.go new file mode 100644 index 000000000000..7eeb91985023 --- /dev/null +++ b/cli/command/container/signals_linux.go @@ -0,0 +1,11 @@ +package container + +import ( + "os" + + "golang.org/x/sys/unix" +) + +func isRuntimeSig(s os.Signal) bool { + return s == unix.SIGURG +} diff --git a/cli/command/container/signals_linux_test.go b/cli/command/container/signals_linux_test.go new file mode 100644 index 000000000000..1b2eaff9b3e8 --- /dev/null +++ b/cli/command/container/signals_linux_test.go @@ -0,0 +1,57 @@ +package container + +import ( + "context" + "os" + "syscall" + "testing" + "time" + + "github.com/docker/cli/internal/test" + "golang.org/x/sys/unix" + "gotest.tools/v3/assert" +) + +func TestIgnoredSignals(t *testing.T) { + ignoredSignals := []syscall.Signal{unix.SIGPIPE, unix.SIGCHLD, unix.SIGURG} + + for _, s := range ignoredSignals { + t.Run(unix.SignalName(s), func(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + + var called bool + client := &fakeClient{containerKillFunc: func(ctx context.Context, container, signal string) error { + called = true + return nil + }} + + cli := test.NewFakeCli(client) + sigc := make(chan os.Signal) + defer close(sigc) + + done := make(chan struct{}) + go func() { + ForwardAllSignals(ctx, cli, t.Name(), sigc) + close(done) + }() + + timer := time.NewTimer(30 * time.Second) + defer timer.Stop() + + select { + case <-timer.C: + t.Fatal("timeout waiting to send signal") + case sigc <- s: + case <-done: + } + + // cancel the context so ForwardAllSignals will exit after it has processed the signal we sent. + // This is how we know the signal was actually processed and are not introducing a flakey test. + cancel() + <-done + + assert.Assert(t, !called, "kill was called") + }) + } +} diff --git a/cli/command/container/signals_notlinux.go b/cli/command/container/signals_notlinux.go new file mode 100644 index 000000000000..9e8412f66ae6 --- /dev/null +++ b/cli/command/container/signals_notlinux.go @@ -0,0 +1,9 @@ +// +build !linux + +package container + +import "os" + +func isRuntimeSig(_ os.Signal) bool { + return false +} diff --git a/cli/command/container/signals_test.go b/cli/command/container/signals_test.go new file mode 100644 index 000000000000..39eaab1c5da8 --- /dev/null +++ b/cli/command/container/signals_test.go @@ -0,0 +1,48 @@ +package container + +import ( + "context" + "os" + "testing" + "time" + + "github.com/docker/cli/internal/test" + "github.com/docker/docker/pkg/signal" +) + +func TestForwardSignals(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + + called := make(chan struct{}) + client := &fakeClient{containerKillFunc: func(ctx context.Context, container, signal string) error { + close(called) + return nil + }} + + cli := test.NewFakeCli(client) + sigc := make(chan os.Signal) + defer close(sigc) + + go ForwardAllSignals(ctx, cli, t.Name(), sigc) + + timer := time.NewTimer(30 * time.Second) + defer timer.Stop() + + select { + case <-timer.C: + t.Fatal("timeout waiting to send signal") + case sigc <- signal.SignalMap["TERM"]: + } + if !timer.Stop() { + <-timer.C + } + timer.Reset(30 * time.Second) + + select { + case <-called: + case <-timer.C: + t.Fatal("timeout waiting for signal to be processed") + } + +} diff --git a/cli/command/container/start.go b/cli/command/container/start.go index 5ab05ae68b2e..9029061e09de 100644 --- a/cli/command/container/start.go +++ b/cli/command/container/start.go @@ -74,7 +74,8 @@ func runStart(dockerCli command.Cli, opts *startOptions) error { // We always use c.ID instead of container to maintain consistency during `docker start` if !c.Config.Tty { - sigc := ForwardAllSignals(ctx, dockerCli, c.ID) + sigc := notfiyAllSignals() + ForwardAllSignals(ctx, dockerCli, c.ID, sigc) defer signal.StopCatch(sigc) } diff --git a/cli/command/container/tty.go b/cli/command/container/tty.go index b7003f1a04df..4060c0a19f9a 100644 --- a/cli/command/container/tty.go +++ b/cli/command/container/tty.go @@ -95,32 +95,3 @@ func MonitorTtySize(ctx context.Context, cli command.Cli, id string, isExec bool } return nil } - -// ForwardAllSignals forwards signals to the container -func ForwardAllSignals(ctx context.Context, cli command.Cli, cid string) chan os.Signal { - sigc := make(chan os.Signal, 128) - signal.CatchAll(sigc) - go func() { - for s := range sigc { - if s == signal.SIGCHLD || s == signal.SIGPIPE { - continue - } - var sig string - for sigStr, sigN := range signal.SignalMap { - if sigN == s { - sig = sigStr - break - } - } - if sig == "" { - fmt.Fprintf(cli.Err(), "Unsupported signal: %v. Discarding.\n", s) - continue - } - - if err := cli.Client().ContainerKill(ctx, cid, sig); err != nil { - logrus.Debugf("Error sending signal: %s", err) - } - } - }() - return sigc -} From 88de81ff21f673771a720b6ad272f033fe1cac95 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Tue, 2 Mar 2021 00:54:13 +0000 Subject: [PATCH 060/127] Fix `docker start` blocking on signal handling We refactorted `ForwardAllSignals` so it blocks but did not update the call in `start` to call it in a goroutine. Signed-off-by: Brian Goff (cherry picked from commit e1a7517514fbde432f4316f64959fbcff5036a1a) Signed-off-by: Sebastiaan van Stijn --- cli/command/container/start.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cli/command/container/start.go b/cli/command/container/start.go index 9029061e09de..bec948225f3f 100644 --- a/cli/command/container/start.go +++ b/cli/command/container/start.go @@ -75,7 +75,7 @@ func runStart(dockerCli command.Cli, opts *startOptions) error { // We always use c.ID instead of container to maintain consistency during `docker start` if !c.Config.Tty { sigc := notfiyAllSignals() - ForwardAllSignals(ctx, dockerCli, c.ID, sigc) + go ForwardAllSignals(ctx, dockerCli, c.ID, sigc) defer signal.StopCatch(sigc) } From 032e485e1cb4aff44847c5dba12af3d7382bff6b Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 1 Mar 2021 14:06:19 +0100 Subject: [PATCH 061/127] ForwardAllSignals: check if channel is closed, and remove warning Commit fff164c22e8dc904291fecb62307312fd4ca153e modified ForwardAllSignals to take `SIGURG` signals into account, which can be generated by the Go runtime on Go 1.14 and up as an interrupt to support pre-emptable system calls on Linux. With the updated code, the signal (`s`) would sometimes be `nil`, causing spurious (but otherwise harmless) warnings to be printed; Unsupported signal: . Discarding. To debug this issue, I patched v20.10.4 to handle `nil`, and added a debug line to print the signal in all cases; ```patch diff --git a/cli/command/container/signals.go b/cli/command/container/signals.go index 06e4d9eb6..0cb53ef06 100644 --- a/cli/command/container/signals.go +++ b/cli/command/container/signals.go @@ -22,8 +22,9 @@ func ForwardAllSignals(ctx context.Context, cli command.Cli, cid string, sigc <- case <-ctx.Done(): return } + fmt.Fprintf(cli.Err(), "Signal: %v\n", s) if s == signal.SIGCHLD || s == signal.SIGPIPE { ``` When running a cross-compiled macOS binary with Go 1.13 (`make -f docker.Makefile binary-osx`): # regular "docker run" (note that the `` signal only happens "sometimes"): ./build/docker run --rm alpine/git clone https://github.com/docker/getting-started.git Cloning into 'getting-started'... Signal: # when cancelling with CTRL-C: ./build/docker run --rm alpine/git clone https://github.com/docker/getting-started.git ^CSignal: interrupt Cloning into 'getting-started'... error: could not lock config file /git/getting-started/.git/config: No such file or directory fatal: could not set 'core.repositoryformatversion' to '0' Signal: Signal: When running a macOS binary built with Go 1.15 (`DISABLE_WARN_OUTSIDE_CONTAINER=1 make binary`): # regular "docker run" (note that the `` signal only happens "sometimes"): # this is the same as on Go 1.13 ./build/docker run --rm alpine/git clone https://github.com/docker/getting-started.git Cloning into 'getting-started'... Signal: # when cancelling with CTRL-C: ./build/docker run --rm alpine/git clone https://github.com/docker/getting-started.git Cloning into 'getting-started'... ^CSignal: interrupt Signal: urgent I/O condition Signal: urgent I/O condition fatal: --stdin requires a git repository fatal: index-pack failed Signal: Signal: This patch checks if the channel is closed, and removes the warning (to prevent warnings if new signals are added that are not in our known list of signals) We should also consider updating `notfiyAllSignals()`, which currently forwards _all_ signals (`signal.Notify(sigc)` without passing a list of signals), and instead pass it "all signals _minus_ the signals we don't want forwarded": https://github.com/docker/cli/blob/35f023a7c22a51867fb099d29006ef27379bc7fe/cli/command/container/signals.go#L55 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 9342ec6b71404ad1dde2477bdc06febcaf49f47c) Signed-off-by: Sebastiaan van Stijn --- cli/command/container/signals.go | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/cli/command/container/signals.go b/cli/command/container/signals.go index 06e4d9eb6624..1929a9b19132 100644 --- a/cli/command/container/signals.go +++ b/cli/command/container/signals.go @@ -2,7 +2,6 @@ package container import ( "context" - "fmt" "os" gosignal "os/signal" @@ -15,10 +14,16 @@ import ( // // The channel you pass in must already be setup to receive any signals you want to forward. func ForwardAllSignals(ctx context.Context, cli command.Cli, cid string, sigc <-chan os.Signal) { - var s os.Signal + var ( + s os.Signal + ok bool + ) for { select { - case s = <-sigc: + case s, ok = <-sigc: + if !ok { + return + } case <-ctx.Done(): return } @@ -40,7 +45,6 @@ func ForwardAllSignals(ctx context.Context, cli command.Cli, cid string, sigc <- } } if sig == "" { - fmt.Fprintf(cli.Err(), "Unsupported signal: %v. Discarding.\n", s) continue } From 2945ba4f7a710902ed1729bc73715d4e5bca6726 Mon Sep 17 00:00:00 2001 From: David Scott Date: Fri, 21 May 2021 16:17:57 +0100 Subject: [PATCH 062/127] Ignore SIGURG on Darwin too This extends #2929 to Darwin as well as Linux. Running the example in https://github.com/golang/go/issues/37942 I see lots of: ``` dave@m1 sigurg % uname -ms Darwin arm64 dave@m1 sigurg % go run main.go received urgent I/O condition: 2021-05-21 16:03:03.482211 +0100 BST m=+0.014553751 received urgent I/O condition: 2021-05-21 16:03:03.507171 +0100 BST m=+0.039514459 ``` Signed-off-by: David Scott (cherry picked from commit cedaf44ea2e8b25b5298bac5f432d90033e5ad6a) Signed-off-by: Sebastiaan van Stijn --- cli/command/container/{signals_linux.go => signals_unix.go} | 2 ++ .../container/{signals_linux_test.go => signals_unix_test.go} | 2 ++ .../container/{signals_notlinux.go => signals_windows.go} | 2 -- 3 files changed, 4 insertions(+), 2 deletions(-) rename cli/command/container/{signals_linux.go => signals_unix.go} (86%) rename cli/command/container/{signals_linux_test.go => signals_unix_test.go} (98%) rename cli/command/container/{signals_notlinux.go => signals_windows.go} (82%) diff --git a/cli/command/container/signals_linux.go b/cli/command/container/signals_unix.go similarity index 86% rename from cli/command/container/signals_linux.go rename to cli/command/container/signals_unix.go index 7eeb91985023..8db4cfe8353d 100644 --- a/cli/command/container/signals_linux.go +++ b/cli/command/container/signals_unix.go @@ -1,3 +1,5 @@ +// +build !windows + package container import ( diff --git a/cli/command/container/signals_linux_test.go b/cli/command/container/signals_unix_test.go similarity index 98% rename from cli/command/container/signals_linux_test.go rename to cli/command/container/signals_unix_test.go index 1b2eaff9b3e8..61ffe64a1cac 100644 --- a/cli/command/container/signals_linux_test.go +++ b/cli/command/container/signals_unix_test.go @@ -1,3 +1,5 @@ +// +build !windows + package container import ( diff --git a/cli/command/container/signals_notlinux.go b/cli/command/container/signals_windows.go similarity index 82% rename from cli/command/container/signals_notlinux.go rename to cli/command/container/signals_windows.go index 9e8412f66ae6..1e51b952fa74 100644 --- a/cli/command/container/signals_notlinux.go +++ b/cli/command/container/signals_windows.go @@ -1,5 +1,3 @@ -// +build !linux - package container import "os" From 746c5535742ae996b4f65e82b2d053566a303b20 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 26 May 2021 14:14:02 +0200 Subject: [PATCH 063/127] docs: fix link to command-line reference This link worked on GitHub, but was broken on docs.docker.com, so replacing with a regular link directly to the docs instead. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 04e6884f65ae329eb9903dacddf90bb0c0d1b8cb) Signed-off-by: Sebastiaan van Stijn --- docs/extend/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/extend/index.md b/docs/extend/index.md index ecdf00b8f876..dd885d535fda 100644 --- a/docs/extend/index.md +++ b/docs/extend/index.md @@ -122,7 +122,7 @@ enabled, and use it to create a volume. To disable a plugin, use the `docker plugin disable` command. To completely remove it, use the `docker plugin remove` command. For other available commands and options, see the -[command line reference](../reference/commandline/index.md). +[command line reference](https://docs.docker.com/engine/reference/commandline/cli/). ## Developing a plugin From ab733b556418988923b8ea810fb5af778fca6fc4 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 7 Jun 2021 11:53:56 +0200 Subject: [PATCH 064/127] [20.10] vendor: github.com/docker/docker v20.10.7 full diff: https://github.com/docker/docker/compare/46229ca1d815cfd4b50eb377ac75ad8300e13a85...v20.10.7 This is the equivalent of 49f607153285b295f54880bd5dc21a7b65db1109 on master, but the vendored version in 20.10 was different. Last updates where: - Master: https://github.com/docker/cli/commit/7bef2487659c3609d6da10e36ad2a61267b9cdc9 - diff: https://github.com/moby/moby/compare/v20.10.1...d5209b29b9777e0b9713d87847a5dc8ce9d93da6 - https://github.com/moby/moby/commit/d5209b29b9777e0b9713d87847a5dc8ce9d93da6 is a commit from moby "master" - 20.10: https://github.com/docker/cli/commit/5941f4104a33aaddf08a080a3cf5d05e6fdace6b - diff: https://github.com/docker/docker/compare/v20.10.1...46229ca1d815cfd4b50eb377ac75ad8300e13a85 - https://github.com/moby/moby/commit/46229ca1d815cfd4b50eb377ac75ad8300e13a85 is a commit from moby "20.10" The 20.10 version mentions it was cherry-picked from 7bef2487659c3609d6da10e36ad2a61267b9cdc9, but that's not the case; there's another diff in the 20.10 branch that was not in master: https://github.com/docker/docker/compare/d5209b29b9777e0b9713d87847a5dc8ce9d93da6...46229ca1d815cfd4b50eb377ac75ad8300e13a85 raw diff https://github.com/docker/docker/compare/d5209b29b9777e0b9713d87847a5dc8ce9d93da6..46229ca1d815cfd4b50eb377ac75ad8300e13a85 Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 4 +- .../containerd/continuity/fs/copy.go | 176 ---------- .../containerd/continuity/fs/copy_linux.go | 147 -------- .../containerd/continuity/fs/copy_unix.go | 112 ------ .../containerd/continuity/fs/copy_windows.go | 49 --- .../containerd/continuity/fs/diff.go | 326 ------------------ .../containerd/continuity/fs/diff_unix.go | 74 ---- .../containerd/continuity/fs/diff_windows.go | 48 --- .../containerd/continuity/fs/dtype_linux.go | 103 ------ .../github.com/containerd/continuity/fs/du.go | 38 -- .../containerd/continuity/fs/du_unix.go | 110 ------ .../containerd/continuity/fs/du_windows.go | 82 ----- .../containerd/continuity/fs/hardlink.go | 43 --- .../containerd/continuity/fs/hardlink_unix.go | 34 -- .../continuity/fs/hardlink_windows.go | 23 -- .../containerd/continuity/fs/path.go | 311 ----------------- .../continuity/fs/stat_darwinfreebsd.go | 44 --- .../continuity/fs/stat_linuxopenbsd.go | 45 --- .../containerd/continuity/fs/time.go | 29 -- .../github.com/docker/docker/client/client.go | 2 +- .../docker/docker/pkg/archive/archive.go | 36 +- .../docker/pkg/archive/archive_linux.go | 180 +--------- .../docker/pkg/archive/archive_other.go | 4 +- .../docker/docker/pkg/archive/archive_unix.go | 12 +- .../docker/docker/pkg/idtools/idtools_unix.go | 51 ++- .../docker/docker/pkg/signal/signal.go | 9 +- vendor/github.com/docker/docker/vendor.conf | 10 +- 27 files changed, 96 insertions(+), 2006 deletions(-) delete mode 100644 vendor/github.com/containerd/continuity/fs/copy.go delete mode 100644 vendor/github.com/containerd/continuity/fs/copy_linux.go delete mode 100644 vendor/github.com/containerd/continuity/fs/copy_unix.go delete mode 100644 vendor/github.com/containerd/continuity/fs/copy_windows.go delete mode 100644 vendor/github.com/containerd/continuity/fs/diff.go delete mode 100644 vendor/github.com/containerd/continuity/fs/diff_unix.go delete mode 100644 vendor/github.com/containerd/continuity/fs/diff_windows.go delete mode 100644 vendor/github.com/containerd/continuity/fs/dtype_linux.go delete mode 100644 vendor/github.com/containerd/continuity/fs/du.go delete mode 100644 vendor/github.com/containerd/continuity/fs/du_unix.go delete mode 100644 vendor/github.com/containerd/continuity/fs/du_windows.go delete mode 100644 vendor/github.com/containerd/continuity/fs/hardlink.go delete mode 100644 vendor/github.com/containerd/continuity/fs/hardlink_unix.go delete mode 100644 vendor/github.com/containerd/continuity/fs/hardlink_windows.go delete mode 100644 vendor/github.com/containerd/continuity/fs/path.go delete mode 100644 vendor/github.com/containerd/continuity/fs/stat_darwinfreebsd.go delete mode 100644 vendor/github.com/containerd/continuity/fs/stat_linuxopenbsd.go delete mode 100644 vendor/github.com/containerd/continuity/fs/time.go diff --git a/vendor.conf b/vendor.conf index 12e495360cd7..bf85a8f89268 100755 --- a/vendor.conf +++ b/vendor.conf @@ -13,14 +13,14 @@ github.com/creack/pty 2a38352e8b4d7ab6c336eef107e4 github.com/davecgh/go-spew 8991bc29aa16c548c550c7ff78260e27b9ab7c73 # v1.1.1 github.com/docker/compose-on-kubernetes 78e6a00beda64ac8ccb9fec787e601fe2ce0d5bb # v0.5.0-alpha1 github.com/docker/distribution 0d3efadf0154c2b8a4e7b6621fff9809655cc580 -github.com/docker/docker 46229ca1d815cfd4b50eb377ac75ad8300e13a85 +github.com/docker/docker b0f5bc36fea9dfb9672e1e9b1278ebab797b9ee0 # v20.10.7 github.com/docker/docker-credential-helpers 38bea2ce277ad0c9d2a6230692b0606ca5286526 github.com/docker/go d30aec9fd63c35133f8f79c3412ad91a3b08be06 # Contains a customized version of canonical/json and is used by Notary. The package is periodically rebased on current Go versions. github.com/docker/go-connections 7395e3f8aa162843a74ed6d48e79627d9792ac55 # v0.4.0 github.com/docker/go-events e31b211e4f1cd09aa76fe4ac244571fab96ae47f github.com/docker/go-metrics b619b3592b65de4f087d9f16863a7e6ff905973c # v0.0.1 github.com/docker/go-units 519db1ee28dcc9fd2474ae59fca29a810482bfb1 # v0.4.0 -github.com/docker/swarmkit d6592ddefd8a5319aadff74c558b816b1a0b2590 +github.com/docker/swarmkit 17d8d4e4d8bdec33d386e6362d3537fa9493ba00 github.com/evanphx/json-patch 72bf35d0ff611848c1dc9df0f976c81192392fa5 # v4.1.0 github.com/fvbommel/sortorder 26fad50c6b32a3064c09ed089865c16f2f3615f6 # v1.0.2 github.com/gofrs/flock 6caa7350c26b838538005fae7dbee4e69d9398db # v0.7.3 diff --git a/vendor/github.com/containerd/continuity/fs/copy.go b/vendor/github.com/containerd/continuity/fs/copy.go deleted file mode 100644 index 818bba2cda20..000000000000 --- a/vendor/github.com/containerd/continuity/fs/copy.go +++ /dev/null @@ -1,176 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "io/ioutil" - "os" - "path/filepath" - "sync" - - "github.com/pkg/errors" -) - -var bufferPool = &sync.Pool{ - New: func() interface{} { - buffer := make([]byte, 32*1024) - return &buffer - }, -} - -// XAttrErrorHandlers transform a non-nil xattr error. -// Return nil to ignore an error. -// xattrKey can be empty for listxattr operation. -type XAttrErrorHandler func(dst, src, xattrKey string, err error) error - -type copyDirOpts struct { - xeh XAttrErrorHandler -} - -type CopyDirOpt func(*copyDirOpts) error - -// WithXAttrErrorHandler allows specifying XAttrErrorHandler -// If nil XAttrErrorHandler is specified (default), CopyDir stops -// on a non-nil xattr error. -func WithXAttrErrorHandler(xeh XAttrErrorHandler) CopyDirOpt { - return func(o *copyDirOpts) error { - o.xeh = xeh - return nil - } -} - -// WithAllowXAttrErrors allows ignoring xattr errors. -func WithAllowXAttrErrors() CopyDirOpt { - xeh := func(dst, src, xattrKey string, err error) error { - return nil - } - return WithXAttrErrorHandler(xeh) -} - -// CopyDir copies the directory from src to dst. -// Most efficient copy of files is attempted. -func CopyDir(dst, src string, opts ...CopyDirOpt) error { - var o copyDirOpts - for _, opt := range opts { - if err := opt(&o); err != nil { - return err - } - } - inodes := map[uint64]string{} - return copyDirectory(dst, src, inodes, &o) -} - -func copyDirectory(dst, src string, inodes map[uint64]string, o *copyDirOpts) error { - stat, err := os.Stat(src) - if err != nil { - return errors.Wrapf(err, "failed to stat %s", src) - } - if !stat.IsDir() { - return errors.Errorf("source %s is not directory", src) - } - - if st, err := os.Stat(dst); err != nil { - if err := os.Mkdir(dst, stat.Mode()); err != nil { - return errors.Wrapf(err, "failed to mkdir %s", dst) - } - } else if !st.IsDir() { - return errors.Errorf("cannot copy to non-directory: %s", dst) - } else { - if err := os.Chmod(dst, stat.Mode()); err != nil { - return errors.Wrapf(err, "failed to chmod on %s", dst) - } - } - - fis, err := ioutil.ReadDir(src) - if err != nil { - return errors.Wrapf(err, "failed to read %s", src) - } - - if err := copyFileInfo(stat, dst); err != nil { - return errors.Wrapf(err, "failed to copy file info for %s", dst) - } - - if err := copyXAttrs(dst, src, o.xeh); err != nil { - return errors.Wrap(err, "failed to copy xattrs") - } - - for _, fi := range fis { - source := filepath.Join(src, fi.Name()) - target := filepath.Join(dst, fi.Name()) - - switch { - case fi.IsDir(): - if err := copyDirectory(target, source, inodes, o); err != nil { - return err - } - continue - case (fi.Mode() & os.ModeType) == 0: - link, err := getLinkSource(target, fi, inodes) - if err != nil { - return errors.Wrap(err, "failed to get hardlink") - } - if link != "" { - if err := os.Link(link, target); err != nil { - return errors.Wrap(err, "failed to create hard link") - } - } else if err := CopyFile(target, source); err != nil { - return errors.Wrap(err, "failed to copy files") - } - case (fi.Mode() & os.ModeSymlink) == os.ModeSymlink: - link, err := os.Readlink(source) - if err != nil { - return errors.Wrapf(err, "failed to read link: %s", source) - } - if err := os.Symlink(link, target); err != nil { - return errors.Wrapf(err, "failed to create symlink: %s", target) - } - case (fi.Mode() & os.ModeDevice) == os.ModeDevice: - if err := copyDevice(target, fi); err != nil { - return errors.Wrapf(err, "failed to create device") - } - default: - // TODO: Support pipes and sockets - return errors.Wrapf(err, "unsupported mode %s", fi.Mode()) - } - if err := copyFileInfo(fi, target); err != nil { - return errors.Wrap(err, "failed to copy file info") - } - - if err := copyXAttrs(target, source, o.xeh); err != nil { - return errors.Wrap(err, "failed to copy xattrs") - } - } - - return nil -} - -// CopyFile copies the source file to the target. -// The most efficient means of copying is used for the platform. -func CopyFile(target, source string) error { - src, err := os.Open(source) - if err != nil { - return errors.Wrapf(err, "failed to open source %s", source) - } - defer src.Close() - tgt, err := os.Create(target) - if err != nil { - return errors.Wrapf(err, "failed to open target %s", target) - } - defer tgt.Close() - - return copyFileContent(tgt, src) -} diff --git a/vendor/github.com/containerd/continuity/fs/copy_linux.go b/vendor/github.com/containerd/continuity/fs/copy_linux.go deleted file mode 100644 index 72bae7d4e499..000000000000 --- a/vendor/github.com/containerd/continuity/fs/copy_linux.go +++ /dev/null @@ -1,147 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "io" - "os" - "syscall" - - "github.com/containerd/continuity/sysx" - "github.com/pkg/errors" - "golang.org/x/sys/unix" -) - -func copyFileInfo(fi os.FileInfo, name string) error { - st := fi.Sys().(*syscall.Stat_t) - if err := os.Lchown(name, int(st.Uid), int(st.Gid)); err != nil { - if os.IsPermission(err) { - // Normally if uid/gid are the same this would be a no-op, but some - // filesystems may still return EPERM... for instance NFS does this. - // In such a case, this is not an error. - if dstStat, err2 := os.Lstat(name); err2 == nil { - st2 := dstStat.Sys().(*syscall.Stat_t) - if st.Uid == st2.Uid && st.Gid == st2.Gid { - err = nil - } - } - } - if err != nil { - return errors.Wrapf(err, "failed to chown %s", name) - } - } - - if (fi.Mode() & os.ModeSymlink) != os.ModeSymlink { - if err := os.Chmod(name, fi.Mode()); err != nil { - return errors.Wrapf(err, "failed to chmod %s", name) - } - } - - timespec := []unix.Timespec{ - unix.NsecToTimespec(syscall.TimespecToNsec(StatAtime(st))), - unix.NsecToTimespec(syscall.TimespecToNsec(StatMtime(st))), - } - if err := unix.UtimesNanoAt(unix.AT_FDCWD, name, timespec, unix.AT_SYMLINK_NOFOLLOW); err != nil { - return errors.Wrapf(err, "failed to utime %s", name) - } - - return nil -} - -const maxSSizeT = int64(^uint(0) >> 1) - -func copyFileContent(dst, src *os.File) error { - st, err := src.Stat() - if err != nil { - return errors.Wrap(err, "unable to stat source") - } - - size := st.Size() - first := true - srcFd := int(src.Fd()) - dstFd := int(dst.Fd()) - - for size > 0 { - // Ensure that we are never trying to copy more than SSIZE_MAX at a - // time and at the same time avoids overflows when the file is larger - // than 4GB on 32-bit systems. - var copySize int - if size > maxSSizeT { - copySize = int(maxSSizeT) - } else { - copySize = int(size) - } - n, err := unix.CopyFileRange(srcFd, nil, dstFd, nil, copySize, 0) - if err != nil { - if (err != unix.ENOSYS && err != unix.EXDEV) || !first { - return errors.Wrap(err, "copy file range failed") - } - - buf := bufferPool.Get().(*[]byte) - _, err = io.CopyBuffer(dst, src, *buf) - bufferPool.Put(buf) - return errors.Wrap(err, "userspace copy failed") - } - - first = false - size -= int64(n) - } - - return nil -} - -func copyXAttrs(dst, src string, xeh XAttrErrorHandler) error { - xattrKeys, err := sysx.LListxattr(src) - if err != nil { - e := errors.Wrapf(err, "failed to list xattrs on %s", src) - if xeh != nil { - e = xeh(dst, src, "", e) - } - return e - } - for _, xattr := range xattrKeys { - data, err := sysx.LGetxattr(src, xattr) - if err != nil { - e := errors.Wrapf(err, "failed to get xattr %q on %s", xattr, src) - if xeh != nil { - if e = xeh(dst, src, xattr, e); e == nil { - continue - } - } - return e - } - if err := sysx.LSetxattr(dst, xattr, data, 0); err != nil { - e := errors.Wrapf(err, "failed to set xattr %q on %s", xattr, dst) - if xeh != nil { - if e = xeh(dst, src, xattr, e); e == nil { - continue - } - } - return e - } - } - - return nil -} - -func copyDevice(dst string, fi os.FileInfo) error { - st, ok := fi.Sys().(*syscall.Stat_t) - if !ok { - return errors.New("unsupported stat type") - } - return unix.Mknod(dst, uint32(fi.Mode()), int(st.Rdev)) -} diff --git a/vendor/github.com/containerd/continuity/fs/copy_unix.go b/vendor/github.com/containerd/continuity/fs/copy_unix.go deleted file mode 100644 index a5de89261f62..000000000000 --- a/vendor/github.com/containerd/continuity/fs/copy_unix.go +++ /dev/null @@ -1,112 +0,0 @@ -// +build darwin freebsd openbsd solaris - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "io" - "os" - "syscall" - - "github.com/containerd/continuity/sysx" - "github.com/pkg/errors" - "golang.org/x/sys/unix" -) - -func copyFileInfo(fi os.FileInfo, name string) error { - st := fi.Sys().(*syscall.Stat_t) - if err := os.Lchown(name, int(st.Uid), int(st.Gid)); err != nil { - if os.IsPermission(err) { - // Normally if uid/gid are the same this would be a no-op, but some - // filesystems may still return EPERM... for instance NFS does this. - // In such a case, this is not an error. - if dstStat, err2 := os.Lstat(name); err2 == nil { - st2 := dstStat.Sys().(*syscall.Stat_t) - if st.Uid == st2.Uid && st.Gid == st2.Gid { - err = nil - } - } - } - if err != nil { - return errors.Wrapf(err, "failed to chown %s", name) - } - } - - if (fi.Mode() & os.ModeSymlink) != os.ModeSymlink { - if err := os.Chmod(name, fi.Mode()); err != nil { - return errors.Wrapf(err, "failed to chmod %s", name) - } - } - - timespec := []syscall.Timespec{StatAtime(st), StatMtime(st)} - if err := syscall.UtimesNano(name, timespec); err != nil { - return errors.Wrapf(err, "failed to utime %s", name) - } - - return nil -} - -func copyFileContent(dst, src *os.File) error { - buf := bufferPool.Get().(*[]byte) - _, err := io.CopyBuffer(dst, src, *buf) - bufferPool.Put(buf) - - return err -} - -func copyXAttrs(dst, src string, xeh XAttrErrorHandler) error { - xattrKeys, err := sysx.LListxattr(src) - if err != nil { - e := errors.Wrapf(err, "failed to list xattrs on %s", src) - if xeh != nil { - e = xeh(dst, src, "", e) - } - return e - } - for _, xattr := range xattrKeys { - data, err := sysx.LGetxattr(src, xattr) - if err != nil { - e := errors.Wrapf(err, "failed to get xattr %q on %s", xattr, src) - if xeh != nil { - if e = xeh(dst, src, xattr, e); e == nil { - continue - } - } - return e - } - if err := sysx.LSetxattr(dst, xattr, data, 0); err != nil { - e := errors.Wrapf(err, "failed to set xattr %q on %s", xattr, dst) - if xeh != nil { - if e = xeh(dst, src, xattr, e); e == nil { - continue - } - } - return e - } - } - - return nil -} - -func copyDevice(dst string, fi os.FileInfo) error { - st, ok := fi.Sys().(*syscall.Stat_t) - if !ok { - return errors.New("unsupported stat type") - } - return unix.Mknod(dst, uint32(fi.Mode()), int(st.Rdev)) -} diff --git a/vendor/github.com/containerd/continuity/fs/copy_windows.go b/vendor/github.com/containerd/continuity/fs/copy_windows.go deleted file mode 100644 index 27c7d7dbb9f3..000000000000 --- a/vendor/github.com/containerd/continuity/fs/copy_windows.go +++ /dev/null @@ -1,49 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "io" - "os" - - "github.com/pkg/errors" -) - -func copyFileInfo(fi os.FileInfo, name string) error { - if err := os.Chmod(name, fi.Mode()); err != nil { - return errors.Wrapf(err, "failed to chmod %s", name) - } - - // TODO: copy windows specific metadata - - return nil -} - -func copyFileContent(dst, src *os.File) error { - buf := bufferPool.Get().(*[]byte) - _, err := io.CopyBuffer(dst, src, *buf) - bufferPool.Put(buf) - return err -} - -func copyXAttrs(dst, src string, xeh XAttrErrorHandler) error { - return nil -} - -func copyDevice(dst string, fi os.FileInfo) error { - return errors.New("device copy not supported") -} diff --git a/vendor/github.com/containerd/continuity/fs/diff.go b/vendor/github.com/containerd/continuity/fs/diff.go deleted file mode 100644 index e64f9e73d304..000000000000 --- a/vendor/github.com/containerd/continuity/fs/diff.go +++ /dev/null @@ -1,326 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "context" - "os" - "path/filepath" - "strings" - - "golang.org/x/sync/errgroup" - - "github.com/sirupsen/logrus" -) - -// ChangeKind is the type of modification that -// a change is making. -type ChangeKind int - -const ( - // ChangeKindUnmodified represents an unmodified - // file - ChangeKindUnmodified = iota - - // ChangeKindAdd represents an addition of - // a file - ChangeKindAdd - - // ChangeKindModify represents a change to - // an existing file - ChangeKindModify - - // ChangeKindDelete represents a delete of - // a file - ChangeKindDelete -) - -func (k ChangeKind) String() string { - switch k { - case ChangeKindUnmodified: - return "unmodified" - case ChangeKindAdd: - return "add" - case ChangeKindModify: - return "modify" - case ChangeKindDelete: - return "delete" - default: - return "" - } -} - -// Change represents single change between a diff and its parent. -type Change struct { - Kind ChangeKind - Path string -} - -// ChangeFunc is the type of function called for each change -// computed during a directory changes calculation. -type ChangeFunc func(ChangeKind, string, os.FileInfo, error) error - -// Changes computes changes between two directories calling the -// given change function for each computed change. The first -// directory is intended to the base directory and second -// directory the changed directory. -// -// The change callback is called by the order of path names and -// should be appliable in that order. -// Due to this apply ordering, the following is true -// - Removed directory trees only create a single change for the root -// directory removed. Remaining changes are implied. -// - A directory which is modified to become a file will not have -// delete entries for sub-path items, their removal is implied -// by the removal of the parent directory. -// -// Opaque directories will not be treated specially and each file -// removed from the base directory will show up as a removal. -// -// File content comparisons will be done on files which have timestamps -// which may have been truncated. If either of the files being compared -// has a zero value nanosecond value, each byte will be compared for -// differences. If 2 files have the same seconds value but different -// nanosecond values where one of those values is zero, the files will -// be considered unchanged if the content is the same. This behavior -// is to account for timestamp truncation during archiving. -func Changes(ctx context.Context, a, b string, changeFn ChangeFunc) error { - if a == "" { - logrus.Debugf("Using single walk diff for %s", b) - return addDirChanges(ctx, changeFn, b) - } else if diffOptions := detectDirDiff(b, a); diffOptions != nil { - logrus.Debugf("Using single walk diff for %s from %s", diffOptions.diffDir, a) - return diffDirChanges(ctx, changeFn, a, diffOptions) - } - - logrus.Debugf("Using double walk diff for %s from %s", b, a) - return doubleWalkDiff(ctx, changeFn, a, b) -} - -func addDirChanges(ctx context.Context, changeFn ChangeFunc, root string) error { - return filepath.Walk(root, func(path string, f os.FileInfo, err error) error { - if err != nil { - return err - } - - // Rebase path - path, err = filepath.Rel(root, path) - if err != nil { - return err - } - - path = filepath.Join(string(os.PathSeparator), path) - - // Skip root - if path == string(os.PathSeparator) { - return nil - } - - return changeFn(ChangeKindAdd, path, f, nil) - }) -} - -// diffDirOptions is used when the diff can be directly calculated from -// a diff directory to its base, without walking both trees. -type diffDirOptions struct { - diffDir string - skipChange func(string) (bool, error) - deleteChange func(string, string, os.FileInfo) (string, error) -} - -// diffDirChanges walks the diff directory and compares changes against the base. -func diffDirChanges(ctx context.Context, changeFn ChangeFunc, base string, o *diffDirOptions) error { - changedDirs := make(map[string]struct{}) - return filepath.Walk(o.diffDir, func(path string, f os.FileInfo, err error) error { - if err != nil { - return err - } - - // Rebase path - path, err = filepath.Rel(o.diffDir, path) - if err != nil { - return err - } - - path = filepath.Join(string(os.PathSeparator), path) - - // Skip root - if path == string(os.PathSeparator) { - return nil - } - - // TODO: handle opaqueness, start new double walker at this - // location to get deletes, and skip tree in single walker - - if o.skipChange != nil { - if skip, err := o.skipChange(path); skip { - return err - } - } - - var kind ChangeKind - - deletedFile, err := o.deleteChange(o.diffDir, path, f) - if err != nil { - return err - } - - // Find out what kind of modification happened - if deletedFile != "" { - path = deletedFile - kind = ChangeKindDelete - f = nil - } else { - // Otherwise, the file was added - kind = ChangeKindAdd - - // ...Unless it already existed in a base, in which case, it's a modification - stat, err := os.Stat(filepath.Join(base, path)) - if err != nil && !os.IsNotExist(err) { - return err - } - if err == nil { - // The file existed in the base, so that's a modification - - // However, if it's a directory, maybe it wasn't actually modified. - // If you modify /foo/bar/baz, then /foo will be part of the changed files only because it's the parent of bar - if stat.IsDir() && f.IsDir() { - if f.Size() == stat.Size() && f.Mode() == stat.Mode() && sameFsTime(f.ModTime(), stat.ModTime()) { - // Both directories are the same, don't record the change - return nil - } - } - kind = ChangeKindModify - } - } - - // If /foo/bar/file.txt is modified, then /foo/bar must be part of the changed files. - // This block is here to ensure the change is recorded even if the - // modify time, mode and size of the parent directory in the rw and ro layers are all equal. - // Check https://github.com/docker/docker/pull/13590 for details. - if f.IsDir() { - changedDirs[path] = struct{}{} - } - if kind == ChangeKindAdd || kind == ChangeKindDelete { - parent := filepath.Dir(path) - if _, ok := changedDirs[parent]; !ok && parent != "/" { - pi, err := os.Stat(filepath.Join(o.diffDir, parent)) - if err := changeFn(ChangeKindModify, parent, pi, err); err != nil { - return err - } - changedDirs[parent] = struct{}{} - } - } - - return changeFn(kind, path, f, nil) - }) -} - -// doubleWalkDiff walks both directories to create a diff -func doubleWalkDiff(ctx context.Context, changeFn ChangeFunc, a, b string) (err error) { - g, ctx := errgroup.WithContext(ctx) - - var ( - c1 = make(chan *currentPath) - c2 = make(chan *currentPath) - - f1, f2 *currentPath - rmdir string - ) - g.Go(func() error { - defer close(c1) - return pathWalk(ctx, a, c1) - }) - g.Go(func() error { - defer close(c2) - return pathWalk(ctx, b, c2) - }) - g.Go(func() error { - for c1 != nil || c2 != nil { - if f1 == nil && c1 != nil { - f1, err = nextPath(ctx, c1) - if err != nil { - return err - } - if f1 == nil { - c1 = nil - } - } - - if f2 == nil && c2 != nil { - f2, err = nextPath(ctx, c2) - if err != nil { - return err - } - if f2 == nil { - c2 = nil - } - } - if f1 == nil && f2 == nil { - continue - } - - var f os.FileInfo - k, p := pathChange(f1, f2) - switch k { - case ChangeKindAdd: - if rmdir != "" { - rmdir = "" - } - f = f2.f - f2 = nil - case ChangeKindDelete: - // Check if this file is already removed by being - // under of a removed directory - if rmdir != "" && strings.HasPrefix(f1.path, rmdir) { - f1 = nil - continue - } else if f1.f.IsDir() { - rmdir = f1.path + string(os.PathSeparator) - } else if rmdir != "" { - rmdir = "" - } - f1 = nil - case ChangeKindModify: - same, err := sameFile(f1, f2) - if err != nil { - return err - } - if f1.f.IsDir() && !f2.f.IsDir() { - rmdir = f1.path + string(os.PathSeparator) - } else if rmdir != "" { - rmdir = "" - } - f = f2.f - f1 = nil - f2 = nil - if same { - if !isLinked(f) { - continue - } - k = ChangeKindUnmodified - } - } - if err := changeFn(k, p, f, nil); err != nil { - return err - } - } - return nil - }) - - return g.Wait() -} diff --git a/vendor/github.com/containerd/continuity/fs/diff_unix.go b/vendor/github.com/containerd/continuity/fs/diff_unix.go deleted file mode 100644 index 7913af27d903..000000000000 --- a/vendor/github.com/containerd/continuity/fs/diff_unix.go +++ /dev/null @@ -1,74 +0,0 @@ -// +build !windows - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "bytes" - "os" - "syscall" - - "github.com/containerd/continuity/sysx" - "github.com/pkg/errors" -) - -// detectDirDiff returns diff dir options if a directory could -// be found in the mount info for upper which is the direct -// diff with the provided lower directory -func detectDirDiff(upper, lower string) *diffDirOptions { - // TODO: get mount options for upper - // TODO: detect AUFS - // TODO: detect overlay - return nil -} - -// compareSysStat returns whether the stats are equivalent, -// whether the files are considered the same file, and -// an error -func compareSysStat(s1, s2 interface{}) (bool, error) { - ls1, ok := s1.(*syscall.Stat_t) - if !ok { - return false, nil - } - ls2, ok := s2.(*syscall.Stat_t) - if !ok { - return false, nil - } - - return ls1.Mode == ls2.Mode && ls1.Uid == ls2.Uid && ls1.Gid == ls2.Gid && ls1.Rdev == ls2.Rdev, nil -} - -func compareCapabilities(p1, p2 string) (bool, error) { - c1, err := sysx.LGetxattr(p1, "security.capability") - if err != nil && err != sysx.ENODATA { - return false, errors.Wrapf(err, "failed to get xattr for %s", p1) - } - c2, err := sysx.LGetxattr(p2, "security.capability") - if err != nil && err != sysx.ENODATA { - return false, errors.Wrapf(err, "failed to get xattr for %s", p2) - } - return bytes.Equal(c1, c2), nil -} - -func isLinked(f os.FileInfo) bool { - s, ok := f.Sys().(*syscall.Stat_t) - if !ok { - return false - } - return !f.IsDir() && s.Nlink > 1 -} diff --git a/vendor/github.com/containerd/continuity/fs/diff_windows.go b/vendor/github.com/containerd/continuity/fs/diff_windows.go deleted file mode 100644 index 4bfa72d3a19a..000000000000 --- a/vendor/github.com/containerd/continuity/fs/diff_windows.go +++ /dev/null @@ -1,48 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "os" - - "golang.org/x/sys/windows" -) - -func detectDirDiff(upper, lower string) *diffDirOptions { - return nil -} - -func compareSysStat(s1, s2 interface{}) (bool, error) { - f1, ok := s1.(windows.Win32FileAttributeData) - if !ok { - return false, nil - } - f2, ok := s2.(windows.Win32FileAttributeData) - if !ok { - return false, nil - } - return f1.FileAttributes == f2.FileAttributes, nil -} - -func compareCapabilities(p1, p2 string) (bool, error) { - // TODO: Use windows equivalent - return true, nil -} - -func isLinked(os.FileInfo) bool { - return false -} diff --git a/vendor/github.com/containerd/continuity/fs/dtype_linux.go b/vendor/github.com/containerd/continuity/fs/dtype_linux.go deleted file mode 100644 index 10510d8decee..000000000000 --- a/vendor/github.com/containerd/continuity/fs/dtype_linux.go +++ /dev/null @@ -1,103 +0,0 @@ -// +build linux - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "fmt" - "io/ioutil" - "os" - "syscall" - "unsafe" -) - -func locateDummyIfEmpty(path string) (string, error) { - children, err := ioutil.ReadDir(path) - if err != nil { - return "", err - } - if len(children) != 0 { - return "", nil - } - dummyFile, err := ioutil.TempFile(path, "fsutils-dummy") - if err != nil { - return "", err - } - name := dummyFile.Name() - err = dummyFile.Close() - return name, err -} - -// SupportsDType returns whether the filesystem mounted on path supports d_type -func SupportsDType(path string) (bool, error) { - // locate dummy so that we have at least one dirent - dummy, err := locateDummyIfEmpty(path) - if err != nil { - return false, err - } - if dummy != "" { - defer os.Remove(dummy) - } - - visited := 0 - supportsDType := true - fn := func(ent *syscall.Dirent) bool { - visited++ - if ent.Type == syscall.DT_UNKNOWN { - supportsDType = false - // stop iteration - return true - } - // continue iteration - return false - } - if err = iterateReadDir(path, fn); err != nil { - return false, err - } - if visited == 0 { - return false, fmt.Errorf("did not hit any dirent during iteration %s", path) - } - return supportsDType, nil -} - -func iterateReadDir(path string, fn func(*syscall.Dirent) bool) error { - d, err := os.Open(path) - if err != nil { - return err - } - defer d.Close() - fd := int(d.Fd()) - buf := make([]byte, 4096) - for { - nbytes, err := syscall.ReadDirent(fd, buf) - if err != nil { - return err - } - if nbytes == 0 { - break - } - for off := 0; off < nbytes; { - ent := (*syscall.Dirent)(unsafe.Pointer(&buf[off])) - if stop := fn(ent); stop { - return nil - } - off += int(ent.Reclen) - } - } - return nil -} diff --git a/vendor/github.com/containerd/continuity/fs/du.go b/vendor/github.com/containerd/continuity/fs/du.go deleted file mode 100644 index fccc985dc5b5..000000000000 --- a/vendor/github.com/containerd/continuity/fs/du.go +++ /dev/null @@ -1,38 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import "context" - -// Usage of disk information -type Usage struct { - Inodes int64 - Size int64 -} - -// DiskUsage counts the number of inodes and disk usage for the resources under -// path. -func DiskUsage(ctx context.Context, roots ...string) (Usage, error) { - return diskUsage(ctx, roots...) -} - -// DiffUsage counts the numbers of inodes and disk usage in the -// diff between the 2 directories. The first path is intended -// as the base directory and the second as the changed directory. -func DiffUsage(ctx context.Context, a, b string) (Usage, error) { - return diffUsage(ctx, a, b) -} diff --git a/vendor/github.com/containerd/continuity/fs/du_unix.go b/vendor/github.com/containerd/continuity/fs/du_unix.go deleted file mode 100644 index e22ffbea378f..000000000000 --- a/vendor/github.com/containerd/continuity/fs/du_unix.go +++ /dev/null @@ -1,110 +0,0 @@ -// +build !windows - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "context" - "os" - "path/filepath" - "syscall" -) - -type inode struct { - // TODO(stevvooe): Can probably reduce memory usage by not tracking - // device, but we can leave this right for now. - dev, ino uint64 -} - -func newInode(stat *syscall.Stat_t) inode { - return inode{ - // Dev is uint32 on darwin/bsd, uint64 on linux/solaris - dev: uint64(stat.Dev), // nolint: unconvert - // Ino is uint32 on bsd, uint64 on darwin/linux/solaris - ino: uint64(stat.Ino), // nolint: unconvert - } -} - -func diskUsage(ctx context.Context, roots ...string) (Usage, error) { - - var ( - size int64 - inodes = map[inode]struct{}{} // expensive! - ) - - for _, root := range roots { - if err := filepath.Walk(root, func(path string, fi os.FileInfo, err error) error { - if err != nil { - return err - } - - select { - case <-ctx.Done(): - return ctx.Err() - default: - } - - inoKey := newInode(fi.Sys().(*syscall.Stat_t)) - if _, ok := inodes[inoKey]; !ok { - inodes[inoKey] = struct{}{} - size += fi.Size() - } - - return nil - }); err != nil { - return Usage{}, err - } - } - - return Usage{ - Inodes: int64(len(inodes)), - Size: size, - }, nil -} - -func diffUsage(ctx context.Context, a, b string) (Usage, error) { - var ( - size int64 - inodes = map[inode]struct{}{} // expensive! - ) - - if err := Changes(ctx, a, b, func(kind ChangeKind, _ string, fi os.FileInfo, err error) error { - if err != nil { - return err - } - - if kind == ChangeKindAdd || kind == ChangeKindModify { - inoKey := newInode(fi.Sys().(*syscall.Stat_t)) - if _, ok := inodes[inoKey]; !ok { - inodes[inoKey] = struct{}{} - size += fi.Size() - } - - return nil - - } - return nil - }); err != nil { - return Usage{}, err - } - - return Usage{ - Inodes: int64(len(inodes)), - Size: size, - }, nil -} diff --git a/vendor/github.com/containerd/continuity/fs/du_windows.go b/vendor/github.com/containerd/continuity/fs/du_windows.go deleted file mode 100644 index 8f25ec59c569..000000000000 --- a/vendor/github.com/containerd/continuity/fs/du_windows.go +++ /dev/null @@ -1,82 +0,0 @@ -// +build windows - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "context" - "os" - "path/filepath" -) - -func diskUsage(ctx context.Context, roots ...string) (Usage, error) { - var ( - size int64 - ) - - // TODO(stevvooe): Support inodes (or equivalent) for windows. - - for _, root := range roots { - if err := filepath.Walk(root, func(path string, fi os.FileInfo, err error) error { - if err != nil { - return err - } - - select { - case <-ctx.Done(): - return ctx.Err() - default: - } - - size += fi.Size() - return nil - }); err != nil { - return Usage{}, err - } - } - - return Usage{ - Size: size, - }, nil -} - -func diffUsage(ctx context.Context, a, b string) (Usage, error) { - var ( - size int64 - ) - - if err := Changes(ctx, a, b, func(kind ChangeKind, _ string, fi os.FileInfo, err error) error { - if err != nil { - return err - } - - if kind == ChangeKindAdd || kind == ChangeKindModify { - size += fi.Size() - - return nil - - } - return nil - }); err != nil { - return Usage{}, err - } - - return Usage{ - Size: size, - }, nil -} diff --git a/vendor/github.com/containerd/continuity/fs/hardlink.go b/vendor/github.com/containerd/continuity/fs/hardlink.go deleted file mode 100644 index 762aa45e694a..000000000000 --- a/vendor/github.com/containerd/continuity/fs/hardlink.go +++ /dev/null @@ -1,43 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import "os" - -// GetLinkInfo returns an identifier representing the node a hardlink is pointing -// to. If the file is not hard linked then 0 will be returned. -func GetLinkInfo(fi os.FileInfo) (uint64, bool) { - return getLinkInfo(fi) -} - -// getLinkSource returns a path for the given name and -// file info to its link source in the provided inode -// map. If the given file name is not in the map and -// has other links, it is added to the inode map -// to be a source for other link locations. -func getLinkSource(name string, fi os.FileInfo, inodes map[uint64]string) (string, error) { - inode, isHardlink := getLinkInfo(fi) - if !isHardlink { - return "", nil - } - - path, ok := inodes[inode] - if !ok { - inodes[inode] = name - } - return path, nil -} diff --git a/vendor/github.com/containerd/continuity/fs/hardlink_unix.go b/vendor/github.com/containerd/continuity/fs/hardlink_unix.go deleted file mode 100644 index f95f0904c192..000000000000 --- a/vendor/github.com/containerd/continuity/fs/hardlink_unix.go +++ /dev/null @@ -1,34 +0,0 @@ -// +build !windows - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "os" - "syscall" -) - -func getLinkInfo(fi os.FileInfo) (uint64, bool) { - s, ok := fi.Sys().(*syscall.Stat_t) - if !ok { - return 0, false - } - - // Ino is uint32 on bsd, uint64 on darwin/linux/solaris - return uint64(s.Ino), !fi.IsDir() && s.Nlink > 1 // nolint: unconvert -} diff --git a/vendor/github.com/containerd/continuity/fs/hardlink_windows.go b/vendor/github.com/containerd/continuity/fs/hardlink_windows.go deleted file mode 100644 index 748554714707..000000000000 --- a/vendor/github.com/containerd/continuity/fs/hardlink_windows.go +++ /dev/null @@ -1,23 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import "os" - -func getLinkInfo(fi os.FileInfo) (uint64, bool) { - return 0, false -} diff --git a/vendor/github.com/containerd/continuity/fs/path.go b/vendor/github.com/containerd/continuity/fs/path.go deleted file mode 100644 index c26be79898e3..000000000000 --- a/vendor/github.com/containerd/continuity/fs/path.go +++ /dev/null @@ -1,311 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "bytes" - "context" - "io" - "os" - "path/filepath" - - "github.com/pkg/errors" -) - -var ( - errTooManyLinks = errors.New("too many links") -) - -type currentPath struct { - path string - f os.FileInfo - fullPath string -} - -func pathChange(lower, upper *currentPath) (ChangeKind, string) { - if lower == nil { - if upper == nil { - panic("cannot compare nil paths") - } - return ChangeKindAdd, upper.path - } - if upper == nil { - return ChangeKindDelete, lower.path - } - - switch i := directoryCompare(lower.path, upper.path); { - case i < 0: - // File in lower that is not in upper - return ChangeKindDelete, lower.path - case i > 0: - // File in upper that is not in lower - return ChangeKindAdd, upper.path - default: - return ChangeKindModify, upper.path - } -} - -func directoryCompare(a, b string) int { - l := len(a) - if len(b) < l { - l = len(b) - } - for i := 0; i < l; i++ { - c1, c2 := a[i], b[i] - if c1 == filepath.Separator { - c1 = byte(0) - } - if c2 == filepath.Separator { - c2 = byte(0) - } - if c1 < c2 { - return -1 - } - if c1 > c2 { - return +1 - } - } - if len(a) < len(b) { - return -1 - } - if len(a) > len(b) { - return +1 - } - return 0 -} - -func sameFile(f1, f2 *currentPath) (bool, error) { - if os.SameFile(f1.f, f2.f) { - return true, nil - } - - equalStat, err := compareSysStat(f1.f.Sys(), f2.f.Sys()) - if err != nil || !equalStat { - return equalStat, err - } - - if eq, err := compareCapabilities(f1.fullPath, f2.fullPath); err != nil || !eq { - return eq, err - } - - // If not a directory also check size, modtime, and content - if !f1.f.IsDir() { - if f1.f.Size() != f2.f.Size() { - return false, nil - } - t1 := f1.f.ModTime() - t2 := f2.f.ModTime() - - if t1.Unix() != t2.Unix() { - return false, nil - } - - // If the timestamp may have been truncated in both of the - // files, check content of file to determine difference - if t1.Nanosecond() == 0 && t2.Nanosecond() == 0 { - if (f1.f.Mode() & os.ModeSymlink) == os.ModeSymlink { - return compareSymlinkTarget(f1.fullPath, f2.fullPath) - } - if f1.f.Size() == 0 { // if file sizes are zero length, the files are the same by definition - return true, nil - } - return compareFileContent(f1.fullPath, f2.fullPath) - } else if t1.Nanosecond() != t2.Nanosecond() { - return false, nil - } - } - - return true, nil -} - -func compareSymlinkTarget(p1, p2 string) (bool, error) { - t1, err := os.Readlink(p1) - if err != nil { - return false, err - } - t2, err := os.Readlink(p2) - if err != nil { - return false, err - } - return t1 == t2, nil -} - -const compareChuckSize = 32 * 1024 - -// compareFileContent compares the content of 2 same sized files -// by comparing each byte. -func compareFileContent(p1, p2 string) (bool, error) { - f1, err := os.Open(p1) - if err != nil { - return false, err - } - defer f1.Close() - f2, err := os.Open(p2) - if err != nil { - return false, err - } - defer f2.Close() - - b1 := make([]byte, compareChuckSize) - b2 := make([]byte, compareChuckSize) - for { - n1, err1 := f1.Read(b1) - if err1 != nil && err1 != io.EOF { - return false, err1 - } - n2, err2 := f2.Read(b2) - if err2 != nil && err2 != io.EOF { - return false, err2 - } - if n1 != n2 || !bytes.Equal(b1[:n1], b2[:n2]) { - return false, nil - } - if err1 == io.EOF && err2 == io.EOF { - return true, nil - } - } -} - -func pathWalk(ctx context.Context, root string, pathC chan<- *currentPath) error { - return filepath.Walk(root, func(path string, f os.FileInfo, err error) error { - if err != nil { - return err - } - - // Rebase path - path, err = filepath.Rel(root, path) - if err != nil { - return err - } - - path = filepath.Join(string(os.PathSeparator), path) - - // Skip root - if path == string(os.PathSeparator) { - return nil - } - - p := ¤tPath{ - path: path, - f: f, - fullPath: filepath.Join(root, path), - } - - select { - case <-ctx.Done(): - return ctx.Err() - case pathC <- p: - return nil - } - }) -} - -func nextPath(ctx context.Context, pathC <-chan *currentPath) (*currentPath, error) { - select { - case <-ctx.Done(): - return nil, ctx.Err() - case p := <-pathC: - return p, nil - } -} - -// RootPath joins a path with a root, evaluating and bounding any -// symlink to the root directory. -func RootPath(root, path string) (string, error) { - if path == "" { - return root, nil - } - var linksWalked int // to protect against cycles - for { - i := linksWalked - newpath, err := walkLinks(root, path, &linksWalked) - if err != nil { - return "", err - } - path = newpath - if i == linksWalked { - newpath = filepath.Join("/", newpath) - if path == newpath { - return filepath.Join(root, newpath), nil - } - path = newpath - } - } -} - -func walkLink(root, path string, linksWalked *int) (newpath string, islink bool, err error) { - if *linksWalked > 255 { - return "", false, errTooManyLinks - } - - path = filepath.Join("/", path) - if path == "/" { - return path, false, nil - } - realPath := filepath.Join(root, path) - - fi, err := os.Lstat(realPath) - if err != nil { - // If path does not yet exist, treat as non-symlink - if os.IsNotExist(err) { - return path, false, nil - } - return "", false, err - } - if fi.Mode()&os.ModeSymlink == 0 { - return path, false, nil - } - newpath, err = os.Readlink(realPath) - if err != nil { - return "", false, err - } - *linksWalked++ - return newpath, true, nil -} - -func walkLinks(root, path string, linksWalked *int) (string, error) { - switch dir, file := filepath.Split(path); { - case dir == "": - newpath, _, err := walkLink(root, file, linksWalked) - return newpath, err - case file == "": - if os.IsPathSeparator(dir[len(dir)-1]) { - if dir == "/" { - return dir, nil - } - return walkLinks(root, dir[:len(dir)-1], linksWalked) - } - newpath, _, err := walkLink(root, dir, linksWalked) - return newpath, err - default: - newdir, err := walkLinks(root, dir, linksWalked) - if err != nil { - return "", err - } - newpath, islink, err := walkLink(root, filepath.Join(newdir, file), linksWalked) - if err != nil { - return "", err - } - if !islink { - return newpath, nil - } - if filepath.IsAbs(newpath) { - return newpath, nil - } - return filepath.Join(newdir, newpath), nil - } -} diff --git a/vendor/github.com/containerd/continuity/fs/stat_darwinfreebsd.go b/vendor/github.com/containerd/continuity/fs/stat_darwinfreebsd.go deleted file mode 100644 index cb7400a33e13..000000000000 --- a/vendor/github.com/containerd/continuity/fs/stat_darwinfreebsd.go +++ /dev/null @@ -1,44 +0,0 @@ -// +build darwin freebsd - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "syscall" - "time" -) - -// StatAtime returns the access time from a stat struct -func StatAtime(st *syscall.Stat_t) syscall.Timespec { - return st.Atimespec -} - -// StatCtime returns the created time from a stat struct -func StatCtime(st *syscall.Stat_t) syscall.Timespec { - return st.Ctimespec -} - -// StatMtime returns the modified time from a stat struct -func StatMtime(st *syscall.Stat_t) syscall.Timespec { - return st.Mtimespec -} - -// StatATimeAsTime returns the access time as a time.Time -func StatATimeAsTime(st *syscall.Stat_t) time.Time { - return time.Unix(int64(st.Atimespec.Sec), int64(st.Atimespec.Nsec)) // nolint: unconvert -} diff --git a/vendor/github.com/containerd/continuity/fs/stat_linuxopenbsd.go b/vendor/github.com/containerd/continuity/fs/stat_linuxopenbsd.go deleted file mode 100644 index c68df6e586cd..000000000000 --- a/vendor/github.com/containerd/continuity/fs/stat_linuxopenbsd.go +++ /dev/null @@ -1,45 +0,0 @@ -// +build linux openbsd - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import ( - "syscall" - "time" -) - -// StatAtime returns the Atim -func StatAtime(st *syscall.Stat_t) syscall.Timespec { - return st.Atim -} - -// StatCtime returns the Ctim -func StatCtime(st *syscall.Stat_t) syscall.Timespec { - return st.Ctim -} - -// StatMtime returns the Mtim -func StatMtime(st *syscall.Stat_t) syscall.Timespec { - return st.Mtim -} - -// StatATimeAsTime returns st.Atim as a time.Time -func StatATimeAsTime(st *syscall.Stat_t) time.Time { - // The int64 conversions ensure the line compiles for 32-bit systems as well. - return time.Unix(int64(st.Atim.Sec), int64(st.Atim.Nsec)) // nolint: unconvert -} diff --git a/vendor/github.com/containerd/continuity/fs/time.go b/vendor/github.com/containerd/continuity/fs/time.go deleted file mode 100644 index cde45612332d..000000000000 --- a/vendor/github.com/containerd/continuity/fs/time.go +++ /dev/null @@ -1,29 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package fs - -import "time" - -// Gnu tar and the go tar writer don't have sub-second mtime -// precision, which is problematic when we apply changes via tar -// files, we handle this by comparing for exact times, *or* same -// second count and either a or b having exactly 0 nanoseconds -func sameFsTime(a, b time.Time) bool { - return a == b || - (a.Unix() == b.Unix() && - (a.Nanosecond() == 0 || b.Nanosecond() == 0)) -} diff --git a/vendor/github.com/docker/docker/client/client.go b/vendor/github.com/docker/docker/client/client.go index 68064ca9c5f7..21edf1fa1fc3 100644 --- a/vendor/github.com/docker/docker/client/client.go +++ b/vendor/github.com/docker/docker/client/client.go @@ -2,7 +2,7 @@ Package client is a Go client for the Docker Engine API. For more information about the Engine API, see the documentation: -https://docs.docker.com/engine/reference/api/ +https://docs.docker.com/engine/api/ Usage diff --git a/vendor/github.com/docker/docker/pkg/archive/archive.go b/vendor/github.com/docker/docker/pkg/archive/archive.go index 2c65fca54a9e..50b83c62c637 100644 --- a/vendor/github.com/docker/docker/pkg/archive/archive.go +++ b/vendor/github.com/docker/docker/pkg/archive/archive.go @@ -402,10 +402,24 @@ func fillGo18FileTypeBits(mode int64, fi os.FileInfo) int64 { // ReadSecurityXattrToTarHeader reads security.capability xattr from filesystem // to a tar header func ReadSecurityXattrToTarHeader(path string, hdr *tar.Header) error { + const ( + // Values based on linux/include/uapi/linux/capability.h + xattrCapsSz2 = 20 + versionOffset = 3 + vfsCapRevision2 = 2 + vfsCapRevision3 = 3 + ) capability, _ := system.Lgetxattr(path, "security.capability") if capability != nil { + length := len(capability) + if capability[versionOffset] == vfsCapRevision3 { + // Convert VFS_CAP_REVISION_3 to VFS_CAP_REVISION_2 as root UID makes no + // sense outside the user namespace the archive is built in. + capability[versionOffset] = vfsCapRevision2 + length = xattrCapsSz2 + } hdr.Xattrs = make(map[string]string) - hdr.Xattrs["security.capability"] = string(capability) + hdr.Xattrs["security.capability"] = string(capability[:length]) } return nil } @@ -739,13 +753,18 @@ func TarWithOptions(srcPath string, options *TarOptions) (io.ReadCloser, error) return nil, err } + whiteoutConverter, err := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS) + if err != nil { + return nil, err + } + go func() { ta := newTarAppender( idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps), compressWriter, options.ChownOpts, ) - ta.WhiteoutConverter = getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS) + ta.WhiteoutConverter = whiteoutConverter defer func() { // Make sure to check the error on Close. @@ -903,7 +922,10 @@ func Unpack(decompressedArchive io.Reader, dest string, options *TarOptions) err var dirs []*tar.Header idMapping := idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps) rootIDs := idMapping.RootPair() - whiteoutConverter := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS) + whiteoutConverter, err := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS) + if err != nil { + return err + } // Iterate through the files in the archive. loop: @@ -917,6 +939,12 @@ loop: return err } + // ignore XGlobalHeader early to avoid creating parent directories for them + if hdr.Typeflag == tar.TypeXGlobalHeader { + logrus.Debugf("PAX Global Extended Headers found for %s and ignored", hdr.Name) + continue + } + // Normalize name, for safety and for a simple is-root check // This keeps "../" as-is, but normalizes "/../" to "/". Or Windows: // This keeps "..\" as-is, but normalizes "\..\" to "\". @@ -936,7 +964,7 @@ loop: parent := filepath.Dir(hdr.Name) parentPath := filepath.Join(dest, parent) if _, err := os.Lstat(parentPath); err != nil && os.IsNotExist(err) { - err = idtools.MkdirAllAndChownNew(parentPath, 0777, rootIDs) + err = idtools.MkdirAllAndChownNew(parentPath, 0755, rootIDs) if err != nil { return err } diff --git a/vendor/github.com/docker/docker/pkg/archive/archive_linux.go b/vendor/github.com/docker/docker/pkg/archive/archive_linux.go index f7888e6599db..0a3cc1f92bcc 100644 --- a/vendor/github.com/docker/docker/pkg/archive/archive_linux.go +++ b/vendor/github.com/docker/docker/pkg/archive/archive_linux.go @@ -2,29 +2,26 @@ package archive // import "github.com/docker/docker/pkg/archive" import ( "archive/tar" - "fmt" - "io/ioutil" "os" "path/filepath" "strings" - "syscall" - "github.com/containerd/continuity/fs" "github.com/docker/docker/pkg/system" - "github.com/moby/sys/mount" "github.com/pkg/errors" "golang.org/x/sys/unix" ) -func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) tarWhiteoutConverter { +func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) (tarWhiteoutConverter, error) { if format == OverlayWhiteoutFormat { - return overlayWhiteoutConverter{inUserNS: inUserNS} + if inUserNS { + return nil, errors.New("specifying OverlayWhiteoutFormat is not allowed in userns") + } + return overlayWhiteoutConverter{}, nil } - return nil + return nil, nil } type overlayWhiteoutConverter struct { - inUserNS bool } func (overlayWhiteoutConverter) ConvertWrite(hdr *tar.Header, path string, fi os.FileInfo) (wo *tar.Header, err error) { @@ -77,13 +74,7 @@ func (c overlayWhiteoutConverter) ConvertRead(hdr *tar.Header, path string) (boo if base == WhiteoutOpaqueDir { err := unix.Setxattr(dir, "trusted.overlay.opaque", []byte{'y'}, 0) if err != nil { - if c.inUserNS { - if err = replaceDirWithOverlayOpaque(dir); err != nil { - return false, errors.Wrapf(err, "replaceDirWithOverlayOpaque(%q) failed", dir) - } - } else { - return false, errors.Wrapf(err, "setxattr(%q, trusted.overlay.opaque=y)", dir) - } + return false, errors.Wrapf(err, "setxattr(%q, trusted.overlay.opaque=y)", dir) } // don't write the file itself return false, err @@ -95,19 +86,7 @@ func (c overlayWhiteoutConverter) ConvertRead(hdr *tar.Header, path string) (boo originalPath := filepath.Join(dir, originalBase) if err := unix.Mknod(originalPath, unix.S_IFCHR, 0); err != nil { - if c.inUserNS { - // Ubuntu and a few distros support overlayfs in userns. - // - // Although we can't call mknod directly in userns (at least on bionic kernel 4.15), - // we can still create 0,0 char device using mknodChar0Overlay(). - // - // NOTE: we don't need this hack for the containerd snapshotter+unpack model. - if err := mknodChar0Overlay(originalPath); err != nil { - return false, errors.Wrapf(err, "failed to mknodChar0UserNS(%q)", originalPath) - } - } else { - return false, errors.Wrapf(err, "failed to mknod(%q, S_IFCHR, 0)", originalPath) - } + return false, errors.Wrapf(err, "failed to mknod(%q, S_IFCHR, 0)", originalPath) } if err := os.Chown(originalPath, hdr.Uid, hdr.Gid); err != nil { return false, err @@ -119,146 +98,3 @@ func (c overlayWhiteoutConverter) ConvertRead(hdr *tar.Header, path string) (boo return true, nil } - -// mknodChar0Overlay creates 0,0 char device by mounting overlayfs and unlinking. -// This function can be used for creating 0,0 char device in userns on Ubuntu. -// -// Steps: -// * Mkdir lower,upper,merged,work -// * Create lower/dummy -// * Mount overlayfs -// * Unlink merged/dummy -// * Unmount overlayfs -// * Make sure a 0,0 char device is created as upper/dummy -// * Rename upper/dummy to cleansedOriginalPath -func mknodChar0Overlay(cleansedOriginalPath string) error { - dir := filepath.Dir(cleansedOriginalPath) - tmp, err := ioutil.TempDir(dir, "mc0o") - if err != nil { - return errors.Wrapf(err, "failed to create a tmp directory under %s", dir) - } - defer os.RemoveAll(tmp) - lower := filepath.Join(tmp, "l") - upper := filepath.Join(tmp, "u") - work := filepath.Join(tmp, "w") - merged := filepath.Join(tmp, "m") - for _, s := range []string{lower, upper, work, merged} { - if err := os.MkdirAll(s, 0700); err != nil { - return errors.Wrapf(err, "failed to mkdir %s", s) - } - } - dummyBase := "d" - lowerDummy := filepath.Join(lower, dummyBase) - if err := ioutil.WriteFile(lowerDummy, []byte{}, 0600); err != nil { - return errors.Wrapf(err, "failed to create a dummy lower file %s", lowerDummy) - } - // lowerdir needs ":" to be escaped: https://github.com/moby/moby/issues/40939#issuecomment-627098286 - lowerEscaped := strings.ReplaceAll(lower, ":", "\\:") - mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lowerEscaped, upper, work) - if err := mount.Mount("overlay", merged, "overlay", mOpts); err != nil { - return err - } - mergedDummy := filepath.Join(merged, dummyBase) - if err := os.Remove(mergedDummy); err != nil { - syscall.Unmount(merged, 0) - return errors.Wrapf(err, "failed to unlink %s", mergedDummy) - } - if err := syscall.Unmount(merged, 0); err != nil { - return errors.Wrapf(err, "failed to unmount %s", merged) - } - upperDummy := filepath.Join(upper, dummyBase) - if err := isChar0(upperDummy); err != nil { - return err - } - if err := os.Rename(upperDummy, cleansedOriginalPath); err != nil { - return errors.Wrapf(err, "failed to rename %s to %s", upperDummy, cleansedOriginalPath) - } - return nil -} - -func isChar0(path string) error { - osStat, err := os.Stat(path) - if err != nil { - return errors.Wrapf(err, "failed to stat %s", path) - } - st, ok := osStat.Sys().(*syscall.Stat_t) - if !ok { - return errors.Errorf("got unsupported stat for %s", path) - } - if os.FileMode(st.Mode)&syscall.S_IFMT != syscall.S_IFCHR { - return errors.Errorf("%s is not a character device, got mode=%d", path, st.Mode) - } - if st.Rdev != 0 { - return errors.Errorf("%s is not a 0,0 character device, got Rdev=%d", path, st.Rdev) - } - return nil -} - -// replaceDirWithOverlayOpaque replaces path with a new directory with trusted.overlay.opaque -// xattr. The contents of the directory are preserved. -func replaceDirWithOverlayOpaque(path string) error { - if path == "/" { - return errors.New("replaceDirWithOverlayOpaque: path must not be \"/\"") - } - dir := filepath.Dir(path) - tmp, err := ioutil.TempDir(dir, "rdwoo") - if err != nil { - return errors.Wrapf(err, "failed to create a tmp directory under %s", dir) - } - defer os.RemoveAll(tmp) - // newPath is a new empty directory crafted with trusted.overlay.opaque xattr. - // we copy the content of path into newPath, remove path, and rename newPath to path. - newPath, err := createDirWithOverlayOpaque(tmp) - if err != nil { - return errors.Wrapf(err, "createDirWithOverlayOpaque(%q) failed", tmp) - } - if err := fs.CopyDir(newPath, path); err != nil { - return errors.Wrapf(err, "CopyDir(%q, %q) failed", newPath, path) - } - if err := os.RemoveAll(path); err != nil { - return err - } - return os.Rename(newPath, path) -} - -// createDirWithOverlayOpaque creates a directory with trusted.overlay.opaque xattr, -// without calling setxattr, so as to allow creating opaque dir in userns on Ubuntu. -func createDirWithOverlayOpaque(tmp string) (string, error) { - lower := filepath.Join(tmp, "l") - upper := filepath.Join(tmp, "u") - work := filepath.Join(tmp, "w") - merged := filepath.Join(tmp, "m") - for _, s := range []string{lower, upper, work, merged} { - if err := os.MkdirAll(s, 0700); err != nil { - return "", errors.Wrapf(err, "failed to mkdir %s", s) - } - } - dummyBase := "d" - lowerDummy := filepath.Join(lower, dummyBase) - if err := os.MkdirAll(lowerDummy, 0700); err != nil { - return "", errors.Wrapf(err, "failed to create a dummy lower directory %s", lowerDummy) - } - // lowerdir needs ":" to be escaped: https://github.com/moby/moby/issues/40939#issuecomment-627098286 - lowerEscaped := strings.ReplaceAll(lower, ":", "\\:") - mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lowerEscaped, upper, work) - if err := mount.Mount("overlay", merged, "overlay", mOpts); err != nil { - return "", err - } - mergedDummy := filepath.Join(merged, dummyBase) - if err := os.Remove(mergedDummy); err != nil { - syscall.Unmount(merged, 0) - return "", errors.Wrapf(err, "failed to rmdir %s", mergedDummy) - } - // upperDummy becomes a 0,0-char device file here - if err := os.Mkdir(mergedDummy, 0700); err != nil { - syscall.Unmount(merged, 0) - return "", errors.Wrapf(err, "failed to mkdir %s", mergedDummy) - } - // upperDummy becomes a directory with trusted.overlay.opaque xattr - // (but can't be verified in userns) - if err := syscall.Unmount(merged, 0); err != nil { - return "", errors.Wrapf(err, "failed to unmount %s", merged) - } - upperDummy := filepath.Join(upper, dummyBase) - return upperDummy, nil -} diff --git a/vendor/github.com/docker/docker/pkg/archive/archive_other.go b/vendor/github.com/docker/docker/pkg/archive/archive_other.go index 65a73354c429..2a3dc95398e7 100644 --- a/vendor/github.com/docker/docker/pkg/archive/archive_other.go +++ b/vendor/github.com/docker/docker/pkg/archive/archive_other.go @@ -2,6 +2,6 @@ package archive // import "github.com/docker/docker/pkg/archive" -func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) tarWhiteoutConverter { - return nil +func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) (tarWhiteoutConverter, error) { + return nil, nil } diff --git a/vendor/github.com/docker/docker/pkg/archive/archive_unix.go b/vendor/github.com/docker/docker/pkg/archive/archive_unix.go index 900661423d83..0b92bb0f4a3b 100644 --- a/vendor/github.com/docker/docker/pkg/archive/archive_unix.go +++ b/vendor/github.com/docker/docker/pkg/archive/archive_unix.go @@ -81,11 +81,6 @@ func getFileUIDGID(stat interface{}) (idtools.Identity, error) { // handleTarTypeBlockCharFifo is an OS-specific helper function used by // createTarFile to handle the following types of header: Block; Char; Fifo func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error { - if sys.RunningInUserNS() { - // cannot create a device if running in user namespace - return nil - } - mode := uint32(hdr.Mode & 07777) switch hdr.Typeflag { case tar.TypeBlock: @@ -96,7 +91,12 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error { mode |= unix.S_IFIFO } - return system.Mknod(path, mode, int(system.Mkdev(hdr.Devmajor, hdr.Devminor))) + err := system.Mknod(path, mode, int(system.Mkdev(hdr.Devmajor, hdr.Devminor))) + if errors.Is(err, syscall.EPERM) && sys.RunningInUserNS() { + // In most cases, cannot create a device if running in user namespace + err = nil + } + return err } func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error { diff --git a/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go b/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go index a03af120458e..e7d25ee47132 100644 --- a/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go +++ b/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go @@ -245,38 +245,51 @@ func NewIdentityMapping(name string) (*IdentityMapping, error) { return nil, fmt.Errorf("Could not get user for username %s: %v", name, err) } - uid := strconv.Itoa(usr.Uid) - - subuidRangesWithUserName, err := parseSubuid(name) + subuidRanges, err := lookupSubUIDRanges(usr) if err != nil { return nil, err } - subgidRangesWithUserName, err := parseSubgid(name) + subgidRanges, err := lookupSubGIDRanges(usr) if err != nil { return nil, err } - subuidRangesWithUID, err := parseSubuid(uid) + return &IdentityMapping{ + uids: subuidRanges, + gids: subgidRanges, + }, nil +} + +func lookupSubUIDRanges(usr user.User) ([]IDMap, error) { + rangeList, err := parseSubuid(strconv.Itoa(usr.Uid)) if err != nil { return nil, err } - subgidRangesWithUID, err := parseSubgid(uid) + if len(rangeList) == 0 { + rangeList, err = parseSubuid(usr.Name) + if err != nil { + return nil, err + } + } + if len(rangeList) == 0 { + return nil, errors.Errorf("no subuid ranges found for user %q", usr.Name) + } + return createIDMap(rangeList), nil +} + +func lookupSubGIDRanges(usr user.User) ([]IDMap, error) { + rangeList, err := parseSubgid(strconv.Itoa(usr.Uid)) if err != nil { return nil, err } - - subuidRanges := append(subuidRangesWithUserName, subuidRangesWithUID...) - subgidRanges := append(subgidRangesWithUserName, subgidRangesWithUID...) - - if len(subuidRanges) == 0 { - return nil, errors.Errorf("no subuid ranges found for user %q", name) + if len(rangeList) == 0 { + rangeList, err = parseSubgid(usr.Name) + if err != nil { + return nil, err + } } - if len(subgidRanges) == 0 { - return nil, errors.Errorf("no subgid ranges found for user %q", name) + if len(rangeList) == 0 { + return nil, errors.Errorf("no subgid ranges found for user %q", usr.Name) } - - return &IdentityMapping{ - uids: createIDMap(subuidRanges), - gids: createIDMap(subgidRanges), - }, nil + return createIDMap(rangeList), nil } diff --git a/vendor/github.com/docker/docker/pkg/signal/signal.go b/vendor/github.com/docker/docker/pkg/signal/signal.go index 88ef7b5ea265..b274033ef693 100644 --- a/vendor/github.com/docker/docker/pkg/signal/signal.go +++ b/vendor/github.com/docker/docker/pkg/signal/signal.go @@ -12,9 +12,16 @@ import ( ) // CatchAll catches all signals and relays them to the specified channel. +// SIGURG is not handled, as it's used by the Go runtime to support +// preemptable system calls. func CatchAll(sigc chan os.Signal) { var handledSigs []os.Signal - for _, s := range SignalMap { + for n, s := range SignalMap { + if n == "URG" { + // Do not handle SIGURG, as in go1.14+, the go runtime issues + // SIGURG as an interrupt to support preemptable system calls on Linux. + continue + } handledSigs = append(handledSigs, s) } signal.Notify(sigc, handledSigs...) diff --git a/vendor/github.com/docker/docker/vendor.conf b/vendor/github.com/docker/docker/vendor.conf index b56df8947f7a..b8cb3ae97e21 100644 --- a/vendor/github.com/docker/docker/vendor.conf +++ b/vendor/github.com/docker/docker/vendor.conf @@ -1,5 +1,5 @@ github.com/Azure/go-ansiterm d6e3b3328b783f23731bc4d058875b0371ff8109 -github.com/Microsoft/hcsshim 9dcb42f100215f8d375b4a9265e5bba009217a85 # moby branch +github.com/Microsoft/hcsshim 89a9a3b524264d34985f1d48793ab2b2d2e430f6 # moby branch github.com/Microsoft/go-winio 5b44b70ab3ab4d291a7c1d28afe7b4afeced0ed4 # v0.4.15 github.com/docker/libtrust 9cbd2a1374f46905c68a4eb3694a130610adc62a github.com/golang/gddo 72a348e765d293ed6d1ded7b699591f14d6cd921 @@ -33,7 +33,7 @@ github.com/imdario/mergo 1afb36080aec31e0d1528973ebe6 golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb # buildkit -github.com/moby/buildkit 68bb095353c65bc3993fd534c26cf77fe05e61b1 # v0.8 branch +github.com/moby/buildkit 244e8cde639f71a05a1a2e0670bd88e0206ce55c # v0.8.3-3-g244e8cde github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9 github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2 github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746 @@ -47,7 +47,7 @@ github.com/grpc-ecosystem/go-grpc-middleware 3c51f7f332123e8be5a157c0802a # libnetwork # When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly -github.com/docker/libnetwork fa125a3512ee0f6187721c88582bf8c4378bd4d7 +github.com/docker/libnetwork 64b7a4574d1426139437d20e81c0b6d391130ec8 github.com/docker/go-events e31b211e4f1cd09aa76fe4ac244571fab96ae47f github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80 github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec @@ -72,7 +72,7 @@ github.com/coreos/go-semver 8ab6407b697782a06568d4b7f1db github.com/ugorji/go b4c50a2b199d93b13dc15e78929cfb23bfdf21ab # v1.1.1 github.com/hashicorp/consul 9a9cc9341bb487651a0399e3fc5e1e8a42e62dd9 # v0.5.2 github.com/miekg/dns 6c0c4e6581f8e173cc562c8b3363ab984e4ae071 # v1.1.27 -github.com/ishidawataru/sctp 6e2cb1366111dcf547c13531e3a263a067715847 +github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be go.etcd.io/bbolt 232d8fc87f50244f9c808f4745759e08a304c029 # v1.3.5 # get graph and distribution packages @@ -142,7 +142,7 @@ github.com/gogo/googleapis 01e0f9cca9b92166042241267ee2 github.com/cilium/ebpf 1c8d4c9ef7759622653a1d319284a44652333b28 # cluster -github.com/docker/swarmkit d6592ddefd8a5319aadff74c558b816b1a0b2590 +github.com/docker/swarmkit 17d8d4e4d8bdec33d386e6362d3537fa9493ba00 github.com/gogo/protobuf 5628607bb4c51c3157aacc3a50f0ab707582b805 # v1.3.1 github.com/golang/protobuf 84668698ea25b64748563aa20726db66a6b8d299 # v1.3.5 github.com/cloudflare/cfssl 5d63dbd981b5c408effbb58c442d54761ff94fbd # 1.3.2 From e3a9a92b14db3fcf296a1a71cdaffea5d6d7924c Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 10 Jun 2021 14:43:07 +0200 Subject: [PATCH 065/127] vendor: moby/term, Azure/go-ansiterm for golang.org/x/sys/windows compat Changes: - winterm: GetStdFile(): Added compatibility with "golang.org/x/sys/windows" - winterm: fix GetStdFile() falltrough - update deprecation message to refer to the correct replacement - add go.mod - Fix int overflow - Convert int to string using rune() full diff: - https://github.com/moby/term/compare/bea5bbe245bf407372d477f1361d2ff042d2f556...3f7ff695adc6a35abc925370dd0a4dafb48ec64d - https://github.com/Azure/go-ansiterm/compare/d6e3b3328b783f23731bc4d058875b0371ff8109...d185dfc1b5a126116ea5a19e148e29d16b4574c9 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit b5bc279901b2ce10a1bde21a5f42276c95881972) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 4 ++-- vendor/github.com/Azure/go-ansiterm/go.mod | 5 ++++ .../Azure/go-ansiterm/winterm/ansi.go | 24 +++++++++++++++---- vendor/github.com/moby/term/go.mod | 4 ++-- .../github.com/moby/term/windows/console.go | 2 +- 5 files changed, 29 insertions(+), 10 deletions(-) create mode 100644 vendor/github.com/Azure/go-ansiterm/go.mod diff --git a/vendor.conf b/vendor.conf index bf85a8f89268..7a32a7187c81 100755 --- a/vendor.conf +++ b/vendor.conf @@ -1,5 +1,5 @@ cloud.google.com/go ceeb313ad77b789a7fa5287b36a1d127b69b7093 # v0.44.3 -github.com/Azure/go-ansiterm d6e3b3328b783f23731bc4d058875b0371ff8109 +github.com/Azure/go-ansiterm d185dfc1b5a126116ea5a19e148e29d16b4574c9 github.com/beorn7/perks 37c8de3658fcb183f997c4e13e8337516ab753e6 # v1.0.1 github.com/cespare/xxhash/v2 d7df74196a9e781ede915320c11c378c1b2f3a1f # v2.1.1 github.com/containerd/console 5d7e1412f07b502a01029ea20e20e0d2be31fa7c # v1.0.1 @@ -49,7 +49,7 @@ github.com/miekg/pkcs11 210dc1e16747c5ba98a03bcbcf72 github.com/mitchellh/mapstructure d16e9488127408e67948eb43b6d3fbb9f222da10 # v1.3.2 github.com/moby/buildkit 8142d66b5ebde79846b869fba30d9d30633e74aa # v0.8.1 github.com/moby/sys 1bc8673b57550ddf85262eb0fed0aac651a37dab # symlink/v0.1.0 (latest tag, either mount/vXXX, mountinfo/vXXX or symlink/vXXX) -github.com/moby/term bea5bbe245bf407372d477f1361d2ff042d2f556 +github.com/moby/term 3f7ff695adc6a35abc925370dd0a4dafb48ec64d github.com/modern-go/concurrent bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94 # 1.0.3 github.com/modern-go/reflect2 4b7aa43c6742a2c18fdef89dd197aaae7dac7ccd # 1.0.1 github.com/morikuni/aec 39771216ff4c63d11f5e604076f9c45e8be1067b # v1.0.0 diff --git a/vendor/github.com/Azure/go-ansiterm/go.mod b/vendor/github.com/Azure/go-ansiterm/go.mod new file mode 100644 index 000000000000..965cb8120ec9 --- /dev/null +++ b/vendor/github.com/Azure/go-ansiterm/go.mod @@ -0,0 +1,5 @@ +module github.com/Azure/go-ansiterm + +go 1.16 + +require golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 diff --git a/vendor/github.com/Azure/go-ansiterm/winterm/ansi.go b/vendor/github.com/Azure/go-ansiterm/winterm/ansi.go index a6732797263f..5599082ae9cb 100644 --- a/vendor/github.com/Azure/go-ansiterm/winterm/ansi.go +++ b/vendor/github.com/Azure/go-ansiterm/winterm/ansi.go @@ -10,6 +10,7 @@ import ( "syscall" "github.com/Azure/go-ansiterm" + windows "golang.org/x/sys/windows" ) // Windows keyboard constants @@ -162,15 +163,28 @@ func ensureInRange(n int16, min int16, max int16) int16 { func GetStdFile(nFile int) (*os.File, uintptr) { var file *os.File - switch nFile { - case syscall.STD_INPUT_HANDLE: + + // syscall uses negative numbers + // windows package uses very big uint32 + // Keep these switches split so we don't have to convert ints too much. + switch uint32(nFile) { + case windows.STD_INPUT_HANDLE: file = os.Stdin - case syscall.STD_OUTPUT_HANDLE: + case windows.STD_OUTPUT_HANDLE: file = os.Stdout - case syscall.STD_ERROR_HANDLE: + case windows.STD_ERROR_HANDLE: file = os.Stderr default: - panic(fmt.Errorf("Invalid standard handle identifier: %v", nFile)) + switch nFile { + case syscall.STD_INPUT_HANDLE: + file = os.Stdin + case syscall.STD_OUTPUT_HANDLE: + file = os.Stdout + case syscall.STD_ERROR_HANDLE: + file = os.Stderr + default: + panic(fmt.Errorf("Invalid standard handle identifier: %v", nFile)) + } } fd, err := syscall.GetStdHandle(nFile) diff --git a/vendor/github.com/moby/term/go.mod b/vendor/github.com/moby/term/go.mod index f453204333a8..541f2d429f5c 100644 --- a/vendor/github.com/moby/term/go.mod +++ b/vendor/github.com/moby/term/go.mod @@ -3,10 +3,10 @@ module github.com/moby/term go 1.13 require ( - github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 + github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 github.com/creack/pty v1.1.11 github.com/google/go-cmp v0.4.0 github.com/pkg/errors v0.9.1 // indirect - golang.org/x/sys v0.0.0-20200831180312-196b9ba8737a + golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 gotest.tools/v3 v3.0.2 ) diff --git a/vendor/github.com/moby/term/windows/console.go b/vendor/github.com/moby/term/windows/console.go index 01fdc0f2a1d7..993694ddcd99 100644 --- a/vendor/github.com/moby/term/windows/console.go +++ b/vendor/github.com/moby/term/windows/console.go @@ -29,7 +29,7 @@ func GetHandleInfo(in interface{}) (uintptr, bool) { // IsConsole returns true if the given file descriptor is a Windows Console. // The code assumes that GetConsoleMode will return an error for file descriptors that are not a console. -// Deprecated: use golang.org/x/sys/windows.GetConsoleMode() or golang.org/x/crypto/ssh/terminal.IsTerminal() +// Deprecated: use golang.org/x/sys/windows.GetConsoleMode() or golang.org/x/term.IsTerminal() var IsConsole = isConsole func isConsole(fd uintptr) bool { From 016862603744f610d306e0d9fb0aabb8460e5fcb Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 7 Jun 2021 17:57:22 +0200 Subject: [PATCH 066/127] vendor: github.com/docker/docker-credential-helpers v0.6.4 full diff: https://github.com/docker/docker-credential-helpers/compare/38bea2ce277ad0c9d2a6230692b0606ca5286526...v0.6.4 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 7672267e161e11c328991e9806949d37e9810958) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 2 +- .../docker/docker-credential-helpers/credentials/version.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/vendor.conf b/vendor.conf index 7a32a7187c81..ade625f86439 100755 --- a/vendor.conf +++ b/vendor.conf @@ -14,7 +14,7 @@ github.com/davecgh/go-spew 8991bc29aa16c548c550c7ff7826 github.com/docker/compose-on-kubernetes 78e6a00beda64ac8ccb9fec787e601fe2ce0d5bb # v0.5.0-alpha1 github.com/docker/distribution 0d3efadf0154c2b8a4e7b6621fff9809655cc580 github.com/docker/docker b0f5bc36fea9dfb9672e1e9b1278ebab797b9ee0 # v20.10.7 -github.com/docker/docker-credential-helpers 38bea2ce277ad0c9d2a6230692b0606ca5286526 +github.com/docker/docker-credential-helpers fc9290adbcf1594e78910e2f0334090eaee0e1ee # v0.6.4 github.com/docker/go d30aec9fd63c35133f8f79c3412ad91a3b08be06 # Contains a customized version of canonical/json and is used by Notary. The package is periodically rebased on current Go versions. github.com/docker/go-connections 7395e3f8aa162843a74ed6d48e79627d9792ac55 # v0.4.0 github.com/docker/go-events e31b211e4f1cd09aa76fe4ac244571fab96ae47f diff --git a/vendor/github.com/docker/docker-credential-helpers/credentials/version.go b/vendor/github.com/docker/docker-credential-helpers/credentials/version.go index c2cc3e2e0231..185e367961a5 100644 --- a/vendor/github.com/docker/docker-credential-helpers/credentials/version.go +++ b/vendor/github.com/docker/docker-credential-helpers/credentials/version.go @@ -1,4 +1,4 @@ package credentials // Version holds a string describing the current version -const Version = "0.6.3" +const Version = "0.6.4" From b639ea8b89b162c3abe99d3ac90b258c48e2039c Mon Sep 17 00:00:00 2001 From: Mathieu Champlon Date: Mon, 28 Jun 2021 14:57:15 +0200 Subject: [PATCH 067/127] Deprecate Kubernetes stack support Signed-off-by: Mathieu Champlon (cherry picked from commit 7190255a68018af93ea29f2213c0b3874f554943) Signed-off-by: Sebastiaan van Stijn --- docs/deprecated.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/deprecated.md b/docs/deprecated.md index 4cff064feb5c..97d36e77517f 100644 --- a/docs/deprecated.md +++ b/docs/deprecated.md @@ -50,6 +50,7 @@ The table below provides an overview of the current status of deprecated feature Status | Feature | Deprecated | Remove -----------|------------------------------------------------------------------------------------------------------------------------------------|------------|------------ +Deprecated | [Kubernetes stack support](#kubernetes-stack-support) | v20.10 | - Deprecated | [Pulling images from non-compliant image registries](#pulling-images-from-non-compliant-image-registries) | v20.10 | - Deprecated | [Linux containers on Windows (LCOW)](#linux-containers-on-windows-lcow-experimental) | v20.10 | - Deprecated | [BLKIO weight options with cgroups v1](#blkio-weight-options–with-cgroups-v1) | v20.10 | - @@ -97,6 +98,13 @@ Removed | [`--api-enable-cors` flag on `dockerd`](#--api-enable-cors-flag-on- Removed | [`--run` flag on `docker commit`](#--run-flag-on-docker-commit) | v0.10 | v1.13 Removed | [Three arguments form in `docker import`](#three-arguments-form-in-docker-import) | v0.6.7 | v1.12 +### Kubernetes stack support + +**Deprecated in Release: v20.10** + +Following the deprecation of [Compose on Kubernetes](https://github.com/docker/compose-on-kubernetes), support for +Kubernetes in the `stack` command in the docker CLI is now marked as deprecated as well. + ### Pulling images from non-compliant image registries **Deprecated in Release: v20.10** From 0793f9639440d8980226485189ce0eb43e0af28b Mon Sep 17 00:00:00 2001 From: Mathieu Champlon Date: Tue, 29 Jun 2021 14:48:14 +0200 Subject: [PATCH 068/127] Deprecate Kubernetes stack support Signed-off-by: Mathieu Champlon (cherry picked from commit c05f0f5957f34ca5a17709849fb5979e1f24c64d) Signed-off-by: Sebastiaan van Stijn --- cli/command/stack/cmd.go | 2 ++ cli/command/stack/kubernetes/cli.go | 1 + cli/command/stack/list.go | 2 ++ cli/command/system/version.go | 1 + docs/yaml/yaml.go | 3 +++ 5 files changed, 9 insertions(+) diff --git a/cli/command/stack/cmd.go b/cli/command/stack/cmd.go index f4ded7716934..8248ad240d6e 100644 --- a/cli/command/stack/cmd.go +++ b/cli/command/stack/cmd.go @@ -69,7 +69,9 @@ func NewStackCommand(dockerCli command.Cli) *cobra.Command { flags := cmd.PersistentFlags() flags.String("kubeconfig", "", "Kubernetes config file") flags.SetAnnotation("kubeconfig", "kubernetes", nil) + flags.SetAnnotation("kubeconfig", "deprecated", nil) flags.String("orchestrator", "", "Orchestrator to use (swarm|kubernetes|all)") + flags.SetAnnotation("orchestrator", "deprecated", nil) return cmd } diff --git a/cli/command/stack/kubernetes/cli.go b/cli/command/stack/kubernetes/cli.go index a531846809cc..9b6d50473b37 100644 --- a/cli/command/stack/kubernetes/cli.go +++ b/cli/command/stack/kubernetes/cli.go @@ -50,6 +50,7 @@ func NewOptions(flags *flag.FlagSet, orchestrator command.Orchestrator) Options func AddNamespaceFlag(flags *flag.FlagSet) { flags.String("namespace", "", "Kubernetes namespace to use") flags.SetAnnotation("namespace", "kubernetes", nil) + flags.SetAnnotation("namespace", "deprecated", nil) } // WrapCli wraps command.Cli with kubernetes specifics diff --git a/cli/command/stack/list.go b/cli/command/stack/list.go index 5175ea371c8f..412cc2e5ee86 100644 --- a/cli/command/stack/list.go +++ b/cli/command/stack/list.go @@ -30,8 +30,10 @@ func newListCommand(dockerCli command.Cli, common *commonOptions) *cobra.Command flags.StringVar(&opts.Format, "format", "", "Pretty-print stacks using a Go template") flags.StringSliceVar(&opts.Namespaces, "namespace", []string{}, "Kubernetes namespaces to use") flags.SetAnnotation("namespace", "kubernetes", nil) + flags.SetAnnotation("namespace", "deprecated", nil) flags.BoolVarP(&opts.AllNamespaces, "all-namespaces", "", false, "List stacks from all Kubernetes namespaces") flags.SetAnnotation("all-namespaces", "kubernetes", nil) + flags.SetAnnotation("all-namespaces", "deprecated", nil) return cmd } diff --git a/cli/command/system/version.go b/cli/command/system/version.go index c086822c88ab..418ce651c0ca 100644 --- a/cli/command/system/version.go +++ b/cli/command/system/version.go @@ -114,6 +114,7 @@ func NewVersionCommand(dockerCli command.Cli) *cobra.Command { flags.StringVarP(&opts.format, "format", "f", "", "Format the output using the given Go template") flags.StringVar(&opts.kubeConfig, "kubeconfig", "", "Kubernetes config file") flags.SetAnnotation("kubeconfig", "kubernetes", nil) + flags.SetAnnotation("kubeconfig", "deprecated", nil) return cmd } diff --git a/docs/yaml/yaml.go b/docs/yaml/yaml.go index 82c90973c00a..9ffd8bba3a9e 100644 --- a/docs/yaml/yaml.go +++ b/docs/yaml/yaml.go @@ -199,6 +199,9 @@ func genFlagResult(flags *pflag.FlagSet) []cmdOption { if _, ok := flag.Annotations["experimental"]; ok { opt.Experimental = true } + if _, ok := flag.Annotations["deprecated"]; ok { + opt.Deprecated = true + } if v, ok := flag.Annotations["version"]; ok { opt.MinAPIVersion = v[0] } From 1d37fb302789c6ce4ba120bc4ad577c92674467f Mon Sep 17 00:00:00 2001 From: Mathieu Champlon Date: Thu, 1 Jul 2021 08:59:10 +0200 Subject: [PATCH 069/127] Deprecate Kubernetes context support Signed-off-by: Mathieu Champlon (cherry picked from commit a033cdf5157fab0b4fd029cc4030df024ca7afdb) Signed-off-by: Sebastiaan van Stijn --- cli/command/context/create.go | 3 +++ cli/command/context/export.go | 2 ++ cli/command/context/update.go | 3 +++ docs/deprecated.md | 6 +++--- 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/cli/command/context/create.go b/cli/command/context/create.go index 9e6fe0295b4d..776d29fa10d7 100644 --- a/cli/command/context/create.go +++ b/cli/command/context/create.go @@ -62,8 +62,11 @@ func newCreateCommand(dockerCli command.Cli) *cobra.Command { &opts.DefaultStackOrchestrator, "default-stack-orchestrator", "", "Default orchestrator for stack operations to use with this context (swarm|kubernetes|all)") + flags.SetAnnotation("default-stack-orchestrator", "deprecated", nil) flags.StringToStringVar(&opts.Docker, "docker", nil, "set the docker endpoint") flags.StringToStringVar(&opts.Kubernetes, "kubernetes", nil, "set the kubernetes endpoint") + flags.SetAnnotation("kubernetes", "kubernetes", nil) + flags.SetAnnotation("kubernetes", "deprecated", nil) flags.StringVar(&opts.From, "from", "", "create context from a named context") return cmd } diff --git a/cli/command/context/export.go b/cli/command/context/export.go index 601307140238..c7cc94ff3e0f 100644 --- a/cli/command/context/export.go +++ b/cli/command/context/export.go @@ -46,6 +46,8 @@ func newExportCommand(dockerCli command.Cli) *cobra.Command { flags := cmd.Flags() flags.BoolVar(&opts.Kubeconfig, "kubeconfig", false, "Export as a kubeconfig file") + flags.SetAnnotation("kubeconfig", "kubernetes", nil) + flags.SetAnnotation("kubeconfig", "deprecated", nil) return cmd } diff --git a/cli/command/context/update.go b/cli/command/context/update.go index 3c67fdd207fb..cfd4d76bc880 100644 --- a/cli/command/context/update.go +++ b/cli/command/context/update.go @@ -61,8 +61,11 @@ func newUpdateCommand(dockerCli command.Cli) *cobra.Command { &opts.DefaultStackOrchestrator, "default-stack-orchestrator", "", "Default orchestrator for stack operations to use with this context (swarm|kubernetes|all)") + flags.SetAnnotation("default-stack-orchestrator", "deprecated", nil) flags.StringToStringVar(&opts.Docker, "docker", nil, "set the docker endpoint") flags.StringToStringVar(&opts.Kubernetes, "kubernetes", nil, "set the kubernetes endpoint") + flags.SetAnnotation("kubernetes", "kubernetes", nil) + flags.SetAnnotation("kubernetes", "deprecated", nil) return cmd } diff --git a/docs/deprecated.md b/docs/deprecated.md index 97d36e77517f..5d18481ad0f5 100644 --- a/docs/deprecated.md +++ b/docs/deprecated.md @@ -50,7 +50,7 @@ The table below provides an overview of the current status of deprecated feature Status | Feature | Deprecated | Remove -----------|------------------------------------------------------------------------------------------------------------------------------------|------------|------------ -Deprecated | [Kubernetes stack support](#kubernetes-stack-support) | v20.10 | - +Deprecated | [Kubernetes stack and context support](#kubernetes-stack-and-context-support) | v20.10 | - Deprecated | [Pulling images from non-compliant image registries](#pulling-images-from-non-compliant-image-registries) | v20.10 | - Deprecated | [Linux containers on Windows (LCOW)](#linux-containers-on-windows-lcow-experimental) | v20.10 | - Deprecated | [BLKIO weight options with cgroups v1](#blkio-weight-options–with-cgroups-v1) | v20.10 | - @@ -98,12 +98,12 @@ Removed | [`--api-enable-cors` flag on `dockerd`](#--api-enable-cors-flag-on- Removed | [`--run` flag on `docker commit`](#--run-flag-on-docker-commit) | v0.10 | v1.13 Removed | [Three arguments form in `docker import`](#three-arguments-form-in-docker-import) | v0.6.7 | v1.12 -### Kubernetes stack support +### Kubernetes stack and context support **Deprecated in Release: v20.10** Following the deprecation of [Compose on Kubernetes](https://github.com/docker/compose-on-kubernetes), support for -Kubernetes in the `stack` command in the docker CLI is now marked as deprecated as well. +Kubernetes in the `stack` and `context` commands in the docker CLI is now marked as deprecated as well. ### Pulling images from non-compliant image registries From c7cf60f65757f2360535194e9090d2b73c795090 Mon Sep 17 00:00:00 2001 From: OKA Naoya Date: Fri, 26 Feb 2021 23:54:14 +0900 Subject: [PATCH 070/127] docs: Fix wrong bridge driver option Signed-off-by: OKA Naoya (cherry picked from commit 10e909a26c08c9ac78cbf2a5e6b542097c509a73) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/network_create.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/network_create.md b/docs/reference/commandline/network_create.md index a7e22a799ef6..9e3ac66b619f 100644 --- a/docs/reference/commandline/network_create.md +++ b/docs/reference/commandline/network_create.md @@ -175,7 +175,7 @@ equivalent docker daemon flags used for docker0 bridge: | `com.docker.network.bridge.enable_icc` | `--icc` | Enable or Disable Inter Container Connectivity | | `com.docker.network.bridge.host_binding_ipv4` | `--ip` | Default IP when binding container ports | | `com.docker.network.driver.mtu` | `--mtu` | Set the containers network MTU | -| `com.docker.network.container_interface_prefix` | - | Set a custom prefix for container interfaces | +| `com.docker.network.container_iface_prefix` | - | Set a custom prefix for container interfaces | The following arguments can be passed to `docker network create` for any network driver, again with their approximate equivalents to `docker daemon`. From f3dd1ee6c1eebe6c1389cbb67698fc5f6d455b9f Mon Sep 17 00:00:00 2001 From: Metal <2466052+tedhexaflow@users.noreply.github.com> Date: Fri, 4 Jun 2021 17:12:27 +0700 Subject: [PATCH 071/127] Fix minor wording Signed-off-by: Metal <2466052+tedhexaflow@users.noreply.github.com> (cherry picked from commit 3b502ca00ed93f88799e9e77f9d57d16d5ef2e99) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/run.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index d0024ad67ab0..eef81dd81cde 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -470,7 +470,7 @@ $ docker run -itd --network=my-net --ip=10.10.9.75 busybox If you want to add a running container to a network use the `docker network connect` subcommand. You can connect multiple containers to the same network. Once connected, the -containers can communicate easily need only another container's IP address +containers can communicate easily using only another container's IP address or name. For `overlay` networks or custom plugins that support multi-host connectivity, containers connected to the same multi-host network but launched from different Engines can also communicate in this way. From eedfe50a993c4001665c73648e624af607e59da6 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 15 Jun 2021 13:32:03 +0200 Subject: [PATCH 072/127] Jenkinsfile: update labels to prevent running on cgroups v2 The dind engine version that we use in e2e does not support cgroups v2, so if we landed on an Ubuntu 20.04 node with cgroups v2 enabled, CI failed: Stderr: Error response from daemon: cgroups: cgroup mountpoint does not exist: unknown Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 2849437f217468237d5d4196b21d31f72ce07d4b) Signed-off-by: Sebastiaan van Stijn --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index d5028c921bbe..fd168193aaff 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,6 +1,6 @@ pipeline { agent { - label "linux && x86_64" + label "amd64 && ubuntu-1804 && overlay2" } options { From 0d17280a30822f98f978cc5231cf8dc1b525f209 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 9 Jun 2021 13:41:59 +0200 Subject: [PATCH 073/127] Jenkinsfile: update old engine version to 19.03 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 661b87ac9b5eff8f3d9fe6cd010e930453b06d92) Signed-off-by: Sebastiaan van Stijn --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index fd168193aaff..1e0850257b9b 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -21,9 +21,9 @@ pipeline { make -f docker.Makefile test-e2e-non-experimental" } } - stage("e2e (non-experimental) - 18.09 engine") { + stage("e2e (non-experimental) - 19.03 engine") { steps { - sh "E2E_ENGINE_VERSION=18.09-dind \ + sh "E2E_ENGINE_VERSION=19.03-dind \ E2E_UNIQUE_ID=clie2e${BUILD_NUMBER} \ IMAGE_TAG=clie2e${BUILD_NUMBER} \ make -f docker.Makefile test-e2e-non-experimental" From 644c0036066115f3d67e4ce3690d09d645df3e07 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 9 Jun 2021 13:44:09 +0200 Subject: [PATCH 074/127] circleCI: update docker engine to 20.10.6 20.10.6 looks to be the latest supported version: https://circleci.com/docs/2.0/building-docker-images/#docker-version Signed-off-by: Sebastiaan van Stijn (cherry picked from commit c6cd0493ab83fa58d8d36f83188a68d317929aef) Signed-off-by: Sebastiaan van Stijn --- .circleci/config.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index ca64e0d10fd6..fab2fb290918 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -4,13 +4,13 @@ jobs: lint: working_directory: /work - docker: [{image: 'docker:19.03-git'}] + docker: [{image: 'docker:20.10-git'}] environment: DOCKER_BUILDKIT: 1 steps: - checkout - setup_remote_docker: - version: 19.03.12 + version: 20.10.6 reusable: true exclusive: false - run: @@ -39,7 +39,7 @@ jobs: cross: working_directory: /work - docker: [{image: 'docker:19.03-git'}] + docker: [{image: 'docker:20.10-git'}] environment: DOCKER_BUILDKIT: 1 BUILDX_VERSION: "v0.5.1" @@ -47,7 +47,7 @@ jobs: steps: - checkout - setup_remote_docker: - version: 19.03.12 + version: 20.10.6 reusable: true exclusive: false - run: @@ -69,13 +69,13 @@ jobs: test: working_directory: /work - docker: [{image: 'docker:19.03-git'}] + docker: [{image: 'docker:20.10-git'}] environment: DOCKER_BUILDKIT: 1 steps: - checkout - setup_remote_docker: - version: 19.03.12 + version: 20.10.6 reusable: true exclusive: false - run: @@ -116,13 +116,13 @@ jobs: validate: working_directory: /work - docker: [{image: 'docker:19.03-git'}] + docker: [{image: 'docker:20.10-git'}] environment: DOCKER_BUILDKIT: 1 steps: - checkout - setup_remote_docker: - version: 19.03.12 + version: 20.10.6 reusable: true exclusive: false - run: From 48e6b44379d27ea29c467347e4bbc1edce7d3707 Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Thu, 17 Jun 2021 16:59:02 -0700 Subject: [PATCH 075/127] Dockerfile: remove custom go build for windows/arm64 Signed-off-by: Tonis Tiigi (cherry picked from commit f3d1b02e2b5108e2c9c0d02ec287dc3f71c4d145) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 719b0873aa97..3c15b560fe7e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,7 +11,7 @@ FROM golatest AS go-darwin FROM golatest AS go-windows-amd64 FROM golatest AS go-windows-386 FROM golatest AS go-windows-arm -FROM --platform=$BUILDPLATFORM tonistiigi/golang:497feff1-${BASE_VARIANT} AS go-windows-arm64 +FROM --platform=$BUILDPLATFORM golang:1.17rc1-${BASE_VARIANT} AS go-windows-arm64 FROM go-windows-${TARGETARCH} AS go-windows FROM --platform=$BUILDPLATFORM tonistiigi/xx@sha256:620d36a9d7f1e3b102a5c7e8eff12081ac363828b3a44390f24fa8da2d49383d AS xx From f63cb8b97ef28aa9f24e135247d1b02748dcbd92 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 21 Jul 2021 10:22:53 +0200 Subject: [PATCH 076/127] vendor: github.com/russross/blackfriday/v2 v2.1.0 removes the github.com/shurcooL/sanitized_anchor_name dependency full diff: https://github.com/russross/blackfriday/compare/v2.0.1...v2.1.0 - Committed to github.com/russross/blackfriday/v2 as the canonical import path for blackfriday v2. - Reduced the amount of dependencies. - Added a SanitizedAnchorName function. - Added Node.IsContainer and Node.IsLeaf methods. - Fixed parsing of links that end with a double backslashes. - Fixed an issue where fence length wasn't computed. - Improved the default value for the HTMLRendererParameters.FootnoteReturnLinkContents field. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit ef14ae09bb336787179335e749578db2f4bea331) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 3 +- .../russross/blackfriday/v2/README.md | 90 +- .../russross/blackfriday/v2/block.go | 30 +- .../github.com/russross/blackfriday/v2/doc.go | 28 + .../russross/blackfriday/v2/entities.go | 2236 +++++++++++++++++ .../github.com/russross/blackfriday/v2/esc.go | 42 +- .../russross/blackfriday/v2/html.go | 9 +- .../russross/blackfriday/v2/inline.go | 2 +- .../russross/blackfriday/v2/node.go | 12 +- .../shurcooL/sanitized_anchor_name/LICENSE | 21 - .../shurcooL/sanitized_anchor_name/README.md | 36 - .../shurcooL/sanitized_anchor_name/go.mod | 1 - .../shurcooL/sanitized_anchor_name/main.go | 29 - 13 files changed, 2413 insertions(+), 126 deletions(-) create mode 100644 vendor/github.com/russross/blackfriday/v2/entities.go delete mode 100644 vendor/github.com/shurcooL/sanitized_anchor_name/LICENSE delete mode 100644 vendor/github.com/shurcooL/sanitized_anchor_name/README.md delete mode 100644 vendor/github.com/shurcooL/sanitized_anchor_name/go.mod delete mode 100644 vendor/github.com/shurcooL/sanitized_anchor_name/main.go diff --git a/vendor.conf b/vendor.conf index ade625f86439..234c6812ae29 100755 --- a/vendor.conf +++ b/vendor.conf @@ -62,8 +62,7 @@ github.com/prometheus/client_golang 6edbbd9e560190e318cdc5b4d3e6 github.com/prometheus/client_model 7bc5445566f0fe75b15de23e6b93886e982d7bf9 # v0.2.0 github.com/prometheus/common d978bcb1309602d68bb4ba69cf3f8ed900e07308 # v0.9.1 github.com/prometheus/procfs 46159f73e74d1cb8dc223deef9b2d049286f46b1 # v0.0.11 -github.com/russross/blackfriday/v2 d3b5b032dc8e8927d31a5071b56e14c89f045135 # v2.0.1 -github.com/shurcooL/sanitized_anchor_name 7bfe4c7ecddb3666a94b053b422cdd8f5aaa3615 # v1.0.0 +github.com/russross/blackfriday/v2 4c9bf9512682b995722660a4196c0013228e2049 # v2.1.0 github.com/sirupsen/logrus 6699a89a232f3db797f2e280639854bbc4b89725 # v1.7.0 github.com/spf13/cobra 86f8bfd7fef868a174e1b606783bd7f5c82ddf8f # v1.1.1 github.com/spf13/pflag 2e9d26c8c37aae03e3f9d4e90b7116f5accb7cab # v1.0.5 diff --git a/vendor/github.com/russross/blackfriday/v2/README.md b/vendor/github.com/russross/blackfriday/v2/README.md index d5a8649bd532..d9c08a22fc54 100644 --- a/vendor/github.com/russross/blackfriday/v2/README.md +++ b/vendor/github.com/russross/blackfriday/v2/README.md @@ -1,4 +1,6 @@ -Blackfriday [![Build Status](https://travis-ci.org/russross/blackfriday.svg?branch=master)](https://travis-ci.org/russross/blackfriday) +Blackfriday +[![Build Status][BuildV2SVG]][BuildV2URL] +[![PkgGoDev][PkgGoDevV2SVG]][PkgGoDevV2URL] =========== Blackfriday is a [Markdown][1] processor implemented in [Go][2]. It @@ -16,19 +18,21 @@ It started as a translation from C of [Sundown][3]. Installation ------------ -Blackfriday is compatible with any modern Go release. With Go 1.7 and git -installed: +Blackfriday is compatible with modern Go releases in module mode. +With Go installed: - go get gopkg.in/russross/blackfriday.v2 + go get github.com/russross/blackfriday/v2 -will download, compile, and install the package into your `$GOPATH` -directory hierarchy. Alternatively, you can achieve the same if you -import it into a project: +will resolve and add the package to the current development module, +then build and install it. Alternatively, you can achieve the same +if you import it in a package: - import "gopkg.in/russross/blackfriday.v2" + import "github.com/russross/blackfriday/v2" and `go get` without parameters. +Legacy GOPATH mode is unsupported. + Versions -------- @@ -36,13 +40,9 @@ Versions Currently maintained and recommended version of Blackfriday is `v2`. It's being developed on its own branch: https://github.com/russross/blackfriday/tree/v2 and the documentation is available at -https://godoc.org/gopkg.in/russross/blackfriday.v2. +https://pkg.go.dev/github.com/russross/blackfriday/v2. -It is `go get`-able via via [gopkg.in][6] at `gopkg.in/russross/blackfriday.v2`, -but we highly recommend using package management tool like [dep][7] or -[Glide][8] and make use of semantic versioning. With package management you -should import `github.com/russross/blackfriday` and specify that you're using -version 2.0.0. +It is `go get`-able in module mode at `github.com/russross/blackfriday/v2`. Version 2 offers a number of improvements over v1: @@ -62,6 +62,11 @@ Potential drawbacks: v2. See issue [#348](https://github.com/russross/blackfriday/issues/348) for tracking. +If you are still interested in the legacy `v1`, you can import it from +`github.com/russross/blackfriday`. Documentation for the legacy v1 can be found +here: https://pkg.go.dev/github.com/russross/blackfriday. + + Usage ----- @@ -91,7 +96,7 @@ Here's an example of simple usage of Blackfriday together with Bluemonday: ```go import ( "github.com/microcosm-cc/bluemonday" - "github.com/russross/blackfriday" + "github.com/russross/blackfriday/v2" ) // ... @@ -104,6 +109,8 @@ html := bluemonday.UGCPolicy().SanitizeBytes(unsafe) If you want to customize the set of options, use `blackfriday.WithExtensions`, `blackfriday.WithRenderer` and `blackfriday.WithRefOverride`. +### `blackfriday-tool` + You can also check out `blackfriday-tool` for a more complete example of how to use it. Download and install it using: @@ -114,7 +121,7 @@ markdown file using a standalone program. You can also browse the source directly on github if you are just looking for some example code: -* +* Note that if you have not already done so, installing `blackfriday-tool` will be sufficient to download and install @@ -123,6 +130,22 @@ installed in `$GOPATH/bin`. This is a statically-linked binary that can be copied to wherever you need it without worrying about dependencies and library versions. +### Sanitized anchor names + +Blackfriday includes an algorithm for creating sanitized anchor names +corresponding to a given input text. This algorithm is used to create +anchors for headings when `AutoHeadingIDs` extension is enabled. The +algorithm has a specification, so that other packages can create +compatible anchor names and links to those anchors. + +The specification is located at https://pkg.go.dev/github.com/russross/blackfriday/v2#hdr-Sanitized_Anchor_Names. + +[`SanitizedAnchorName`](https://pkg.go.dev/github.com/russross/blackfriday/v2#SanitizedAnchorName) exposes this functionality, and can be used to +create compatible links to the anchor names generated by blackfriday. +This algorithm is also implemented in a small standalone package at +[`github.com/shurcooL/sanitized_anchor_name`](https://pkg.go.dev/github.com/shurcooL/sanitized_anchor_name). It can be useful for clients +that want a small package and don't need full functionality of blackfriday. + Features -------- @@ -199,6 +222,15 @@ implements the following extensions: You can use 3 or more backticks to mark the beginning of the block, and the same number to mark the end of the block. + To preserve classes of fenced code blocks while using the bluemonday + HTML sanitizer, use the following policy: + + ```go + p := bluemonday.UGCPolicy() + p.AllowAttrs("class").Matching(regexp.MustCompile("^language-[a-zA-Z0-9]+$")).OnElements("code") + html := p.SanitizeBytes(unsafe) + ``` + * **Definition lists**. A simple definition list is made of a single-line term followed by a colon and the definition for that term. @@ -250,7 +282,7 @@ Other renderers Blackfriday is structured to allow alternative rendering engines. Here are a few of note: -* [github_flavored_markdown](https://godoc.org/github.com/shurcooL/github_flavored_markdown): +* [github_flavored_markdown](https://pkg.go.dev/github.com/shurcooL/github_flavored_markdown): provides a GitHub Flavored Markdown renderer with fenced code block highlighting, clickable heading anchor links. @@ -261,20 +293,28 @@ are a few of note: * [markdownfmt](https://github.com/shurcooL/markdownfmt): like gofmt, but for markdown. -* [LaTeX output](https://github.com/Ambrevar/Blackfriday-LaTeX): +* [LaTeX output](https://gitlab.com/ambrevar/blackfriday-latex): renders output as LaTeX. +* [bfchroma](https://github.com/Depado/bfchroma/): provides convenience + integration with the [Chroma](https://github.com/alecthomas/chroma) code + highlighting library. bfchroma is only compatible with v2 of Blackfriday and + provides a drop-in renderer ready to use with Blackfriday, as well as + options and means for further customization. + * [Blackfriday-Confluence](https://github.com/kentaro-m/blackfriday-confluence): provides a [Confluence Wiki Markup](https://confluence.atlassian.com/doc/confluence-wiki-markup-251003035.html) renderer. +* [Blackfriday-Slack](https://github.com/karriereat/blackfriday-slack): converts markdown to slack message style + -Todo +TODO ---- * More unit testing -* Improve unicode support. It does not understand all unicode +* Improve Unicode support. It does not understand all Unicode rules (about what constitutes a letter, a punctuation symbol, etc.), so it may fail to detect word boundaries correctly in - some instances. It is safe on all utf-8 input. + some instances. It is safe on all UTF-8 input. License @@ -286,6 +326,10 @@ License [1]: https://daringfireball.net/projects/markdown/ "Markdown" [2]: https://golang.org/ "Go Language" [3]: https://github.com/vmg/sundown "Sundown" - [4]: https://godoc.org/gopkg.in/russross/blackfriday.v2#Parse "Parse func" + [4]: https://pkg.go.dev/github.com/russross/blackfriday/v2#Parse "Parse func" [5]: https://github.com/microcosm-cc/bluemonday "Bluemonday" - [6]: https://labix.org/gopkg.in "gopkg.in" + + [BuildV2SVG]: https://travis-ci.org/russross/blackfriday.svg?branch=v2 + [BuildV2URL]: https://travis-ci.org/russross/blackfriday + [PkgGoDevV2SVG]: https://pkg.go.dev/badge/github.com/russross/blackfriday/v2 + [PkgGoDevV2URL]: https://pkg.go.dev/github.com/russross/blackfriday/v2 diff --git a/vendor/github.com/russross/blackfriday/v2/block.go b/vendor/github.com/russross/blackfriday/v2/block.go index b8607474e599..dcd61e6e35bc 100644 --- a/vendor/github.com/russross/blackfriday/v2/block.go +++ b/vendor/github.com/russross/blackfriday/v2/block.go @@ -18,8 +18,7 @@ import ( "html" "regexp" "strings" - - "github.com/shurcooL/sanitized_anchor_name" + "unicode" ) const ( @@ -259,7 +258,7 @@ func (p *Markdown) prefixHeading(data []byte) int { } if end > i { if id == "" && p.extensions&AutoHeadingIDs != 0 { - id = sanitized_anchor_name.Create(string(data[i:end])) + id = SanitizedAnchorName(string(data[i:end])) } block := p.addBlock(Heading, data[i:end]) block.HeadingID = id @@ -673,6 +672,7 @@ func (p *Markdown) fencedCodeBlock(data []byte, doRender bool) int { if beg == 0 || beg >= len(data) { return 0 } + fenceLength := beg - 1 var work bytes.Buffer work.Write([]byte(info)) @@ -706,6 +706,7 @@ func (p *Markdown) fencedCodeBlock(data []byte, doRender bool) int { if doRender { block := p.addBlock(CodeBlock, work.Bytes()) // TODO: get rid of temp buffer block.IsFenced = true + block.FenceLength = fenceLength finalizeCodeBlock(block) } @@ -1503,7 +1504,7 @@ func (p *Markdown) paragraph(data []byte) int { id := "" if p.extensions&AutoHeadingIDs != 0 { - id = sanitized_anchor_name.Create(string(data[prev:eol])) + id = SanitizedAnchorName(string(data[prev:eol])) } block := p.addBlock(Heading, data[prev:eol]) @@ -1588,3 +1589,24 @@ func skipUntilChar(text []byte, start int, char byte) int { } return i } + +// SanitizedAnchorName returns a sanitized anchor name for the given text. +// +// It implements the algorithm specified in the package comment. +func SanitizedAnchorName(text string) string { + var anchorName []rune + futureDash := false + for _, r := range text { + switch { + case unicode.IsLetter(r) || unicode.IsNumber(r): + if futureDash && len(anchorName) > 0 { + anchorName = append(anchorName, '-') + } + futureDash = false + anchorName = append(anchorName, unicode.ToLower(r)) + default: + futureDash = true + } + } + return string(anchorName) +} diff --git a/vendor/github.com/russross/blackfriday/v2/doc.go b/vendor/github.com/russross/blackfriday/v2/doc.go index 5b3fa9876ac8..57ff152a0568 100644 --- a/vendor/github.com/russross/blackfriday/v2/doc.go +++ b/vendor/github.com/russross/blackfriday/v2/doc.go @@ -15,4 +15,32 @@ // // If you're interested in calling Blackfriday from command line, see // https://github.com/russross/blackfriday-tool. +// +// Sanitized Anchor Names +// +// Blackfriday includes an algorithm for creating sanitized anchor names +// corresponding to a given input text. This algorithm is used to create +// anchors for headings when AutoHeadingIDs extension is enabled. The +// algorithm is specified below, so that other packages can create +// compatible anchor names and links to those anchors. +// +// The algorithm iterates over the input text, interpreted as UTF-8, +// one Unicode code point (rune) at a time. All runes that are letters (category L) +// or numbers (category N) are considered valid characters. They are mapped to +// lower case, and included in the output. All other runes are considered +// invalid characters. Invalid characters that precede the first valid character, +// as well as invalid character that follow the last valid character +// are dropped completely. All other sequences of invalid characters +// between two valid characters are replaced with a single dash character '-'. +// +// SanitizedAnchorName exposes this functionality, and can be used to +// create compatible links to the anchor names generated by blackfriday. +// This algorithm is also implemented in a small standalone package at +// github.com/shurcooL/sanitized_anchor_name. It can be useful for clients +// that want a small package and don't need full functionality of blackfriday. package blackfriday + +// NOTE: Keep Sanitized Anchor Name algorithm in sync with package +// github.com/shurcooL/sanitized_anchor_name. +// Otherwise, users of sanitized_anchor_name will get anchor names +// that are incompatible with those generated by blackfriday. diff --git a/vendor/github.com/russross/blackfriday/v2/entities.go b/vendor/github.com/russross/blackfriday/v2/entities.go new file mode 100644 index 000000000000..a2c3edb691c8 --- /dev/null +++ b/vendor/github.com/russross/blackfriday/v2/entities.go @@ -0,0 +1,2236 @@ +package blackfriday + +// Extracted from https://html.spec.whatwg.org/multipage/entities.json +var entities = map[string]bool{ + "Æ": true, + "Æ": true, + "&": true, + "&": true, + "Á": true, + "Á": true, + "Ă": true, + "Â": true, + "Â": true, + "А": true, + "𝔄": true, + "À": true, + "À": true, + "Α": true, + "Ā": true, + "⩓": true, + "Ą": true, + "𝔸": true, + "⁡": true, + "Å": true, + "Å": true, + "𝒜": true, + "≔": true, + "Ã": true, + "Ã": true, + "Ä": true, + "Ä": true, + "∖": true, + "⫧": true, + "⌆": true, + "Б": true, + "∵": true, + "ℬ": true, + "Β": true, + "𝔅": true, + "𝔹": true, + "˘": true, + "ℬ": true, + "≎": true, + "Ч": true, + "©": true, + "©": true, + "Ć": true, + "⋒": true, + "ⅅ": true, + "ℭ": true, + "Č": true, + "Ç": true, + "Ç": true, + "Ĉ": true, + "∰": true, + "Ċ": true, + "¸": true, + "·": true, + "ℭ": true, + "Χ": true, + "⊙": true, + "⊖": true, + "⊕": true, + "⊗": true, + "∲": true, + "”": true, + "’": true, + "∷": true, + "⩴": true, + "≡": true, + "∯": true, + "∮": true, + "ℂ": true, + "∐": true, + "∳": true, + "⨯": true, + "𝒞": true, + "⋓": true, + "≍": true, + "ⅅ": true, + "⤑": true, + "Ђ": true, + "Ѕ": true, + "Џ": true, + "‡": true, + "↡": true, + "⫤": true, + "Ď": true, + "Д": true, + "∇": true, + "Δ": true, + "𝔇": true, + "´": true, + "˙": true, + "˝": true, + "`": true, + "˜": true, + "⋄": true, + "ⅆ": true, + "𝔻": true, + "¨": true, + "⃜": true, + "≐": true, + "∯": true, + "¨": true, + "⇓": true, + "⇐": true, + "⇔": true, + "⫤": true, + "⟸": true, + "⟺": true, + "⟹": true, + "⇒": true, + "⊨": true, + "⇑": true, + "⇕": true, + "∥": true, + "↓": true, + "⤓": true, + "⇵": true, + "̑": true, + "⥐": true, + "⥞": true, + "↽": true, + "⥖": true, + "⥟": true, + "⇁": true, + "⥗": true, + "⊤": true, + "↧": true, + "⇓": true, + "𝒟": true, + "Đ": true, + "Ŋ": true, + "Ð": true, + "Ð": true, + "É": true, + "É": true, + "Ě": true, + "Ê": true, + "Ê": true, + "Э": true, + "Ė": true, + "𝔈": true, + "È": true, + "È": true, + "∈": true, + "Ē": true, + "◻": true, + "▫": true, + "Ę": true, + "𝔼": true, + "Ε": true, + "⩵": true, + "≂": true, + "⇌": true, + "ℰ": true, + "⩳": true, + "Η": true, + "Ë": true, + "Ë": true, + "∃": true, + "ⅇ": true, + "Ф": true, + "𝔉": true, + "◼": true, + "▪": true, + "𝔽": true, + "∀": true, + "ℱ": true, + "ℱ": true, + "Ѓ": true, + ">": true, + ">": true, + "Γ": true, + "Ϝ": true, + "Ğ": true, + "Ģ": true, + "Ĝ": true, + "Г": true, + "Ġ": true, + "𝔊": true, + "⋙": true, + "𝔾": true, + "≥": true, + "⋛": true, + "≧": true, + "⪢": true, + "≷": true, + "⩾": true, + "≳": true, + "𝒢": true, + "≫": true, + "Ъ": true, + "ˇ": true, + "^": true, + "Ĥ": true, + "ℌ": true, + "ℋ": true, + "ℍ": true, + "─": true, + "ℋ": true, + "Ħ": true, + "≎": true, + "≏": true, + "Е": true, + "IJ": true, + "Ё": true, + "Í": true, + "Í": true, + "Î": true, + "Î": true, + "И": true, + "İ": true, + "ℑ": true, + "Ì": true, + "Ì": true, + "ℑ": true, + "Ī": true, + "ⅈ": true, + "⇒": true, + "∬": true, + "∫": true, + "⋂": true, + "⁣": true, + "⁢": true, + "Į": true, + "𝕀": true, + "Ι": true, + "ℐ": true, + "Ĩ": true, + "І": true, + "Ï": true, + "Ï": true, + "Ĵ": true, + "Й": true, + "𝔍": true, + "𝕁": true, + "𝒥": true, + "Ј": true, + "Є": true, + "Х": true, + "Ќ": true, + "Κ": true, + "Ķ": true, + "К": true, + "𝔎": true, + "𝕂": true, + "𝒦": true, + "Љ": true, + "<": true, + "<": true, + "Ĺ": true, + "Λ": true, + "⟪": true, + "ℒ": true, + "↞": true, + "Ľ": true, + "Ļ": true, + "Л": true, + "⟨": true, + "←": true, + "⇤": true, + "⇆": true, + "⌈": true, + "⟦": true, + "⥡": true, + "⇃": true, + "⥙": true, + "⌊": true, + "↔": true, + "⥎": true, + "⊣": true, + "↤": true, + "⥚": true, + "⊲": true, + "⧏": true, + "⊴": true, + "⥑": true, + "⥠": true, + "↿": true, + "⥘": true, + "↼": true, + "⥒": true, + "⇐": true, + "⇔": true, + "⋚": true, + "≦": true, + "≶": true, + "⪡": true, + "⩽": true, + "≲": true, + "𝔏": true, + "⋘": true, + "⇚": true, + "Ŀ": true, + "⟵": true, + "⟷": true, + "⟶": true, + "⟸": true, + "⟺": true, + "⟹": true, + "𝕃": true, + "↙": true, + "↘": true, + "ℒ": true, + "↰": true, + "Ł": true, + "≪": true, + "⤅": true, + "М": true, + " ": true, + "ℳ": true, + "𝔐": true, + "∓": true, + "𝕄": true, + "ℳ": true, + "Μ": true, + "Њ": true, + "Ń": true, + "Ň": true, + "Ņ": true, + "Н": true, + "​": true, + "​": true, + "​": true, + "​": true, + "≫": true, + "≪": true, + " ": true, + "𝔑": true, + "⁠": true, + " ": true, + "ℕ": true, + "⫬": true, + "≢": true, + "≭": true, + "∦": true, + "∉": true, + "≠": true, + "≂̸": true, + "∄": true, + "≯": true, + "≱": true, + "≧̸": true, + "≫̸": true, + "≹": true, + "⩾̸": true, + "≵": true, + "≎̸": true, + "≏̸": true, + "⋪": true, + "⧏̸": true, + "⋬": true, + "≮": true, + "≰": true, + "≸": true, + "≪̸": true, + "⩽̸": true, + "≴": true, + "⪢̸": true, + "⪡̸": true, + "⊀": true, + "⪯̸": true, + "⋠": true, + "∌": true, + "⋫": true, + "⧐̸": true, + "⋭": true, + "⊏̸": true, + "⋢": true, + "⊐̸": true, + "⋣": true, + "⊂⃒": true, + "⊈": true, + "⊁": true, + "⪰̸": true, + "⋡": true, + "≿̸": true, + "⊃⃒": true, + "⊉": true, + "≁": true, + "≄": true, + "≇": true, + "≉": true, + "∤": true, + "𝒩": true, + "Ñ": true, + "Ñ": true, + "Ν": true, + "Œ": true, + "Ó": true, + "Ó": true, + "Ô": true, + "Ô": true, + "О": true, + "Ő": true, + "𝔒": true, + "Ò": true, + "Ò": true, + "Ō": true, + "Ω": true, + "Ο": true, + "𝕆": true, + "“": true, + "‘": true, + "⩔": true, + "𝒪": true, + "Ø": true, + "Ø": true, + "Õ": true, + "Õ": true, + "⨷": true, + "Ö": true, + "Ö": true, + "‾": true, + "⏞": true, + "⎴": true, + "⏜": true, + "∂": true, + "П": true, + "𝔓": true, + "Φ": true, + "Π": true, + "±": true, + "ℌ": true, + "ℙ": true, + "⪻": true, + "≺": true, + "⪯": true, + "≼": true, + "≾": true, + "″": true, + "∏": true, + "∷": true, + "∝": true, + "𝒫": true, + "Ψ": true, + """: true, + """: true, + "𝔔": true, + "ℚ": true, + "𝒬": true, + "⤐": true, + "®": true, + "®": true, + "Ŕ": true, + "⟫": true, + "↠": true, + "⤖": true, + "Ř": true, + "Ŗ": true, + "Р": true, + "ℜ": true, + "∋": true, + "⇋": true, + "⥯": true, + "ℜ": true, + "Ρ": true, + "⟩": true, + "→": true, + "⇥": true, + "⇄": true, + "⌉": true, + "⟧": true, + "⥝": true, + "⇂": true, + "⥕": true, + "⌋": true, + "⊢": true, + "↦": true, + "⥛": true, + "⊳": true, + "⧐": true, + "⊵": true, + "⥏": true, + "⥜": true, + "↾": true, + "⥔": true, + "⇀": true, + "⥓": true, + "⇒": true, + "ℝ": true, + "⥰": true, + "⇛": true, + "ℛ": true, + "↱": true, + "⧴": true, + "Щ": true, + "Ш": true, + "Ь": true, + "Ś": true, + "⪼": true, + "Š": true, + "Ş": true, + "Ŝ": true, + "С": true, + "𝔖": true, + "↓": true, + "←": true, + "→": true, + "↑": true, + "Σ": true, + "∘": true, + "𝕊": true, + "√": true, + "□": true, + "⊓": true, + "⊏": true, + "⊑": true, + "⊐": true, + "⊒": true, + "⊔": true, + "𝒮": true, + "⋆": true, + "⋐": true, + "⋐": true, + "⊆": true, + "≻": true, + "⪰": true, + "≽": true, + "≿": true, + "∋": true, + "∑": true, + "⋑": true, + "⊃": true, + "⊇": true, + "⋑": true, + "Þ": true, + "Þ": true, + "™": true, + "Ћ": true, + "Ц": true, + " ": true, + "Τ": true, + "Ť": true, + "Ţ": true, + "Т": true, + "𝔗": true, + "∴": true, + "Θ": true, + "  ": true, + " ": true, + "∼": true, + "≃": true, + "≅": true, + "≈": true, + "𝕋": true, + "⃛": true, + "𝒯": true, + "Ŧ": true, + "Ú": true, + "Ú": true, + "↟": true, + "⥉": true, + "Ў": true, + "Ŭ": true, + "Û": true, + "Û": true, + "У": true, + "Ű": true, + "𝔘": true, + "Ù": true, + "Ù": true, + "Ū": true, + "_": true, + "⏟": true, + "⎵": true, + "⏝": true, + "⋃": true, + "⊎": true, + "Ų": true, + "𝕌": true, + "↑": true, + "⤒": true, + "⇅": true, + "↕": true, + "⥮": true, + "⊥": true, + "↥": true, + "⇑": true, + "⇕": true, + "↖": true, + "↗": true, + "ϒ": true, + "Υ": true, + "Ů": true, + "𝒰": true, + "Ũ": true, + "Ü": true, + "Ü": true, + "⊫": true, + "⫫": true, + "В": true, + "⊩": true, + "⫦": true, + "⋁": true, + "‖": true, + "‖": true, + "∣": true, + "|": true, + "❘": true, + "≀": true, + " ": true, + "𝔙": true, + "𝕍": true, + "𝒱": true, + "⊪": true, + "Ŵ": true, + "⋀": true, + "𝔚": true, + "𝕎": true, + "𝒲": true, + "𝔛": true, + "Ξ": true, + "𝕏": true, + "𝒳": true, + "Я": true, + "Ї": true, + "Ю": true, + "Ý": true, + "Ý": true, + "Ŷ": true, + "Ы": true, + "𝔜": true, + "𝕐": true, + "𝒴": true, + "Ÿ": true, + "Ж": true, + "Ź": true, + "Ž": true, + "З": true, + "Ż": true, + "​": true, + "Ζ": true, + "ℨ": true, + "ℤ": true, + "𝒵": true, + "á": true, + "á": true, + "ă": true, + "∾": true, + "∾̳": true, + "∿": true, + "â": true, + "â": true, + "´": true, + "´": true, + "а": true, + "æ": true, + "æ": true, + "⁡": true, + "𝔞": true, + "à": true, + "à": true, + "ℵ": true, + "ℵ": true, + "α": true, + "ā": true, + "⨿": true, + "&": true, + "&": true, + "∧": true, + "⩕": true, + "⩜": true, + "⩘": true, + "⩚": true, + "∠": true, + "⦤": true, + "∠": true, + "∡": true, + "⦨": true, + "⦩": true, + "⦪": true, + "⦫": true, + "⦬": true, + "⦭": true, + "⦮": true, + "⦯": true, + "∟": true, + "⊾": true, + "⦝": true, + "∢": true, + "Å": true, + "⍼": true, + "ą": true, + "𝕒": true, + "≈": true, + "⩰": true, + "⩯": true, + "≊": true, + "≋": true, + "'": true, + "≈": true, + "≊": true, + "å": true, + "å": true, + "𝒶": true, + "*": true, + "≈": true, + "≍": true, + "ã": true, + "ã": true, + "ä": true, + "ä": true, + "∳": true, + "⨑": true, + "⫭": true, + "≌": true, + "϶": true, + "‵": true, + "∽": true, + "⋍": true, + "⊽": true, + "⌅": true, + "⌅": true, + "⎵": true, + "⎶": true, + "≌": true, + "б": true, + "„": true, + "∵": true, + "∵": true, + "⦰": true, + "϶": true, + "ℬ": true, + "β": true, + "ℶ": true, + "≬": true, + "𝔟": true, + "⋂": true, + "◯": true, + "⋃": true, + "⨀": true, + "⨁": true, + "⨂": true, + "⨆": true, + "★": true, + "▽": true, + "△": true, + "⨄": true, + "⋁": true, + "⋀": true, + "⤍": true, + "⧫": true, + "▪": true, + "▴": true, + "▾": true, + "◂": true, + "▸": true, + "␣": true, + "▒": true, + "░": true, + "▓": true, + "█": true, + "=⃥": true, + "≡⃥": true, + "⌐": true, + "𝕓": true, + "⊥": true, + "⊥": true, + "⋈": true, + "╗": true, + "╔": true, + "╖": true, + "╓": true, + "═": true, + "╦": true, + "╩": true, + "╤": true, + "╧": true, + "╝": true, + "╚": true, + "╜": true, + "╙": true, + "║": true, + "╬": true, + "╣": true, + "╠": true, + "╫": true, + "╢": true, + "╟": true, + "⧉": true, + "╕": true, + "╒": true, + "┐": true, + "┌": true, + "─": true, + "╥": true, + "╨": true, + "┬": true, + "┴": true, + "⊟": true, + "⊞": true, + "⊠": true, + "╛": true, + "╘": true, + "┘": true, + "└": true, + "│": true, + "╪": true, + "╡": true, + "╞": true, + "┼": true, + "┤": true, + "├": true, + "‵": true, + "˘": true, + "¦": true, + "¦": true, + "𝒷": true, + "⁏": true, + "∽": true, + "⋍": true, + "\": true, + "⧅": true, + "⟈": true, + "•": true, + "•": true, + "≎": true, + "⪮": true, + "≏": true, + "≏": true, + "ć": true, + "∩": true, + "⩄": true, + "⩉": true, + "⩋": true, + "⩇": true, + "⩀": true, + "∩︀": true, + "⁁": true, + "ˇ": true, + "⩍": true, + "č": true, + "ç": true, + "ç": true, + "ĉ": true, + "⩌": true, + "⩐": true, + "ċ": true, + "¸": true, + "¸": true, + "⦲": true, + "¢": true, + "¢": true, + "·": true, + "𝔠": true, + "ч": true, + "✓": true, + "✓": true, + "χ": true, + "○": true, + "⧃": true, + "ˆ": true, + "≗": true, + "↺": true, + "↻": true, + "®": true, + "Ⓢ": true, + "⊛": true, + "⊚": true, + "⊝": true, + "≗": true, + "⨐": true, + "⫯": true, + "⧂": true, + "♣": true, + "♣": true, + ":": true, + "≔": true, + "≔": true, + ",": true, + "@": true, + "∁": true, + "∘": true, + "∁": true, + "ℂ": true, + "≅": true, + "⩭": true, + "∮": true, + "𝕔": true, + "∐": true, + "©": true, + "©": true, + "℗": true, + "↵": true, + "✗": true, + "𝒸": true, + "⫏": true, + "⫑": true, + "⫐": true, + "⫒": true, + "⋯": true, + "⤸": true, + "⤵": true, + "⋞": true, + "⋟": true, + "↶": true, + "⤽": true, + "∪": true, + "⩈": true, + "⩆": true, + "⩊": true, + "⊍": true, + "⩅": true, + "∪︀": true, + "↷": true, + "⤼": true, + "⋞": true, + "⋟": true, + "⋎": true, + "⋏": true, + "¤": true, + "¤": true, + "↶": true, + "↷": true, + "⋎": true, + "⋏": true, + "∲": true, + "∱": true, + "⌭": true, + "⇓": true, + "⥥": true, + "†": true, + "ℸ": true, + "↓": true, + "‐": true, + "⊣": true, + "⤏": true, + "˝": true, + "ď": true, + "д": true, + "ⅆ": true, + "‡": true, + "⇊": true, + "⩷": true, + "°": true, + "°": true, + "δ": true, + "⦱": true, + "⥿": true, + "𝔡": true, + "⇃": true, + "⇂": true, + "⋄": true, + "⋄": true, + "♦": true, + "♦": true, + "¨": true, + "ϝ": true, + "⋲": true, + "÷": true, + "÷": true, + "÷": true, + "⋇": true, + "⋇": true, + "ђ": true, + "⌞": true, + "⌍": true, + "$": true, + "𝕕": true, + "˙": true, + "≐": true, + "≑": true, + "∸": true, + "∔": true, + "⊡": true, + "⌆": true, + "↓": true, + "⇊": true, + "⇃": true, + "⇂": true, + "⤐": true, + "⌟": true, + "⌌": true, + "𝒹": true, + "ѕ": true, + "⧶": true, + "đ": true, + "⋱": true, + "▿": true, + "▾": true, + "⇵": true, + "⥯": true, + "⦦": true, + "џ": true, + "⟿": true, + "⩷": true, + "≑": true, + "é": true, + "é": true, + "⩮": true, + "ě": true, + "≖": true, + "ê": true, + "ê": true, + "≕": true, + "э": true, + "ė": true, + "ⅇ": true, + "≒": true, + "𝔢": true, + "⪚": true, + "è": true, + "è": true, + "⪖": true, + "⪘": true, + "⪙": true, + "⏧": true, + "ℓ": true, + "⪕": true, + "⪗": true, + "ē": true, + "∅": true, + "∅": true, + "∅": true, + " ": true, + " ": true, + " ": true, + "ŋ": true, + " ": true, + "ę": true, + "𝕖": true, + "⋕": true, + "⧣": true, + "⩱": true, + "ε": true, + "ε": true, + "ϵ": true, + "≖": true, + "≕": true, + "≂": true, + "⪖": true, + "⪕": true, + "=": true, + "≟": true, + "≡": true, + "⩸": true, + "⧥": true, + "≓": true, + "⥱": true, + "ℯ": true, + "≐": true, + "≂": true, + "η": true, + "ð": true, + "ð": true, + "ë": true, + "ë": true, + "€": true, + "!": true, + "∃": true, + "ℰ": true, + "ⅇ": true, + "≒": true, + "ф": true, + "♀": true, + "ffi": true, + "ff": true, + "ffl": true, + "𝔣": true, + "fi": true, + "fj": true, + "♭": true, + "fl": true, + "▱": true, + "ƒ": true, + "𝕗": true, + "∀": true, + "⋔": true, + "⫙": true, + "⨍": true, + "½": true, + "½": true, + "⅓": true, + "¼": true, + "¼": true, + "⅕": true, + "⅙": true, + "⅛": true, + "⅔": true, + "⅖": true, + "¾": true, + "¾": true, + "⅗": true, + "⅜": true, + "⅘": true, + "⅚": true, + "⅝": true, + "⅞": true, + "⁄": true, + "⌢": true, + "𝒻": true, + "≧": true, + "⪌": true, + "ǵ": true, + "γ": true, + "ϝ": true, + "⪆": true, + "ğ": true, + "ĝ": true, + "г": true, + "ġ": true, + "≥": true, + "⋛": true, + "≥": true, + "≧": true, + "⩾": true, + "⩾": true, + "⪩": true, + "⪀": true, + "⪂": true, + "⪄": true, + "⋛︀": true, + "⪔": true, + "𝔤": true, + "≫": true, + "⋙": true, + "ℷ": true, + "ѓ": true, + "≷": true, + "⪒": true, + "⪥": true, + "⪤": true, + "≩": true, + "⪊": true, + "⪊": true, + "⪈": true, + "⪈": true, + "≩": true, + "⋧": true, + "𝕘": true, + "`": true, + "ℊ": true, + "≳": true, + "⪎": true, + "⪐": true, + ">": true, + ">": true, + "⪧": true, + "⩺": true, + "⋗": true, + "⦕": true, + "⩼": true, + "⪆": true, + "⥸": true, + "⋗": true, + "⋛": true, + "⪌": true, + "≷": true, + "≳": true, + "≩︀": true, + "≩︀": true, + "⇔": true, + " ": true, + "½": true, + "ℋ": true, + "ъ": true, + "↔": true, + "⥈": true, + "↭": true, + "ℏ": true, + "ĥ": true, + "♥": true, + "♥": true, + "…": true, + "⊹": true, + "𝔥": true, + "⤥": true, + "⤦": true, + "⇿": true, + "∻": true, + "↩": true, + "↪": true, + "𝕙": true, + "―": true, + "𝒽": true, + "ℏ": true, + "ħ": true, + "⁃": true, + "‐": true, + "í": true, + "í": true, + "⁣": true, + "î": true, + "î": true, + "и": true, + "е": true, + "¡": true, + "¡": true, + "⇔": true, + "𝔦": true, + "ì": true, + "ì": true, + "ⅈ": true, + "⨌": true, + "∭": true, + "⧜": true, + "℩": true, + "ij": true, + "ī": true, + "ℑ": true, + "ℐ": true, + "ℑ": true, + "ı": true, + "⊷": true, + "Ƶ": true, + "∈": true, + "℅": true, + "∞": true, + "⧝": true, + "ı": true, + "∫": true, + "⊺": true, + "ℤ": true, + "⊺": true, + "⨗": true, + "⨼": true, + "ё": true, + "į": true, + "𝕚": true, + "ι": true, + "⨼": true, + "¿": true, + "¿": true, + "𝒾": true, + "∈": true, + "⋹": true, + "⋵": true, + "⋴": true, + "⋳": true, + "∈": true, + "⁢": true, + "ĩ": true, + "і": true, + "ï": true, + "ï": true, + "ĵ": true, + "й": true, + "𝔧": true, + "ȷ": true, + "𝕛": true, + "𝒿": true, + "ј": true, + "є": true, + "κ": true, + "ϰ": true, + "ķ": true, + "к": true, + "𝔨": true, + "ĸ": true, + "х": true, + "ќ": true, + "𝕜": true, + "𝓀": true, + "⇚": true, + "⇐": true, + "⤛": true, + "⤎": true, + "≦": true, + "⪋": true, + "⥢": true, + "ĺ": true, + "⦴": true, + "ℒ": true, + "λ": true, + "⟨": true, + "⦑": true, + "⟨": true, + "⪅": true, + "«": true, + "«": true, + "←": true, + "⇤": true, + "⤟": true, + "⤝": true, + "↩": true, + "↫": true, + "⤹": true, + "⥳": true, + "↢": true, + "⪫": true, + "⤙": true, + "⪭": true, + "⪭︀": true, + "⤌": true, + "❲": true, + "{": true, + "[": true, + "⦋": true, + "⦏": true, + "⦍": true, + "ľ": true, + "ļ": true, + "⌈": true, + "{": true, + "л": true, + "⤶": true, + "“": true, + "„": true, + "⥧": true, + "⥋": true, + "↲": true, + "≤": true, + "←": true, + "↢": true, + "↽": true, + "↼": true, + "⇇": true, + "↔": true, + "⇆": true, + "⇋": true, + "↭": true, + "⋋": true, + "⋚": true, + "≤": true, + "≦": true, + "⩽": true, + "⩽": true, + "⪨": true, + "⩿": true, + "⪁": true, + "⪃": true, + "⋚︀": true, + "⪓": true, + "⪅": true, + "⋖": true, + "⋚": true, + "⪋": true, + "≶": true, + "≲": true, + "⥼": true, + "⌊": true, + "𝔩": true, + "≶": true, + "⪑": true, + "↽": true, + "↼": true, + "⥪": true, + "▄": true, + "љ": true, + "≪": true, + "⇇": true, + "⌞": true, + "⥫": true, + "◺": true, + "ŀ": true, + "⎰": true, + "⎰": true, + "≨": true, + "⪉": true, + "⪉": true, + "⪇": true, + "⪇": true, + "≨": true, + "⋦": true, + "⟬": true, + "⇽": true, + "⟦": true, + "⟵": true, + "⟷": true, + "⟼": true, + "⟶": true, + "↫": true, + "↬": true, + "⦅": true, + "𝕝": true, + "⨭": true, + "⨴": true, + "∗": true, + "_": true, + "◊": true, + "◊": true, + "⧫": true, + "(": true, + "⦓": true, + "⇆": true, + "⌟": true, + "⇋": true, + "⥭": true, + "‎": true, + "⊿": true, + "‹": true, + "𝓁": true, + "↰": true, + "≲": true, + "⪍": true, + "⪏": true, + "[": true, + "‘": true, + "‚": true, + "ł": true, + "<": true, + "<": true, + "⪦": true, + "⩹": true, + "⋖": true, + "⋋": true, + "⋉": true, + "⥶": true, + "⩻": true, + "⦖": true, + "◃": true, + "⊴": true, + "◂": true, + "⥊": true, + "⥦": true, + "≨︀": true, + "≨︀": true, + "∺": true, + "¯": true, + "¯": true, + "♂": true, + "✠": true, + "✠": true, + "↦": true, + "↦": true, + "↧": true, + "↤": true, + "↥": true, + "▮": true, + "⨩": true, + "м": true, + "—": true, + "∡": true, + "𝔪": true, + "℧": true, + "µ": true, + "µ": true, + "∣": true, + "*": true, + "⫰": true, + "·": true, + "·": true, + "−": true, + "⊟": true, + "∸": true, + "⨪": true, + "⫛": true, + "…": true, + "∓": true, + "⊧": true, + "𝕞": true, + "∓": true, + "𝓂": true, + "∾": true, + "μ": true, + "⊸": true, + "⊸": true, + "⋙̸": true, + "≫⃒": true, + "≫̸": true, + "⇍": true, + "⇎": true, + "⋘̸": true, + "≪⃒": true, + "≪̸": true, + "⇏": true, + "⊯": true, + "⊮": true, + "∇": true, + "ń": true, + "∠⃒": true, + "≉": true, + "⩰̸": true, + "≋̸": true, + "ʼn": true, + "≉": true, + "♮": true, + "♮": true, + "ℕ": true, + " ": true, + " ": true, + "≎̸": true, + "≏̸": true, + "⩃": true, + "ň": true, + "ņ": true, + "≇": true, + "⩭̸": true, + "⩂": true, + "н": true, + "–": true, + "≠": true, + "⇗": true, + "⤤": true, + "↗": true, + "↗": true, + "≐̸": true, + "≢": true, + "⤨": true, + "≂̸": true, + "∄": true, + "∄": true, + "𝔫": true, + "≧̸": true, + "≱": true, + "≱": true, + "≧̸": true, + "⩾̸": true, + "⩾̸": true, + "≵": true, + "≯": true, + "≯": true, + "⇎": true, + "↮": true, + "⫲": true, + "∋": true, + "⋼": true, + "⋺": true, + "∋": true, + "њ": true, + "⇍": true, + "≦̸": true, + "↚": true, + "‥": true, + "≰": true, + "↚": true, + "↮": true, + "≰": true, + "≦̸": true, + "⩽̸": true, + "⩽̸": true, + "≮": true, + "≴": true, + "≮": true, + "⋪": true, + "⋬": true, + "∤": true, + "𝕟": true, + "¬": true, + "¬": true, + "∉": true, + "⋹̸": true, + "⋵̸": true, + "∉": true, + "⋷": true, + "⋶": true, + "∌": true, + "∌": true, + "⋾": true, + "⋽": true, + "∦": true, + "∦": true, + "⫽⃥": true, + "∂̸": true, + "⨔": true, + "⊀": true, + "⋠": true, + "⪯̸": true, + "⊀": true, + "⪯̸": true, + "⇏": true, + "↛": true, + "⤳̸": true, + "↝̸": true, + "↛": true, + "⋫": true, + "⋭": true, + "⊁": true, + "⋡": true, + "⪰̸": true, + "𝓃": true, + "∤": true, + "∦": true, + "≁": true, + "≄": true, + "≄": true, + "∤": true, + "∦": true, + "⋢": true, + "⋣": true, + "⊄": true, + "⫅̸": true, + "⊈": true, + "⊂⃒": true, + "⊈": true, + "⫅̸": true, + "⊁": true, + "⪰̸": true, + "⊅": true, + "⫆̸": true, + "⊉": true, + "⊃⃒": true, + "⊉": true, + "⫆̸": true, + "≹": true, + "ñ": true, + "ñ": true, + "≸": true, + "⋪": true, + "⋬": true, + "⋫": true, + "⋭": true, + "ν": true, + "#": true, + "№": true, + " ": true, + "⊭": true, + "⤄": true, + "≍⃒": true, + "⊬": true, + "≥⃒": true, + ">⃒": true, + "⧞": true, + "⤂": true, + "≤⃒": true, + "<⃒": true, + "⊴⃒": true, + "⤃": true, + "⊵⃒": true, + "∼⃒": true, + "⇖": true, + "⤣": true, + "↖": true, + "↖": true, + "⤧": true, + "Ⓢ": true, + "ó": true, + "ó": true, + "⊛": true, + "⊚": true, + "ô": true, + "ô": true, + "о": true, + "⊝": true, + "ő": true, + "⨸": true, + "⊙": true, + "⦼": true, + "œ": true, + "⦿": true, + "𝔬": true, + "˛": true, + "ò": true, + "ò": true, + "⧁": true, + "⦵": true, + "Ω": true, + "∮": true, + "↺": true, + "⦾": true, + "⦻": true, + "‾": true, + "⧀": true, + "ō": true, + "ω": true, + "ο": true, + "⦶": true, + "⊖": true, + "𝕠": true, + "⦷": true, + "⦹": true, + "⊕": true, + "∨": true, + "↻": true, + "⩝": true, + "ℴ": true, + "ℴ": true, + "ª": true, + "ª": true, + "º": true, + "º": true, + "⊶": true, + "⩖": true, + "⩗": true, + "⩛": true, + "ℴ": true, + "ø": true, + "ø": true, + "⊘": true, + "õ": true, + "õ": true, + "⊗": true, + "⨶": true, + "ö": true, + "ö": true, + "⌽": true, + "∥": true, + "¶": true, + "¶": true, + "∥": true, + "⫳": true, + "⫽": true, + "∂": true, + "п": true, + "%": true, + ".": true, + "‰": true, + "⊥": true, + "‱": true, + "𝔭": true, + "φ": true, + "ϕ": true, + "ℳ": true, + "☎": true, + "π": true, + "⋔": true, + "ϖ": true, + "ℏ": true, + "ℎ": true, + "ℏ": true, + "+": true, + "⨣": true, + "⊞": true, + "⨢": true, + "∔": true, + "⨥": true, + "⩲": true, + "±": true, + "±": true, + "⨦": true, + "⨧": true, + "±": true, + "⨕": true, + "𝕡": true, + "£": true, + "£": true, + "≺": true, + "⪳": true, + "⪷": true, + "≼": true, + "⪯": true, + "≺": true, + "⪷": true, + "≼": true, + "⪯": true, + "⪹": true, + "⪵": true, + "⋨": true, + "≾": true, + "′": true, + "ℙ": true, + "⪵": true, + "⪹": true, + "⋨": true, + "∏": true, + "⌮": true, + "⌒": true, + "⌓": true, + "∝": true, + "∝": true, + "≾": true, + "⊰": true, + "𝓅": true, + "ψ": true, + " ": true, + "𝔮": true, + "⨌": true, + "𝕢": true, + "⁗": true, + "𝓆": true, + "ℍ": true, + "⨖": true, + "?": true, + "≟": true, + """: true, + """: true, + "⇛": true, + "⇒": true, + "⤜": true, + "⤏": true, + "⥤": true, + "∽̱": true, + "ŕ": true, + "√": true, + "⦳": true, + "⟩": true, + "⦒": true, + "⦥": true, + "⟩": true, + "»": true, + "»": true, + "→": true, + "⥵": true, + "⇥": true, + "⤠": true, + "⤳": true, + "⤞": true, + "↪": true, + "↬": true, + "⥅": true, + "⥴": true, + "↣": true, + "↝": true, + "⤚": true, + "∶": true, + "ℚ": true, + "⤍": true, + "❳": true, + "}": true, + "]": true, + "⦌": true, + "⦎": true, + "⦐": true, + "ř": true, + "ŗ": true, + "⌉": true, + "}": true, + "р": true, + "⤷": true, + "⥩": true, + "”": true, + "”": true, + "↳": true, + "ℜ": true, + "ℛ": true, + "ℜ": true, + "ℝ": true, + "▭": true, + "®": true, + "®": true, + "⥽": true, + "⌋": true, + "𝔯": true, + "⇁": true, + "⇀": true, + "⥬": true, + "ρ": true, + "ϱ": true, + "→": true, + "↣": true, + "⇁": true, + "⇀": true, + "⇄": true, + "⇌": true, + "⇉": true, + "↝": true, + "⋌": true, + "˚": true, + "≓": true, + "⇄": true, + "⇌": true, + "‏": true, + "⎱": true, + "⎱": true, + "⫮": true, + "⟭": true, + "⇾": true, + "⟧": true, + "⦆": true, + "𝕣": true, + "⨮": true, + "⨵": true, + ")": true, + "⦔": true, + "⨒": true, + "⇉": true, + "›": true, + "𝓇": true, + "↱": true, + "]": true, + "’": true, + "’": true, + "⋌": true, + "⋊": true, + "▹": true, + "⊵": true, + "▸": true, + "⧎": true, + "⥨": true, + "℞": true, + "ś": true, + "‚": true, + "≻": true, + "⪴": true, + "⪸": true, + "š": true, + "≽": true, + "⪰": true, + "ş": true, + "ŝ": true, + "⪶": true, + "⪺": true, + "⋩": true, + "⨓": true, + "≿": true, + "с": true, + "⋅": true, + "⊡": true, + "⩦": true, + "⇘": true, + "⤥": true, + "↘": true, + "↘": true, + "§": true, + "§": true, + ";": true, + "⤩": true, + "∖": true, + "∖": true, + "✶": true, + "𝔰": true, + "⌢": true, + "♯": true, + "щ": true, + "ш": true, + "∣": true, + "∥": true, + "­": true, + "­": true, + "σ": true, + "ς": true, + "ς": true, + "∼": true, + "⩪": true, + "≃": true, + "≃": true, + "⪞": true, + "⪠": true, + "⪝": true, + "⪟": true, + "≆": true, + "⨤": true, + "⥲": true, + "←": true, + "∖": true, + "⨳": true, + "⧤": true, + "∣": true, + "⌣": true, + "⪪": true, + "⪬": true, + "⪬︀": true, + "ь": true, + "/": true, + "⧄": true, + "⌿": true, + "𝕤": true, + "♠": true, + "♠": true, + "∥": true, + "⊓": true, + "⊓︀": true, + "⊔": true, + "⊔︀": true, + "⊏": true, + "⊑": true, + "⊏": true, + "⊑": true, + "⊐": true, + "⊒": true, + "⊐": true, + "⊒": true, + "□": true, + "□": true, + "▪": true, + "▪": true, + "→": true, + "𝓈": true, + "∖": true, + "⌣": true, + "⋆": true, + "☆": true, + "★": true, + "ϵ": true, + "ϕ": true, + "¯": true, + "⊂": true, + "⫅": true, + "⪽": true, + "⊆": true, + "⫃": true, + "⫁": true, + "⫋": true, + "⊊": true, + "⪿": true, + "⥹": true, + "⊂": true, + "⊆": true, + "⫅": true, + "⊊": true, + "⫋": true, + "⫇": true, + "⫕": true, + "⫓": true, + "≻": true, + "⪸": true, + "≽": true, + "⪰": true, + "⪺": true, + "⪶": true, + "⋩": true, + "≿": true, + "∑": true, + "♪": true, + "¹": true, + "¹": true, + "²": true, + "²": true, + "³": true, + "³": true, + "⊃": true, + "⫆": true, + "⪾": true, + "⫘": true, + "⊇": true, + "⫄": true, + "⟉": true, + "⫗": true, + "⥻": true, + "⫂": true, + "⫌": true, + "⊋": true, + "⫀": true, + "⊃": true, + "⊇": true, + "⫆": true, + "⊋": true, + "⫌": true, + "⫈": true, + "⫔": true, + "⫖": true, + "⇙": true, + "⤦": true, + "↙": true, + "↙": true, + "⤪": true, + "ß": true, + "ß": true, + "⌖": true, + "τ": true, + "⎴": true, + "ť": true, + "ţ": true, + "т": true, + "⃛": true, + "⌕": true, + "𝔱": true, + "∴": true, + "∴": true, + "θ": true, + "ϑ": true, + "ϑ": true, + "≈": true, + "∼": true, + " ": true, + "≈": true, + "∼": true, + "þ": true, + "þ": true, + "˜": true, + "×": true, + "×": true, + "⊠": true, + "⨱": true, + "⨰": true, + "∭": true, + "⤨": true, + "⊤": true, + "⌶": true, + "⫱": true, + "𝕥": true, + "⫚": true, + "⤩": true, + "‴": true, + "™": true, + "▵": true, + "▿": true, + "◃": true, + "⊴": true, + "≜": true, + "▹": true, + "⊵": true, + "◬": true, + "≜": true, + "⨺": true, + "⨹": true, + "⧍": true, + "⨻": true, + "⏢": true, + "𝓉": true, + "ц": true, + "ћ": true, + "ŧ": true, + "≬": true, + "↞": true, + "↠": true, + "⇑": true, + "⥣": true, + "ú": true, + "ú": true, + "↑": true, + "ў": true, + "ŭ": true, + "û": true, + "û": true, + "у": true, + "⇅": true, + "ű": true, + "⥮": true, + "⥾": true, + "𝔲": true, + "ù": true, + "ù": true, + "↿": true, + "↾": true, + "▀": true, + "⌜": true, + "⌜": true, + "⌏": true, + "◸": true, + "ū": true, + "¨": true, + "¨": true, + "ų": true, + "𝕦": true, + "↑": true, + "↕": true, + "↿": true, + "↾": true, + "⊎": true, + "υ": true, + "ϒ": true, + "υ": true, + "⇈": true, + "⌝": true, + "⌝": true, + "⌎": true, + "ů": true, + "◹": true, + "𝓊": true, + "⋰": true, + "ũ": true, + "▵": true, + "▴": true, + "⇈": true, + "ü": true, + "ü": true, + "⦧": true, + "⇕": true, + "⫨": true, + "⫩": true, + "⊨": true, + "⦜": true, + "ϵ": true, + "ϰ": true, + "∅": true, + "ϕ": true, + "ϖ": true, + "∝": true, + "↕": true, + "ϱ": true, + "ς": true, + "⊊︀": true, + "⫋︀": true, + "⊋︀": true, + "⫌︀": true, + "ϑ": true, + "⊲": true, + "⊳": true, + "в": true, + "⊢": true, + "∨": true, + "⊻": true, + "≚": true, + "⋮": true, + "|": true, + "|": true, + "𝔳": true, + "⊲": true, + "⊂⃒": true, + "⊃⃒": true, + "𝕧": true, + "∝": true, + "⊳": true, + "𝓋": true, + "⫋︀": true, + "⊊︀": true, + "⫌︀": true, + "⊋︀": true, + "⦚": true, + "ŵ": true, + "⩟": true, + "∧": true, + "≙": true, + "℘": true, + "𝔴": true, + "𝕨": true, + "℘": true, + "≀": true, + "≀": true, + "𝓌": true, + "⋂": true, + "◯": true, + "⋃": true, + "▽": true, + "𝔵": true, + "⟺": true, + "⟷": true, + "ξ": true, + "⟸": true, + "⟵": true, + "⟼": true, + "⋻": true, + "⨀": true, + "𝕩": true, + "⨁": true, + "⨂": true, + "⟹": true, + "⟶": true, + "𝓍": true, + "⨆": true, + "⨄": true, + "△": true, + "⋁": true, + "⋀": true, + "ý": true, + "ý": true, + "я": true, + "ŷ": true, + "ы": true, + "¥": true, + "¥": true, + "𝔶": true, + "ї": true, + "𝕪": true, + "𝓎": true, + "ю": true, + "ÿ": true, + "ÿ": true, + "ź": true, + "ž": true, + "з": true, + "ż": true, + "ℨ": true, + "ζ": true, + "𝔷": true, + "ж": true, + "⇝": true, + "𝕫": true, + "𝓏": true, + "‍": true, + "‌": true, +} diff --git a/vendor/github.com/russross/blackfriday/v2/esc.go b/vendor/github.com/russross/blackfriday/v2/esc.go index 6385f27cb6a4..6ab60102c9bf 100644 --- a/vendor/github.com/russross/blackfriday/v2/esc.go +++ b/vendor/github.com/russross/blackfriday/v2/esc.go @@ -13,13 +13,27 @@ var htmlEscaper = [256][]byte{ } func escapeHTML(w io.Writer, s []byte) { + escapeEntities(w, s, false) +} + +func escapeAllHTML(w io.Writer, s []byte) { + escapeEntities(w, s, true) +} + +func escapeEntities(w io.Writer, s []byte, escapeValidEntities bool) { var start, end int for end < len(s) { escSeq := htmlEscaper[s[end]] if escSeq != nil { - w.Write(s[start:end]) - w.Write(escSeq) - start = end + 1 + isEntity, entityEnd := nodeIsEntity(s, end) + if isEntity && !escapeValidEntities { + w.Write(s[start : entityEnd+1]) + start = entityEnd + 1 + } else { + w.Write(s[start:end]) + w.Write(escSeq) + start = end + 1 + } } end++ } @@ -28,6 +42,28 @@ func escapeHTML(w io.Writer, s []byte) { } } +func nodeIsEntity(s []byte, end int) (isEntity bool, endEntityPos int) { + isEntity = false + endEntityPos = end + 1 + + if s[end] == '&' { + for endEntityPos < len(s) { + if s[endEntityPos] == ';' { + if entities[string(s[end:endEntityPos+1])] { + isEntity = true + break + } + } + if !isalnum(s[endEntityPos]) && s[endEntityPos] != '&' && s[endEntityPos] != '#' { + break + } + endEntityPos++ + } + } + + return isEntity, endEntityPos +} + func escLink(w io.Writer, text []byte) { unesc := html.UnescapeString(string(text)) escapeHTML(w, []byte(unesc)) diff --git a/vendor/github.com/russross/blackfriday/v2/html.go b/vendor/github.com/russross/blackfriday/v2/html.go index 284c87184f77..cb4f26e30fd5 100644 --- a/vendor/github.com/russross/blackfriday/v2/html.go +++ b/vendor/github.com/russross/blackfriday/v2/html.go @@ -132,7 +132,10 @@ func NewHTMLRenderer(params HTMLRendererParameters) *HTMLRenderer { } if params.FootnoteReturnLinkContents == "" { - params.FootnoteReturnLinkContents = `[return]` + // U+FE0E is VARIATION SELECTOR-15. + // It suppresses automatic emoji presentation of the preceding + // U+21A9 LEFTWARDS ARROW WITH HOOK on iOS and iPadOS. + params.FootnoteReturnLinkContents = "↩\ufe0e" } return &HTMLRenderer{ @@ -616,7 +619,7 @@ func (r *HTMLRenderer) RenderNode(w io.Writer, node *Node, entering bool) WalkSt } case Code: r.out(w, codeTag) - escapeHTML(w, node.Literal) + escapeAllHTML(w, node.Literal) r.out(w, codeCloseTag) case Document: break @@ -762,7 +765,7 @@ func (r *HTMLRenderer) RenderNode(w io.Writer, node *Node, entering bool) WalkSt r.cr(w) r.out(w, preTag) r.tag(w, codeTag[:len(codeTag)-1], attrs) - escapeHTML(w, node.Literal) + escapeAllHTML(w, node.Literal) r.out(w, codeCloseTag) r.out(w, preCloseTag) if node.Parent.Type != Item { diff --git a/vendor/github.com/russross/blackfriday/v2/inline.go b/vendor/github.com/russross/blackfriday/v2/inline.go index 4ed2907921e0..d45bd941726e 100644 --- a/vendor/github.com/russross/blackfriday/v2/inline.go +++ b/vendor/github.com/russross/blackfriday/v2/inline.go @@ -278,7 +278,7 @@ func link(p *Markdown, data []byte, offset int) (int, *Node) { case data[i] == '\n': textHasNl = true - case data[i-1] == '\\': + case isBackslashEscaped(data, i): continue case data[i] == '[': diff --git a/vendor/github.com/russross/blackfriday/v2/node.go b/vendor/github.com/russross/blackfriday/v2/node.go index 51b9e8c1b538..04e6050ceeae 100644 --- a/vendor/github.com/russross/blackfriday/v2/node.go +++ b/vendor/github.com/russross/blackfriday/v2/node.go @@ -199,7 +199,8 @@ func (n *Node) InsertBefore(sibling *Node) { } } -func (n *Node) isContainer() bool { +// IsContainer returns true if 'n' can contain children. +func (n *Node) IsContainer() bool { switch n.Type { case Document: fallthrough @@ -238,6 +239,11 @@ func (n *Node) isContainer() bool { } } +// IsLeaf returns true if 'n' is a leaf node. +func (n *Node) IsLeaf() bool { + return !n.IsContainer() +} + func (n *Node) canContain(t NodeType) bool { if n.Type == List { return t == Item @@ -309,11 +315,11 @@ func newNodeWalker(root *Node) *nodeWalker { } func (nw *nodeWalker) next() { - if (!nw.current.isContainer() || !nw.entering) && nw.current == nw.root { + if (!nw.current.IsContainer() || !nw.entering) && nw.current == nw.root { nw.current = nil return } - if nw.entering && nw.current.isContainer() { + if nw.entering && nw.current.IsContainer() { if nw.current.FirstChild != nil { nw.current = nw.current.FirstChild nw.entering = true diff --git a/vendor/github.com/shurcooL/sanitized_anchor_name/LICENSE b/vendor/github.com/shurcooL/sanitized_anchor_name/LICENSE deleted file mode 100644 index c35c17af9808..000000000000 --- a/vendor/github.com/shurcooL/sanitized_anchor_name/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2015 Dmitri Shuralyov - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/vendor/github.com/shurcooL/sanitized_anchor_name/README.md b/vendor/github.com/shurcooL/sanitized_anchor_name/README.md deleted file mode 100644 index 670bf0fe6c79..000000000000 --- a/vendor/github.com/shurcooL/sanitized_anchor_name/README.md +++ /dev/null @@ -1,36 +0,0 @@ -sanitized_anchor_name -===================== - -[![Build Status](https://travis-ci.org/shurcooL/sanitized_anchor_name.svg?branch=master)](https://travis-ci.org/shurcooL/sanitized_anchor_name) [![GoDoc](https://godoc.org/github.com/shurcooL/sanitized_anchor_name?status.svg)](https://godoc.org/github.com/shurcooL/sanitized_anchor_name) - -Package sanitized_anchor_name provides a func to create sanitized anchor names. - -Its logic can be reused by multiple packages to create interoperable anchor names -and links to those anchors. - -At this time, it does not try to ensure that generated anchor names -are unique, that responsibility falls on the caller. - -Installation ------------- - -```bash -go get -u github.com/shurcooL/sanitized_anchor_name -``` - -Example -------- - -```Go -anchorName := sanitized_anchor_name.Create("This is a header") - -fmt.Println(anchorName) - -// Output: -// this-is-a-header -``` - -License -------- - -- [MIT License](LICENSE) diff --git a/vendor/github.com/shurcooL/sanitized_anchor_name/go.mod b/vendor/github.com/shurcooL/sanitized_anchor_name/go.mod deleted file mode 100644 index 1e2553475931..000000000000 --- a/vendor/github.com/shurcooL/sanitized_anchor_name/go.mod +++ /dev/null @@ -1 +0,0 @@ -module github.com/shurcooL/sanitized_anchor_name diff --git a/vendor/github.com/shurcooL/sanitized_anchor_name/main.go b/vendor/github.com/shurcooL/sanitized_anchor_name/main.go deleted file mode 100644 index 6a77d1243173..000000000000 --- a/vendor/github.com/shurcooL/sanitized_anchor_name/main.go +++ /dev/null @@ -1,29 +0,0 @@ -// Package sanitized_anchor_name provides a func to create sanitized anchor names. -// -// Its logic can be reused by multiple packages to create interoperable anchor names -// and links to those anchors. -// -// At this time, it does not try to ensure that generated anchor names -// are unique, that responsibility falls on the caller. -package sanitized_anchor_name // import "github.com/shurcooL/sanitized_anchor_name" - -import "unicode" - -// Create returns a sanitized anchor name for the given text. -func Create(text string) string { - var anchorName []rune - var futureDash = false - for _, r := range text { - switch { - case unicode.IsLetter(r) || unicode.IsNumber(r): - if futureDash && len(anchorName) > 0 { - anchorName = append(anchorName, '-') - } - futureDash = false - anchorName = append(anchorName, unicode.ToLower(r)) - default: - futureDash = true - } - } - return string(anchorName) -} From 260ba1a8a20e51d93ec22ecf90eb100af94f7f45 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 21 Jul 2021 10:28:34 +0200 Subject: [PATCH 077/127] vendor: cpuguy83/go-md2man/v2 v2.0.1 full diff: https://github.com/cpuguy83/go-md2man/compare/v2.0.0...v2.0.1 - Fix handling multiple definition descriptions - Fix inline markup causing table cells to split - Remove escaping tilde character (prevents tildes (`~`) from disappearing). - Do not escape dash, underscore, and ampersand (prevents ampersands (`&`) from disappearing). - Ignore unknown HTML tags to prevent noisy warnings With this, generating manpages becomes a lot less noisy; no more of these: WARNING: go-md2man does not handle node type HTMLSpan WARNING: go-md2man does not handle node type HTMLSpan WARNING: go-md2man does not handle node type HTMLSpan Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 13e8225007aa4a1b57159c4ed06f3ae558753b3c) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 2 +- .../github.com/cpuguy83/go-md2man/v2/go.mod | 8 +- .../cpuguy83/go-md2man/v2/md2man/roff.go | 105 ++++++++---------- 3 files changed, 51 insertions(+), 64 deletions(-) diff --git a/vendor.conf b/vendor.conf index 234c6812ae29..3f1bfe550e15 100755 --- a/vendor.conf +++ b/vendor.conf @@ -8,7 +8,7 @@ github.com/containerd/continuity efbc4488d8fe1bdc16bde3b2d299 github.com/containerd/cgroups 0b889c03f102012f1d93a97ddd3ef71cd6f4f510 github.com/containerd/typeurl cd3ce7159eae562a4f60ceff37dada11a939d247 # v1.0.1 github.com/coreos/etcd d57e8b8d97adfc4a6c224fe116714bf1a1f3beb9 # v3.3.12 -github.com/cpuguy83/go-md2man/v2 f79a8a8ca69da163eee19ab442bedad7a35bba5a # v2.0.0 +github.com/cpuguy83/go-md2man/v2 b1ec32e02fe539480dc03e3bf381c20066e7c6cc # v2.0.1 github.com/creack/pty 2a38352e8b4d7ab6c336eef107e42a55e72e7fbc # v1.1.11 github.com/davecgh/go-spew 8991bc29aa16c548c550c7ff78260e27b9ab7c73 # v1.1.1 github.com/docker/compose-on-kubernetes 78e6a00beda64ac8ccb9fec787e601fe2ce0d5bb # v0.5.0-alpha1 diff --git a/vendor/github.com/cpuguy83/go-md2man/v2/go.mod b/vendor/github.com/cpuguy83/go-md2man/v2/go.mod index ae5345814b97..0bc888da0dc6 100644 --- a/vendor/github.com/cpuguy83/go-md2man/v2/go.mod +++ b/vendor/github.com/cpuguy83/go-md2man/v2/go.mod @@ -1,9 +1,5 @@ module github.com/cpuguy83/go-md2man/v2 -go 1.12 +go 1.11 -require ( - github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/russross/blackfriday/v2 v2.0.1 - github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect -) +require github.com/russross/blackfriday/v2 v2.1.0 diff --git a/vendor/github.com/cpuguy83/go-md2man/v2/md2man/roff.go b/vendor/github.com/cpuguy83/go-md2man/v2/md2man/roff.go index 0668a66cf707..be2b3436062d 100644 --- a/vendor/github.com/cpuguy83/go-md2man/v2/md2man/roff.go +++ b/vendor/github.com/cpuguy83/go-md2man/v2/md2man/roff.go @@ -15,7 +15,7 @@ type roffRenderer struct { extensions blackfriday.Extensions listCounters []int firstHeader bool - defineTerm bool + firstDD bool listDepth int } @@ -42,7 +42,8 @@ const ( quoteCloseTag = "\n.RE\n" listTag = "\n.RS\n" listCloseTag = "\n.RE\n" - arglistTag = "\n.TP\n" + dtTag = "\n.TP\n" + dd2Tag = "\n" tableStart = "\n.TS\nallbox;\n" tableEnd = ".TE\n" tableCellStart = "T{\n" @@ -90,7 +91,7 @@ func (r *roffRenderer) RenderNode(w io.Writer, node *blackfriday.Node, entering switch node.Type { case blackfriday.Text: - r.handleText(w, node, entering) + escapeSpecialChars(w, node.Literal) case blackfriday.Softbreak: out(w, crTag) case blackfriday.Hardbreak: @@ -150,40 +151,21 @@ func (r *roffRenderer) RenderNode(w io.Writer, node *blackfriday.Node, entering out(w, codeCloseTag) case blackfriday.Table: r.handleTable(w, node, entering) - case blackfriday.TableCell: - r.handleTableCell(w, node, entering) case blackfriday.TableHead: case blackfriday.TableBody: case blackfriday.TableRow: // no action as cell entries do all the nroff formatting return blackfriday.GoToNext + case blackfriday.TableCell: + r.handleTableCell(w, node, entering) + case blackfriday.HTMLSpan: + // ignore other HTML tags default: fmt.Fprintln(os.Stderr, "WARNING: go-md2man does not handle node type "+node.Type.String()) } return walkAction } -func (r *roffRenderer) handleText(w io.Writer, node *blackfriday.Node, entering bool) { - var ( - start, end string - ) - // handle special roff table cell text encapsulation - if node.Parent.Type == blackfriday.TableCell { - if len(node.Literal) > 30 { - start = tableCellStart - end = tableCellEnd - } else { - // end rows that aren't terminated by "tableCellEnd" with a cr if end of row - if node.Parent.Next == nil && !node.Parent.IsHeader { - end = crTag - } - } - } - out(w, start) - escapeSpecialChars(w, node.Literal) - out(w, end) -} - func (r *roffRenderer) handleHeading(w io.Writer, node *blackfriday.Node, entering bool) { if entering { switch node.Level { @@ -230,15 +212,20 @@ func (r *roffRenderer) handleItem(w io.Writer, node *blackfriday.Node, entering if node.ListFlags&blackfriday.ListTypeOrdered != 0 { out(w, fmt.Sprintf(".IP \"%3d.\" 5\n", r.listCounters[len(r.listCounters)-1])) r.listCounters[len(r.listCounters)-1]++ + } else if node.ListFlags&blackfriday.ListTypeTerm != 0 { + // DT (definition term): line just before DD (see below). + out(w, dtTag) + r.firstDD = true } else if node.ListFlags&blackfriday.ListTypeDefinition != 0 { - // state machine for handling terms and following definitions - // since blackfriday does not distinguish them properly, nor - // does it seperate them into separate lists as it should - if !r.defineTerm { - out(w, arglistTag) - r.defineTerm = true + // DD (definition description): line that starts with ": ". + // + // We have to distinguish between the first DD and the + // subsequent ones, as there should be no vertical + // whitespace between the DT and the first DD. + if r.firstDD { + r.firstDD = false } else { - r.defineTerm = false + out(w, dd2Tag) } } else { out(w, ".IP \\(bu 2\n") @@ -251,7 +238,7 @@ func (r *roffRenderer) handleItem(w io.Writer, node *blackfriday.Node, entering func (r *roffRenderer) handleTable(w io.Writer, node *blackfriday.Node, entering bool) { if entering { out(w, tableStart) - //call walker to count cells (and rows?) so format section can be produced + // call walker to count cells (and rows?) so format section can be produced columns := countColumns(node) out(w, strings.Repeat("l ", columns)+"\n") out(w, strings.Repeat("l ", columns)+".\n") @@ -261,28 +248,41 @@ func (r *roffRenderer) handleTable(w io.Writer, node *blackfriday.Node, entering } func (r *roffRenderer) handleTableCell(w io.Writer, node *blackfriday.Node, entering bool) { - var ( - start, end string - ) - if node.IsHeader { - start = codespanTag - end = codespanCloseTag - } if entering { + var start string if node.Prev != nil && node.Prev.Type == blackfriday.TableCell { - out(w, "\t"+start) - } else { - out(w, start) + start = "\t" + } + if node.IsHeader { + start += codespanTag + } else if nodeLiteralSize(node) > 30 { + start += tableCellStart } + out(w, start) } else { - // need to carriage return if we are at the end of the header row - if node.IsHeader && node.Next == nil { - end = end + crTag + var end string + if node.IsHeader { + end = codespanCloseTag + } else if nodeLiteralSize(node) > 30 { + end = tableCellEnd + } + if node.Next == nil && end != tableCellEnd { + // Last cell: need to carriage return if we are at the end of the + // header row and content isn't wrapped in a "tablecell" + end += crTag } out(w, end) } } +func nodeLiteralSize(node *blackfriday.Node) int { + total := 0 + for n := node.FirstChild; n != nil; n = n.FirstChild { + total += len(n.Literal) + } + return total +} + // because roff format requires knowing the column count before outputting any table // data we need to walk a table tree and count the columns func countColumns(node *blackfriday.Node) int { @@ -309,15 +309,6 @@ func out(w io.Writer, output string) { io.WriteString(w, output) // nolint: errcheck } -func needsBackslash(c byte) bool { - for _, r := range []byte("-_&\\~") { - if c == r { - return true - } - } - return false -} - func escapeSpecialChars(w io.Writer, text []byte) { for i := 0; i < len(text); i++ { // escape initial apostrophe or period @@ -328,7 +319,7 @@ func escapeSpecialChars(w io.Writer, text []byte) { // directly copy normal characters org := i - for i < len(text) && !needsBackslash(text[i]) { + for i < len(text) && text[i] != '\\' { i++ } if i > org { From 8a647396314b40ca96ab8f94998255bab09803dd Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 22 Jul 2021 14:48:09 +0200 Subject: [PATCH 078/127] Update Dockerfiles to latest syntax, remove "experimental" The experimental image is deprecated (now "labs"), and the features we use are now included in the regular (stable) syntax. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 48dbf6f3cf7a124f5975a15ea3a7e6ae663682fc) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- dockerfiles/Dockerfile.dev | 3 ++- dockerfiles/Dockerfile.lint | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3c15b560fe7e..1027df05c216 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -#syntax=docker/dockerfile:1.2 +# syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine ARG GO_VERSION=1.13.15 diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index ddd1b6b72be2..a82eb728367d 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,4 +1,5 @@ -# syntax=docker/dockerfile:1.1.7-experimental +# syntax=docker/dockerfile:1.3 + ARG GO_VERSION=1.13.15 FROM golang:${GO_VERSION}-alpine AS golang diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 7b180f51e364..8c4923c1a383 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,4 +1,4 @@ -# syntax=docker/dockerfile:1.1.3-experimental +# syntax=docker/dockerfile:1.3 ARG GO_VERSION=1.13.15 ARG GOLANGCI_LINTER_SHA="v1.21.0" From 68a5ca859f5a85176ff40bccab0692361a8e1542 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 26 Jul 2021 17:29:52 +0200 Subject: [PATCH 079/127] cli/context: ignore linting warnings about RFC 1423 encryption From https://go-review.googlesource.com/c/go/+/264159 > It's unfortunate that we don't implement PKCS#8 encryption so we can't > recommend an alternative but PEM encryption is so broken that it's worth > deprecating outright. When linting on Go 1.16: cli/context/docker/load.go:69:6: SA1019: x509.IsEncryptedPEMBlock is deprecated: Legacy PEM encryption as specified in RFC 1423 is insecure by design. Since it does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext. (staticcheck) if x509.IsEncryptedPEMBlock(pemBlock) { ^ cli/context/docker/load.go:70:20: SA1019: x509.DecryptPEMBlock is deprecated: Legacy PEM encryption as specified in RFC 1423 is insecure by design. Since it does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext. (staticcheck) keyBytes, err = x509.DecryptPEMBlock(pemBlock, []byte(c.TLSPassword)) ^ Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 2688f25eb7fa0a8ae8590913407c80ec396ba012) Signed-off-by: Sebastiaan van Stijn --- cli/context/docker/load.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cli/context/docker/load.go b/cli/context/docker/load.go index c85d4b6d36ab..28c13c7fd810 100644 --- a/cli/context/docker/load.go +++ b/cli/context/docker/load.go @@ -66,8 +66,9 @@ func (c *Endpoint) tlsConfig() (*tls.Config, error) { } var err error - if x509.IsEncryptedPEMBlock(pemBlock) { - keyBytes, err = x509.DecryptPEMBlock(pemBlock, []byte(c.TLSPassword)) + // TODO should we follow Golang, and deprecate RFC 1423 encryption, and produce a warning (or just error)? see https://github.com/docker/cli/issues/3212 + if x509.IsEncryptedPEMBlock(pemBlock) { //nolint: staticcheck // SA1019: x509.IsEncryptedPEMBlock is deprecated, and insecure by design + keyBytes, err = x509.DecryptPEMBlock(pemBlock, []byte(c.TLSPassword)) //nolint: staticcheck // SA1019: x509.IsEncryptedPEMBlock is deprecated, and insecure by design if err != nil { return nil, errors.Wrap(err, "private key is encrypted, but could not decrypt it") } From 8437cfefae2599ca92660ee668cf237dc0a1360e Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 28 Jul 2021 12:45:09 +0200 Subject: [PATCH 080/127] context: deprecate support for encrypted TLS private keys > Legacy PEM encryption as specified in RFC 1423 is insecure by design. Since > it does not authenticate the ciphertext, it is vulnerable to padding oracle > attacks that can let an attacker recover the plaintext From https://go-review.googlesource.com/c/go/+/264159 > It's unfortunate that we don't implement PKCS#8 encryption so we can't > recommend an alternative but PEM encryption is so broken that it's worth > deprecating outright. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 15535d45947a5501248ba2bfbc433486f782a604) Signed-off-by: Sebastiaan van Stijn --- cli/command/cli.go | 2 +- cli/context/docker/load.go | 7 ++++++- docs/deprecated.md | 10 ++++++++++ 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/cli/command/cli.go b/cli/command/cli.go index 65ba4e82161c..fe6444f42f8d 100644 --- a/cli/command/cli.go +++ b/cli/command/cli.go @@ -255,7 +255,7 @@ func (cli *DockerCli) Initialize(opts *cliflags.ClientOptions, ops ...Initialize if tlsconfig.IsErrEncryptedKey(err) { passRetriever := passphrase.PromptRetrieverWithInOut(cli.In(), cli.Out(), nil) newClient := func(password string) (client.APIClient, error) { - cli.dockerEndpoint.TLSPassword = password + cli.dockerEndpoint.TLSPassword = password //nolint: staticcheck // SA1019: cli.dockerEndpoint.TLSPassword is deprecated return newAPIClientFromEndpoint(cli.dockerEndpoint, cli.configFile) } cli.client, err = getClientWithPassword(passRetriever, newClient) diff --git a/cli/context/docker/load.go b/cli/context/docker/load.go index 28c13c7fd810..ccfee02d1c17 100644 --- a/cli/context/docker/load.go +++ b/cli/context/docker/load.go @@ -26,7 +26,12 @@ type EndpointMeta = context.EndpointMetaBase // a Docker Engine endpoint, with its tls data type Endpoint struct { EndpointMeta - TLSData *context.TLSData + TLSData *context.TLSData + + // Deprecated: Use of encrypted TLS private keys has been deprecated, and + // will be removed in a future release. Golang has deprecated support for + // legacy PEM encryption (as specified in RFC 1423), as it is insecure by + // design (see https://go-review.googlesource.com/c/go/+/264159). TLSPassword string } diff --git a/docs/deprecated.md b/docs/deprecated.md index 5d18481ad0f5..34cd3ec195d2 100644 --- a/docs/deprecated.md +++ b/docs/deprecated.md @@ -50,6 +50,7 @@ The table below provides an overview of the current status of deprecated feature Status | Feature | Deprecated | Remove -----------|------------------------------------------------------------------------------------------------------------------------------------|------------|------------ +Deprecated | [Support for encrypted TLS private keys](#support-for-encrypted-tls-private-keys) | v20.10 | - Deprecated | [Kubernetes stack and context support](#kubernetes-stack-and-context-support) | v20.10 | - Deprecated | [Pulling images from non-compliant image registries](#pulling-images-from-non-compliant-image-registries) | v20.10 | - Deprecated | [Linux containers on Windows (LCOW)](#linux-containers-on-windows-lcow-experimental) | v20.10 | - @@ -98,6 +99,15 @@ Removed | [`--api-enable-cors` flag on `dockerd`](#--api-enable-cors-flag-on- Removed | [`--run` flag on `docker commit`](#--run-flag-on-docker-commit) | v0.10 | v1.13 Removed | [Three arguments form in `docker import`](#three-arguments-form-in-docker-import) | v0.6.7 | v1.12 +### Support for encrypted TLS private keys + +**Deprecated in Release: v20.10** + +Use of encrypted TLS private keys has been deprecated, and will be removed in a +future release. Golang has deprecated support for legacy PEM encryption (as +specified in [RFC 1423](https://datatracker.ietf.org/doc/html/rfc1423)), as it +is insecure by design (see [https://go-review.googlesource.com/c/go/+/264159](https://go-review.googlesource.com/c/go/+/264159)). + ### Kubernetes stack and context support **Deprecated in Release: v20.10** From c98e9c47ca004f03b8df5a51bcfc3fab464e67c1 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 30 Apr 2021 09:31:41 +0200 Subject: [PATCH 081/127] Use designated test domains (RFC2606) in tests Some tests were using domain names that were intended to be "fake", but are actually registered domain names (such as mycorp.com). Even though we were not actually making connections to these domains, it's better to use domains that are designated for testing/examples in RFC2606: https://tools.ietf.org/html/rfc2606 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit f3886f354a918d61933d648db10b128a5f6401b1) Signed-off-by: Sebastiaan van Stijn --- cli/command/cli_test.go | 8 +++---- cli/command/container/create_test.go | 2 +- cli/command/context/create_test.go | 6 ++--- cli/command/context/list_test.go | 2 +- cli/command/context/testdata/inspect.golden | 4 ++-- cli/command/context/testdata/list.golden | 10 ++++---- cli/command/context/testdata/test-kubeconfig | 2 +- cli/command/image/trust_test.go | 6 ++--- cli/command/registry_test.go | 4 ++-- cli/command/swarm/ca_test.go | 14 ++++++------ cli/config/configfile/file_test.go | 24 ++++++++++---------- cli/config/credentials/file_store_test.go | 4 ++-- cli/connhelper/connhelper.go | 4 ++-- 13 files changed, 45 insertions(+), 45 deletions(-) diff --git a/cli/command/cli_test.go b/cli/command/cli_test.go index 65cacdc61d27..4099e7e7bb36 100644 --- a/cli/command/cli_test.go +++ b/cli/command/cli_test.go @@ -81,8 +81,8 @@ func TestNewAPIClientFromFlagsWithAPIVersionFromEnv(t *testing.T) { } func TestNewAPIClientFromFlagsWithHttpProxyEnv(t *testing.T) { - defer env.Patch(t, "HTTP_PROXY", "http://proxy.acme.com:1234")() - defer env.Patch(t, "DOCKER_HOST", "tcp://docker.acme.com:2376")() + defer env.Patch(t, "HTTP_PROXY", "http://proxy.acme.example.com:1234")() + defer env.Patch(t, "DOCKER_HOST", "tcp://docker.acme.example.com:2376")() opts := &flags.CommonOptions{} configFile := &configfile.ConfigFile{} @@ -91,11 +91,11 @@ func TestNewAPIClientFromFlagsWithHttpProxyEnv(t *testing.T) { transport, ok := apiclient.HTTPClient().Transport.(*http.Transport) assert.Assert(t, ok) assert.Assert(t, transport.Proxy != nil) - request, err := http.NewRequest(http.MethodGet, "tcp://docker.acme.com:2376", nil) + request, err := http.NewRequest(http.MethodGet, "tcp://docker.acme.example.com:2376", nil) assert.NilError(t, err) url, err := transport.Proxy(request) assert.NilError(t, err) - assert.Check(t, is.Equal("http://proxy.acme.com:1234", url.String())) + assert.Check(t, is.Equal("http://proxy.acme.example.com:1234", url.String())) } type fakeClient struct { diff --git a/cli/command/container/create_test.go b/cli/command/container/create_test.go index 15a9c4174915..54a83ce75d44 100644 --- a/cli/command/container/create_test.go +++ b/cli/command/container/create_test.go @@ -133,7 +133,7 @@ func TestCreateContainerImagePullPolicy(t *testing.T) { return ioutil.NopCloser(strings.NewReader("")), nil }, infoFunc: func() (types.Info, error) { - return types.Info{IndexServerAddress: "http://indexserver"}, nil + return types.Info{IndexServerAddress: "https://indexserver.example.com"}, nil }, } cli := test.NewFakeCli(client) diff --git a/cli/command/context/create_test.go b/cli/command/context/create_test.go index 916672daee6a..afdd8bef3f23 100644 --- a/cli/command/context/create_test.go +++ b/cli/command/context/create_test.go @@ -169,7 +169,7 @@ func validateTestKubeEndpoint(t *testing.T, s store.Reader, name string) { kubeMeta := ctxMetadata.Endpoints[kubernetes.KubernetesEndpoint].(kubernetes.EndpointMeta) kubeEP, err := kubeMeta.WithTLSData(s, name) assert.NilError(t, err) - assert.Equal(t, "https://someserver", kubeEP.Host) + assert.Equal(t, "https://someserver.example.com", kubeEP.Host) assert.Equal(t, "the-ca", string(kubeEP.TLSData.CA)) assert.Equal(t, "the-cert", string(kubeEP.TLSData.Cert)) assert.Equal(t, "the-key", string(kubeEP.TLSData.Key)) @@ -287,7 +287,7 @@ func TestCreateFromContext(t *testing.T) { assert.Equal(t, newContextTyped.Description, c.expectedDescription) assert.Equal(t, newContextTyped.StackOrchestrator, c.expectedOrchestrator) assert.Equal(t, dockerEndpoint.Host, "tcp://42.42.42.42:2375") - assert.Equal(t, kubeEndpoint.Host, "https://someserver") + assert.Equal(t, kubeEndpoint.Host, "https://someserver.example.com") }) } } @@ -361,7 +361,7 @@ func TestCreateFromCurrent(t *testing.T) { assert.Equal(t, newContextTyped.Description, c.expectedDescription) assert.Equal(t, newContextTyped.StackOrchestrator, c.expectedOrchestrator) assert.Equal(t, dockerEndpoint.Host, "tcp://42.42.42.42:2375") - assert.Equal(t, kubeEndpoint.Host, "https://someserver") + assert.Equal(t, kubeEndpoint.Host, "https://someserver.example.com") }) } } diff --git a/cli/command/context/list_test.go b/cli/command/context/list_test.go index d628493fc31b..b71a78b5a98c 100644 --- a/cli/command/context/list_test.go +++ b/cli/command/context/list_test.go @@ -18,7 +18,7 @@ func createTestContextWithKubeAndSwarm(t *testing.T, cli command.Cli, name strin DefaultStackOrchestrator: orchestrator, Description: "description of " + name, Kubernetes: map[string]string{keyFrom: "default"}, - Docker: map[string]string{keyHost: "https://someswarmserver"}, + Docker: map[string]string{keyHost: "https://someswarmserver.example.com"}, }) assert.NilError(t, err) } diff --git a/cli/command/context/testdata/inspect.golden b/cli/command/context/testdata/inspect.golden index d520b4f93ca3..5578411950ab 100644 --- a/cli/command/context/testdata/inspect.golden +++ b/cli/command/context/testdata/inspect.golden @@ -7,11 +7,11 @@ }, "Endpoints": { "docker": { - "Host": "https://someswarmserver", + "Host": "https://someswarmserver.example.com", "SkipTLSVerify": false }, "kubernetes": { - "Host": "https://someserver", + "Host": "https://someserver.example.com", "SkipTLSVerify": false, "DefaultNamespace": "default" } diff --git a/cli/command/context/testdata/list.golden b/cli/command/context/testdata/list.golden index 6909a8d7f5bf..b1a2ec7c240d 100644 --- a/cli/command/context/testdata/list.golden +++ b/cli/command/context/testdata/list.golden @@ -1,5 +1,5 @@ -NAME DESCRIPTION DOCKER ENDPOINT KUBERNETES ENDPOINT ORCHESTRATOR -current * description of current https://someswarmserver https://someserver (default) all -default Current DOCKER_HOST based configuration unix:///var/run/docker.sock swarm -other description of other https://someswarmserver https://someserver (default) all -unset description of unset https://someswarmserver https://someserver (default) +NAME DESCRIPTION DOCKER ENDPOINT KUBERNETES ENDPOINT ORCHESTRATOR +current * description of current https://someswarmserver.example.com https://someserver.example.com (default) all +default Current DOCKER_HOST based configuration unix:///var/run/docker.sock swarm +other description of other https://someswarmserver.example.com https://someserver.example.com (default) all +unset description of unset https://someswarmserver.example.com https://someserver.example.com (default) diff --git a/cli/command/context/testdata/test-kubeconfig b/cli/command/context/testdata/test-kubeconfig index f6baf8e843de..5d5c858ed8f2 100644 --- a/cli/command/context/testdata/test-kubeconfig +++ b/cli/command/context/testdata/test-kubeconfig @@ -2,7 +2,7 @@ apiVersion: v1 clusters: - cluster: certificate-authority-data: dGhlLWNh - server: https://someserver + server: https://someserver.example.com name: test-cluster contexts: - context: diff --git a/cli/command/image/trust_test.go b/cli/command/image/trust_test.go index 11b3e1b170fa..b7279dc330b7 100644 --- a/cli/command/image/trust_test.go +++ b/cli/command/image/trust_test.go @@ -15,17 +15,17 @@ import ( ) func TestENVTrustServer(t *testing.T) { - defer env.PatchAll(t, map[string]string{"DOCKER_CONTENT_TRUST_SERVER": "https://notary-test.com:5000"})() + defer env.PatchAll(t, map[string]string{"DOCKER_CONTENT_TRUST_SERVER": "https://notary-test.example.com:5000"})() indexInfo := ®istrytypes.IndexInfo{Name: "testserver"} output, err := trust.Server(indexInfo) - expectedStr := "https://notary-test.com:5000" + expectedStr := "https://notary-test.example.com:5000" if err != nil || output != expectedStr { t.Fatalf("Expected server to be %s, got %s", expectedStr, output) } } func TestHTTPENVTrustServer(t *testing.T) { - defer env.PatchAll(t, map[string]string{"DOCKER_CONTENT_TRUST_SERVER": "http://notary-test.com:5000"})() + defer env.PatchAll(t, map[string]string{"DOCKER_CONTENT_TRUST_SERVER": "http://notary-test.example.com:5000"})() indexInfo := ®istrytypes.IndexInfo{Name: "testserver"} _, err := trust.Server(indexInfo) if err == nil { diff --git a/cli/command/registry_test.go b/cli/command/registry_test.go index ae7c3ac052f0..ba6a17a0550c 100644 --- a/cli/command/registry_test.go +++ b/cli/command/registry_test.go @@ -66,10 +66,10 @@ func TestElectAuthServer(t *testing.T) { }, }, { - expectedAuthServer: "https://foo.bar", + expectedAuthServer: "https://foo.example.com", expectedWarning: "", infoFunc: func() (types.Info, error) { - return types.Info{IndexServerAddress: "https://foo.bar"}, nil + return types.Info{IndexServerAddress: "https://foo.example.com"}, nil }, }, { diff --git a/cli/command/swarm/ca_test.go b/cli/command/swarm/ca_test.go index e9fafcaf71f0..1f65647c5880 100644 --- a/cli/command/swarm/ca_test.go +++ b/cli/command/swarm/ca_test.go @@ -104,20 +104,20 @@ func TestDisplayTrustRootInvalidFlags(t *testing.T) { errorMsg: "flag requires the `--rotate` flag to update the CA", }, { - args: []string{"--external-ca=protocol=cfssl,url=https://some.com/https/url"}, + args: []string{"--external-ca=protocol=cfssl,url=https://some.example.com/https/url"}, errorMsg: "flag requires the `--rotate` flag to update the CA", }, { // to make sure we're not erroring because we didn't provide a CA cert and external CA args: []string{ "--ca-cert=" + tmpfile, - "--external-ca=protocol=cfssl,url=https://some.com/https/url", + "--external-ca=protocol=cfssl,url=https://some.example.com/https/url", }, errorMsg: "flag requires the `--rotate` flag to update the CA", }, { args: []string{ "--rotate", - "--external-ca=protocol=cfssl,url=https://some.com/https/url", + "--external-ca=protocol=cfssl,url=https://some.example.com/https/url", }, errorMsg: "rotating to an external CA requires the `--ca-cert` flag to specify the external CA's cert - " + "to add an external CA with the current root CA certificate, use the `update` command instead", @@ -243,7 +243,7 @@ func TestUpdateSwarmSpecCertAndExternalCA(t *testing.T) { "--rotate", "--detach", "--ca-cert=" + certfile, - "--external-ca=protocol=cfssl,url=https://some.external.ca"}) + "--external-ca=protocol=cfssl,url=https://some.external.ca.example.com"}) cmd.SetOut(cli.OutBuffer()) assert.NilError(t, cmd.Execute()) @@ -253,7 +253,7 @@ func TestUpdateSwarmSpecCertAndExternalCA(t *testing.T) { expected.CAConfig.ExternalCAs = []*swarm.ExternalCA{ { Protocol: swarm.ExternalCAProtocolCFSSL, - URL: "https://some.external.ca", + URL: "https://some.external.ca.example.com", CACert: cert, Options: make(map[string]string), }, @@ -281,7 +281,7 @@ func TestUpdateSwarmSpecCertAndKeyAndExternalCA(t *testing.T) { "--detach", "--ca-cert=" + certfile, "--ca-key=" + keyfile, - "--external-ca=protocol=cfssl,url=https://some.external.ca"}) + "--external-ca=protocol=cfssl,url=https://some.external.ca.example.com"}) cmd.SetOut(cli.OutBuffer()) assert.NilError(t, cmd.Execute()) @@ -291,7 +291,7 @@ func TestUpdateSwarmSpecCertAndKeyAndExternalCA(t *testing.T) { expected.CAConfig.ExternalCAs = []*swarm.ExternalCA{ { Protocol: swarm.ExternalCAProtocolCFSSL, - URL: "https://some.external.ca", + URL: "https://some.external.ca.example.com", CACert: cert, Options: make(map[string]string), }, diff --git a/cli/config/configfile/file_test.go b/cli/config/configfile/file_test.go index 0ed7b73fdd04..f174bf739eb5 100644 --- a/cli/config/configfile/file_test.go +++ b/cli/config/configfile/file_test.go @@ -27,10 +27,10 @@ func TestEncodeAuth(t *testing.T) { } func TestProxyConfig(t *testing.T) { - httpProxy := "http://proxy.mycorp.com:3128" - httpsProxy := "https://user:password@proxy.mycorp.com:3129" - ftpProxy := "http://ftpproxy.mycorp.com:21" - noProxy := "*.intra.mycorp.com" + httpProxy := "http://proxy.mycorp.example.com:3128" + httpsProxy := "https://user:password@proxy.mycorp.example.com:3129" + ftpProxy := "http://ftpproxy.mycorp.example.com:21" + noProxy := "*.intra.mycorp.example.com" defaultProxyConfig := ProxyConfig{ HTTPProxy: httpProxy, HTTPSProxy: httpsProxy, @@ -59,12 +59,12 @@ func TestProxyConfig(t *testing.T) { } func TestProxyConfigOverride(t *testing.T) { - httpProxy := "http://proxy.mycorp.com:3128" + httpProxy := "http://proxy.mycorp.example.com:3128" overrideHTTPProxy := "http://proxy.example.com:3128" overrideNoProxy := "" - httpsProxy := "https://user:password@proxy.mycorp.com:3129" - ftpProxy := "http://ftpproxy.mycorp.com:21" - noProxy := "*.intra.mycorp.com" + httpsProxy := "https://user:password@proxy.mycorp.example.com:3129" + ftpProxy := "http://ftpproxy.mycorp.example.com:21" + noProxy := "*.intra.mycorp.example.com" defaultProxyConfig := ProxyConfig{ HTTPProxy: httpProxy, HTTPSProxy: httpsProxy, @@ -102,10 +102,10 @@ func TestProxyConfigOverride(t *testing.T) { } func TestProxyConfigPerHost(t *testing.T) { - httpProxy := "http://proxy.mycorp.com:3128" - httpsProxy := "https://user:password@proxy.mycorp.com:3129" - ftpProxy := "http://ftpproxy.mycorp.com:21" - noProxy := "*.intra.mycorp.com" + httpProxy := "http://proxy.mycorp.example.com:3128" + httpsProxy := "https://user:password@proxy.mycorp.example.com:3129" + ftpProxy := "http://ftpproxy.mycorp.example.com:21" + noProxy := "*.intra.mycorp.example.com" extHTTPProxy := "http://proxy.example.com:3128" extHTTPSProxy := "https://user:password@proxy.example.com:3129" diff --git a/cli/config/credentials/file_store_test.go b/cli/config/credentials/file_store_test.go index 3a95f2be207b..f04fe22e1ca0 100644 --- a/cli/config/credentials/file_store_test.go +++ b/cli/config/credentials/file_store_test.go @@ -70,7 +70,7 @@ func TestFileStoreGet(t *testing.T) { func TestFileStoreGetAll(t *testing.T) { s1 := "https://example.com" - s2 := "https://example2.com" + s2 := "https://example2.example.com" f := newStore(map[string]types.AuthConfig{ s1: { Auth: "super_secret_token", @@ -80,7 +80,7 @@ func TestFileStoreGetAll(t *testing.T) { s2: { Auth: "super_secret_token2", Email: "foo@example2.com", - ServerAddress: "https://example2.com", + ServerAddress: "https://example2.example.com", }, }) diff --git a/cli/connhelper/connhelper.go b/cli/connhelper/connhelper.go index e349b3eaefc3..9ac9d6744d45 100644 --- a/cli/connhelper/connhelper.go +++ b/cli/connhelper/connhelper.go @@ -49,7 +49,7 @@ func getConnectionHelper(daemonURL string, sshFlags []string) (*ConnectionHelper Dialer: func(ctx context.Context, network, addr string) (net.Conn, error) { return commandconn.New(ctx, "ssh", append(sshFlags, sp.Args("docker", "system", "dial-stdio")...)...) }, - Host: "http://docker", + Host: "http://docker.example.com", }, nil } // Future version may support plugins via ~/.docker/config.json. e.g. "dind" @@ -63,6 +63,6 @@ func GetCommandConnectionHelper(cmd string, flags ...string) (*ConnectionHelper, Dialer: func(ctx context.Context, network, addr string) (net.Conn, error) { return commandconn.New(ctx, cmd, flags...) }, - Host: "http://docker", + Host: "http://docker.example.com", }, nil } From 1e9575e81a41f7662c88cdc75cfeeb9070cb2023 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 30 Apr 2021 09:43:13 +0200 Subject: [PATCH 082/127] cli/config/configfile: various test cleanups - use var/const blocks when declaring a list of variables - use const where possible TestCheckKubernetesConfigurationRaiseAnErrorOnInvalidValue: - use keys when assigning values - make sure test is dereferenced in the loop - use subtests Signed-off-by: Sebastiaan van Stijn (cherry picked from commit be327a4f0fa8aa8a8da8ad47f060a10ed67bc3d7) Signed-off-by: Sebastiaan van Stijn --- cli/config/configfile/file_test.go | 181 ++++++++++++++++------------- 1 file changed, 98 insertions(+), 83 deletions(-) diff --git a/cli/config/configfile/file_test.go b/cli/config/configfile/file_test.go index f174bf739eb5..fbab2930f776 100644 --- a/cli/config/configfile/file_test.go +++ b/cli/config/configfile/file_test.go @@ -27,16 +27,19 @@ func TestEncodeAuth(t *testing.T) { } func TestProxyConfig(t *testing.T) { - httpProxy := "http://proxy.mycorp.example.com:3128" - httpsProxy := "https://user:password@proxy.mycorp.example.com:3129" - ftpProxy := "http://ftpproxy.mycorp.example.com:21" - noProxy := "*.intra.mycorp.example.com" - defaultProxyConfig := ProxyConfig{ - HTTPProxy: httpProxy, - HTTPSProxy: httpsProxy, - FTPProxy: ftpProxy, - NoProxy: noProxy, - } + var ( + httpProxy = "http://proxy.mycorp.example.com:3128" + httpsProxy = "https://user:password@proxy.mycorp.example.com:3129" + ftpProxy = "http://ftpproxy.mycorp.example.com:21" + noProxy = "*.intra.mycorp.example.com" + + defaultProxyConfig = ProxyConfig{ + HTTPProxy: httpProxy, + HTTPSProxy: httpsProxy, + FTPProxy: ftpProxy, + NoProxy: noProxy, + } + ) cfg := ConfigFile{ Proxies: map[string]ProxyConfig{ @@ -59,18 +62,21 @@ func TestProxyConfig(t *testing.T) { } func TestProxyConfigOverride(t *testing.T) { - httpProxy := "http://proxy.mycorp.example.com:3128" - overrideHTTPProxy := "http://proxy.example.com:3128" - overrideNoProxy := "" - httpsProxy := "https://user:password@proxy.mycorp.example.com:3129" - ftpProxy := "http://ftpproxy.mycorp.example.com:21" - noProxy := "*.intra.mycorp.example.com" - defaultProxyConfig := ProxyConfig{ - HTTPProxy: httpProxy, - HTTPSProxy: httpsProxy, - FTPProxy: ftpProxy, - NoProxy: noProxy, - } + var ( + httpProxy = "http://proxy.mycorp.example.com:3128" + httpProxyOverride = "http://proxy.example.com:3128" + httpsProxy = "https://user:password@proxy.mycorp.example.com:3129" + ftpProxy = "http://ftpproxy.mycorp.example.com:21" + noProxy = "*.intra.mycorp.example.com" + noProxyOverride = "" + + defaultProxyConfig = ProxyConfig{ + HTTPProxy: httpProxy, + HTTPSProxy: httpsProxy, + FTPProxy: ftpProxy, + NoProxy: noProxy, + } + ) cfg := ConfigFile{ Proxies: map[string]ProxyConfig{ @@ -84,46 +90,49 @@ func TestProxyConfigOverride(t *testing.T) { } ropts := map[string]*string{ - "HTTP_PROXY": clone(overrideHTTPProxy), - "NO_PROXY": clone(overrideNoProxy), + "HTTP_PROXY": clone(httpProxyOverride), + "NO_PROXY": clone(noProxyOverride), } proxyConfig := cfg.ParseProxyConfig("/var/run/docker.sock", ropts) expected := map[string]*string{ - "HTTP_PROXY": &overrideHTTPProxy, + "HTTP_PROXY": &httpProxyOverride, "http_proxy": &httpProxy, "HTTPS_PROXY": &httpsProxy, "https_proxy": &httpsProxy, "FTP_PROXY": &ftpProxy, "ftp_proxy": &ftpProxy, - "NO_PROXY": &overrideNoProxy, + "NO_PROXY": &noProxyOverride, "no_proxy": &noProxy, } assert.Check(t, is.DeepEqual(expected, proxyConfig)) } func TestProxyConfigPerHost(t *testing.T) { - httpProxy := "http://proxy.mycorp.example.com:3128" - httpsProxy := "https://user:password@proxy.mycorp.example.com:3129" - ftpProxy := "http://ftpproxy.mycorp.example.com:21" - noProxy := "*.intra.mycorp.example.com" - - extHTTPProxy := "http://proxy.example.com:3128" - extHTTPSProxy := "https://user:password@proxy.example.com:3129" - extFTPProxy := "http://ftpproxy.example.com:21" - extNoProxy := "*.intra.example.com" - - defaultProxyConfig := ProxyConfig{ - HTTPProxy: httpProxy, - HTTPSProxy: httpsProxy, - FTPProxy: ftpProxy, - NoProxy: noProxy, - } - externalProxyConfig := ProxyConfig{ - HTTPProxy: extHTTPProxy, - HTTPSProxy: extHTTPSProxy, - FTPProxy: extFTPProxy, - NoProxy: extNoProxy, - } + var ( + httpProxy = "http://proxy.mycorp.example.com:3128" + httpsProxy = "https://user:password@proxy.mycorp.example.com:3129" + ftpProxy = "http://ftpproxy.mycorp.example.com:21" + noProxy = "*.intra.mycorp.example.com" + + extHTTPProxy = "http://proxy.example.com:3128" + extHTTPSProxy = "https://user:password@proxy.example.com:3129" + extFTPProxy = "http://ftpproxy.example.com:21" + extNoProxy = "*.intra.example.com" + + defaultProxyConfig = ProxyConfig{ + HTTPProxy: httpProxy, + HTTPSProxy: httpsProxy, + FTPProxy: ftpProxy, + NoProxy: noProxy, + } + + externalProxyConfig = ProxyConfig{ + HTTPProxy: extHTTPProxy, + HTTPSProxy: extHTTPSProxy, + FTPProxy: extFTPProxy, + NoProxy: extNoProxy, + } + ) cfg := ConfigFile{ Proxies: map[string]ProxyConfig{ @@ -226,9 +235,11 @@ func TestGetAllCredentialsCredsStore(t *testing.T) { } func TestGetAllCredentialsCredHelper(t *testing.T) { - testCredHelperSuffix := "test_cred_helper" - testCredHelperRegistryHostname := "credhelper.com" - testExtraCredHelperRegistryHostname := "somethingweird.com" + const ( + testCredHelperSuffix = "test_cred_helper" + testCredHelperRegistryHostname = "credhelper.com" + testExtraCredHelperRegistryHostname = "somethingweird.com" + ) unexpectedCredHelperAuth := types.AuthConfig{ Username: "file_store_user", @@ -265,9 +276,11 @@ func TestGetAllCredentialsCredHelper(t *testing.T) { } func TestGetAllCredentialsFileStoreAndCredHelper(t *testing.T) { - testFileStoreRegistryHostname := "example.com" - testCredHelperSuffix := "test_cred_helper" - testCredHelperRegistryHostname := "credhelper.com" + const ( + testFileStoreRegistryHostname = "example.com" + testCredHelperSuffix = "test_cred_helper" + testCredHelperRegistryHostname = "credhelper.com" + ) expectedFileStoreAuth := types.AuthConfig{ Username: "file_store_user", @@ -301,10 +314,12 @@ func TestGetAllCredentialsFileStoreAndCredHelper(t *testing.T) { } func TestGetAllCredentialsCredStoreAndCredHelper(t *testing.T) { - testCredStoreSuffix := "test_creds_store" - testCredStoreRegistryHostname := "credstore.com" - testCredHelperSuffix := "test_cred_helper" - testCredHelperRegistryHostname := "credhelper.com" + const ( + testCredStoreSuffix = "test_creds_store" + testCredStoreRegistryHostname = "credstore.com" + testCredHelperSuffix = "test_cred_helper" + testCredHelperRegistryHostname = "credhelper.com" + ) configFile := New("filename") configFile.CredentialsStore = testCredStoreSuffix @@ -343,9 +358,11 @@ func TestGetAllCredentialsCredStoreAndCredHelper(t *testing.T) { } func TestGetAllCredentialsCredHelperOverridesDefaultStore(t *testing.T) { - testCredStoreSuffix := "test_creds_store" - testCredHelperSuffix := "test_cred_helper" - testRegistryHostname := "example.com" + const ( + testCredStoreSuffix = "test_creds_store" + testCredHelperSuffix = "test_cred_helper" + testRegistryHostname = "example.com" + ) configFile := New("filename") configFile.CredentialsStore = testCredStoreSuffix @@ -424,38 +441,36 @@ func TestCheckKubernetesConfigurationRaiseAnErrorOnInvalidValue(t *testing.T) { expectError bool }{ { - "no kubernetes config is valid", - nil, - false, + name: "no kubernetes config is valid", }, { - "enabled is valid", - &KubernetesConfig{AllNamespaces: "enabled"}, - false, + name: "enabled is valid", + config: &KubernetesConfig{AllNamespaces: "enabled"}, }, { - "disabled is valid", - &KubernetesConfig{AllNamespaces: "disabled"}, - false, + name: "disabled is valid", + config: &KubernetesConfig{AllNamespaces: "disabled"}, }, { - "empty string is valid", - &KubernetesConfig{AllNamespaces: ""}, - false, + name: "empty string is valid", + config: &KubernetesConfig{AllNamespaces: ""}, }, { - "other value is invalid", - &KubernetesConfig{AllNamespaces: "unknown"}, - true, + name: "other value is invalid", + config: &KubernetesConfig{AllNamespaces: "unknown"}, + expectError: true, }, } - for _, test := range testCases { - err := checkKubernetesConfiguration(test.config) - if test.expectError { - assert.Assert(t, err != nil, test.name) - } else { - assert.NilError(t, err, test.name) - } + for _, tc := range testCases { + test := tc + t.Run(test.name, func(t *testing.T) { + err := checkKubernetesConfiguration(test.config) + if test.expectError { + assert.Assert(t, err != nil, test.name) + } else { + assert.NilError(t, err, test.name) + } + }) } } From 6288e8b1ac446b90ec661fe6fe9c6967c9156fa4 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 28 Jul 2021 16:26:52 +0200 Subject: [PATCH 083/127] change TestNewAPIClientFromFlagsWithHttpProxyEnv to an e2e test Golang uses a `sync.Once` when determining the proxy to use. This means that it's not possible to test the proxy configuration in unit tests, because the proxy configuration will be "fixated" the first time Golang detects the proxy configuration. This patch changes TestNewAPIClientFromFlagsWithHttpProxyEnv to an e2e test so that we can verify the CLI picks up the proxy configuration. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 40c6b117e70b92edd72fac1a554db83aa8102174) Signed-off-by: Sebastiaan van Stijn --- cli/command/cli_test.go | 19 ------------------ e2e/global/cli_test.go | 43 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 19 deletions(-) diff --git a/cli/command/cli_test.go b/cli/command/cli_test.go index 4099e7e7bb36..370ecec803b9 100644 --- a/cli/command/cli_test.go +++ b/cli/command/cli_test.go @@ -6,7 +6,6 @@ import ( "crypto/x509" "fmt" "io/ioutil" - "net/http" "os" "runtime" "testing" @@ -80,24 +79,6 @@ func TestNewAPIClientFromFlagsWithAPIVersionFromEnv(t *testing.T) { assert.Check(t, is.Equal(customVersion, apiclient.ClientVersion())) } -func TestNewAPIClientFromFlagsWithHttpProxyEnv(t *testing.T) { - defer env.Patch(t, "HTTP_PROXY", "http://proxy.acme.example.com:1234")() - defer env.Patch(t, "DOCKER_HOST", "tcp://docker.acme.example.com:2376")() - - opts := &flags.CommonOptions{} - configFile := &configfile.ConfigFile{} - apiclient, err := NewAPIClientFromFlags(opts, configFile) - assert.NilError(t, err) - transport, ok := apiclient.HTTPClient().Transport.(*http.Transport) - assert.Assert(t, ok) - assert.Assert(t, transport.Proxy != nil) - request, err := http.NewRequest(http.MethodGet, "tcp://docker.acme.example.com:2376", nil) - assert.NilError(t, err) - url, err := transport.Proxy(request) - assert.NilError(t, err) - assert.Check(t, is.Equal("http://proxy.acme.example.com:1234", url.String())) -} - type fakeClient struct { client.Client pingFunc func() (types.Ping, error) diff --git a/e2e/global/cli_test.go b/e2e/global/cli_test.go index 45bf2cf1f6b9..863079b1c32c 100644 --- a/e2e/global/cli_test.go +++ b/e2e/global/cli_test.go @@ -1,9 +1,13 @@ package global import ( + "net/http" + "net/http/httptest" + "strings" "testing" "github.com/docker/cli/internal/test/environment" + "gotest.tools/v3/assert" "gotest.tools/v3/icmd" "gotest.tools/v3/skip" ) @@ -22,3 +26,42 @@ func TestTLSVerify(t *testing.T) { result = icmd.RunCmd(icmd.Command("docker", "--tlsverify=true", "ps")) result.Assert(t, icmd.Expected{ExitCode: 1, Err: "ca.pem"}) } + +// TestTCPSchemeUsesHTTPProxyEnv verifies that the cli uses HTTP_PROXY if +// DOCKER_HOST is set to use the 'tcp://' scheme. +// +// Prior to go1.16, https:// schemes would use HTTPS_PROXY, and any other +// scheme would use HTTP_PROXY. However, golang/net@7b1cca2 (per a request in +// golang/go#40909) changed this behavior to only use HTTP_PROXY for http:// +// schemes, no longer using a proxy for any other scheme. +// +// Docker uses the tcp:// scheme as a default for API connections, to indicate +// that the API is not "purely" HTTP. Various parts in the code also *require* +// this scheme to be used. While we could change the default and allow http(s) +// schemes to be used, doing so will take time, taking into account that there +// are many installs in existence that have tcp:// configured as DOCKER_HOST. +// +// Note that due to Golang's use of sync.Once for proxy-detection, this test +// cannot be done as a unit-test, hence it being an e2e test. +func TestTCPSchemeUsesHTTPProxyEnv(t *testing.T) { + const responseJSON = `{"Version": "99.99.9", "ApiVersion": "1.41", "MinAPIVersion": "1.12"}` + var received string + proxyServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + received = r.Host + w.Header().Set("Content-Type", "application/json") + _, _ = w.Write([]byte(responseJSON)) + })) + defer proxyServer.Close() + + // Configure the CLI to use our proxyServer. DOCKER_HOST can point to any + // address (as it won't be connected to), but must use tcp:// for this test, + // to verify it's using HTTP_PROXY. + result := icmd.RunCmd( + icmd.Command("docker", "version", "--format", "{{ .Server.Version }}"), + icmd.WithEnv("HTTP_PROXY="+proxyServer.URL, "DOCKER_HOST=tcp://docker.acme.example.com:2376"), + ) + // Verify the command ran successfully, and that it connected to the proxyServer + result.Assert(t, icmd.Success) + assert.Equal(t, strings.TrimSpace(result.Stdout()), "99.99.9") + assert.Equal(t, received, "docker.acme.example.com:2376") +} From 0b924e51fc31fc90a29790f054b1d2c349ffdf8f Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 15 Jul 2021 15:15:38 +0200 Subject: [PATCH 084/127] Update to go1.16.6 Keeping the dockerfiles/Dockerfile.cross image at 1.13, as we don't have more current versions of that image. However, I don't think it's still used, so we should remove it. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit a477a727fccdcd392ad495076b99c359af8f8d18) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 18 +++++++++--------- appveyor.yml | 2 +- dockerfiles/Dockerfile.binary-native | 2 +- dockerfiles/Dockerfile.dev | 9 +++++---- dockerfiles/Dockerfile.e2e | 2 +- dockerfiles/Dockerfile.lint | 3 ++- scripts/build/plugins | 2 +- scripts/test/e2e/run | 1 + 8 files changed, 21 insertions(+), 18 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1027df05c216..5a6752aa14ec 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,17 +1,17 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.13.15 +ARG GO_VERSION=1.16.6 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable -FROM --platform=$BUILDPLATFORM golang:1.16-${BASE_VARIANT} AS golatest - -FROM gostable AS go-linux -FROM golatest AS go-darwin -FROM golatest AS go-windows-amd64 -FROM golatest AS go-windows-386 -FROM golatest AS go-windows-arm -FROM --platform=$BUILDPLATFORM golang:1.17rc1-${BASE_VARIANT} AS go-windows-arm64 +FROM --platform=$BUILDPLATFORM golang:1.17rc1-${BASE_VARIANT} AS golatest + +FROM gostable AS go-linux +FROM gostable AS go-darwin +FROM gostable AS go-windows-amd64 +FROM gostable AS go-windows-386 +FROM gostable AS go-windows-arm +FROM golatest AS go-windows-arm64 FROM go-windows-${TARGETARCH} AS go-windows FROM --platform=$BUILDPLATFORM tonistiigi/xx@sha256:620d36a9d7f1e3b102a5c7e8eff12081ac363828b3a44390f24fa8da2d49383d AS xx diff --git a/appveyor.yml b/appveyor.yml index f019485c75ef..b05ffc6aebda 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.13.15 + GOVERSION: 1.16.6 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.binary-native b/dockerfiles/Dockerfile.binary-native index 37c1c64fe8d3..7d7cc4226888 100644 --- a/dockerfiles/Dockerfile.binary-native +++ b/dockerfiles/Dockerfile.binary-native @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.13.15 +ARG GO_VERSION=1.16.6 FROM golang:${GO_VERSION}-alpine diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index a82eb728367d..9df860c9fae4 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.13.15 +ARG GO_VERSION=1.16.6 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 @@ -10,21 +10,21 @@ ARG ESC_VERSION=v0.2.0 RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=tmpfs,target=/go/src/ \ - GO111MODULE=on go get github.com/mjibson/esc@${ESC_VERSION} + GO111MODULE=on go install github.com/mjibson/esc@${ESC_VERSION} FROM golang AS gotestsum ARG GOTESTSUM_VERSION=v0.4.0 RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=tmpfs,target=/go/src/ \ - GO111MODULE=on go get gotest.tools/gotestsum@${GOTESTSUM_VERSION} + GO111MODULE=on go install gotest.tools/gotestsum@${GOTESTSUM_VERSION} FROM golang AS vndr ARG VNDR_VERSION=v0.1.2 RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=tmpfs,target=/go/src/ \ - GO111MODULE=on go get github.com/LK4D4/vndr@${VNDR_VERSION} + GO111MODULE=on go install github.com/LK4D4/vndr@${VNDR_VERSION} FROM golang AS dev RUN apk add --no-cache \ @@ -44,4 +44,5 @@ COPY --from=vndr /go/bin/* /go/bin/ COPY --from=gotestsum /go/bin/* /go/bin/ WORKDIR /go/src/github.com/docker/cli +ENV GO111MODULE=auto COPY . . diff --git a/dockerfiles/Dockerfile.e2e b/dockerfiles/Dockerfile.e2e index afd4e47b6012..36ea70b8c432 100644 --- a/dockerfiles/Dockerfile.e2e +++ b/dockerfiles/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.13.15 +ARG GO_VERSION=1.16.6 # Use Debian based image as docker-compose requires glibc. FROM golang:${GO_VERSION}-buster diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 8c4923c1a383..6d272db22711 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.13.15 +ARG GO_VERSION=1.16.6 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build @@ -13,6 +13,7 @@ RUN --mount=type=cache,target=/root/.cache/go-build \ go get github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCI_LINTER_SHA} FROM golang:${GO_VERSION}-alpine AS lint +ENV GO111MODULE=off ENV CGO_ENABLED=0 ENV DISABLE_WARN_OUTSIDE_CONTAINER=1 COPY --from=build /go/bin/golangci-lint /usr/local/bin diff --git a/scripts/build/plugins b/scripts/build/plugins index fce2689cdc25..f4e9c74600db 100755 --- a/scripts/build/plugins +++ b/scripts/build/plugins @@ -17,5 +17,5 @@ for p in cli-plugins/examples/* "$@" ; do echo "Building statically linked $TARGET" export CGO_ENABLED=0 - go build -o "${TARGET}" --ldflags "${LDFLAGS}" "github.com/docker/cli/${p}" + GO111MODULE=auto go build -o "${TARGET}" --ldflags "${LDFLAGS}" "github.com/docker/cli/${p}" done diff --git a/scripts/test/e2e/run b/scripts/test/e2e/run index a9c5cc2683ab..5befee97aa52 100755 --- a/scripts/test/e2e/run +++ b/scripts/test/e2e/run @@ -71,6 +71,7 @@ runtests() { PATH="$PWD/build/:/usr/bin:/usr/local/bin:/usr/local/go/bin" \ HOME="$HOME" \ DOCKER_CLI_E2E_PLUGINS_EXTRA_DIRS="$PWD/build/plugins-linux-amd64" \ + GO111MODULE=auto \ "$(command -v gotestsum)" -- ${TESTDIRS:-./e2e/...} ${TESTFLAGS-} } From 42d1c02750b3631402da3973e5f36b76c8c934f4 Mon Sep 17 00:00:00 2001 From: Samuel Karp Date: Wed, 21 Jul 2021 17:59:42 -0700 Subject: [PATCH 085/127] registry: ensure default auth config has address Signed-off-by: Samuel Karp --- cli/command/registry.go | 15 +++++++-------- cli/command/registry/login.go | 13 +++++-------- cli/command/registry_test.go | 16 +++++++++++++++- 3 files changed, 27 insertions(+), 17 deletions(-) diff --git a/cli/command/registry.go b/cli/command/registry.go index e6311c8bfb77..68e3dd36ed71 100644 --- a/cli/command/registry.go +++ b/cli/command/registry.go @@ -63,17 +63,14 @@ func RegistryAuthenticationPrivilegedFunc(cli Cli, index *registrytypes.IndexInf indexServer := registry.GetAuthConfigKey(index) isDefaultRegistry := indexServer == ElectAuthServer(context.Background(), cli) authConfig, err := GetDefaultAuthConfig(cli, true, indexServer, isDefaultRegistry) - if authConfig == nil { - authConfig = &types.AuthConfig{} - } if err != nil { fmt.Fprintf(cli.Err(), "Unable to retrieve stored credentials for %s, error: %s.\n", indexServer, err) } - err = ConfigureAuth(cli, "", "", authConfig, isDefaultRegistry) + err = ConfigureAuth(cli, "", "", &authConfig, isDefaultRegistry) if err != nil { return "", err } - return EncodeAuthToBase64(*authConfig) + return EncodeAuthToBase64(authConfig) } } @@ -92,7 +89,7 @@ func ResolveAuthConfig(ctx context.Context, cli Cli, index *registrytypes.IndexI // GetDefaultAuthConfig gets the default auth config given a serverAddress // If credentials for given serverAddress exists in the credential store, the configuration will be populated with values in it -func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, isDefaultRegistry bool) (*types.AuthConfig, error) { +func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, isDefaultRegistry bool) (types.AuthConfig, error) { if !isDefaultRegistry { serverAddress = registry.ConvertToHostname(serverAddress) } @@ -101,13 +98,15 @@ func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, is if checkCredStore { authconfig, err = cli.ConfigFile().GetAuthConfig(serverAddress) if err != nil { - return nil, err + return types.AuthConfig{ + ServerAddress: serverAddress, + }, err } } authconfig.ServerAddress = serverAddress authconfig.IdentityToken = "" res := types.AuthConfig(authconfig) - return &res, nil + return res, nil } // ConfigureAuth handles prompting of user's username and password if needed diff --git a/cli/command/registry/login.go b/cli/command/registry/login.go index 61dd90c33f18..3820c414b124 100644 --- a/cli/command/registry/login.go +++ b/cli/command/registry/login.go @@ -114,22 +114,19 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { //nolint: gocycl var response registrytypes.AuthenticateOKBody isDefaultRegistry := serverAddress == authServer authConfig, err := command.GetDefaultAuthConfig(dockerCli, opts.user == "" && opts.password == "", serverAddress, isDefaultRegistry) - if authConfig == nil { - authConfig = &types.AuthConfig{} - } if err == nil && authConfig.Username != "" && authConfig.Password != "" { - response, err = loginWithCredStoreCreds(ctx, dockerCli, authConfig) + response, err = loginWithCredStoreCreds(ctx, dockerCli, &authConfig) } if err != nil || authConfig.Username == "" || authConfig.Password == "" { - err = command.ConfigureAuth(dockerCli, opts.user, opts.password, authConfig, isDefaultRegistry) + err = command.ConfigureAuth(dockerCli, opts.user, opts.password, &authConfig, isDefaultRegistry) if err != nil { return err } - response, err = clnt.RegistryLogin(ctx, *authConfig) + response, err = clnt.RegistryLogin(ctx, authConfig) if err != nil && client.IsErrConnectionFailed(err) { // If the server isn't responding (yet) attempt to login purely client side - response, err = loginClientSide(ctx, *authConfig) + response, err = loginClientSide(ctx, authConfig) } // If we (still) have an error, give up if err != nil { @@ -152,7 +149,7 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { //nolint: gocycl } } - if err := creds.Store(configtypes.AuthConfig(*authConfig)); err != nil { + if err := creds.Store(configtypes.AuthConfig(authConfig)); err != nil { return errors.Errorf("Error saving credentials: %v", err) } diff --git a/cli/command/registry_test.go b/cli/command/registry_test.go index ae7c3ac052f0..f98589fed1cd 100644 --- a/cli/command/registry_test.go +++ b/cli/command/registry_test.go @@ -145,7 +145,21 @@ func TestGetDefaultAuthConfig(t *testing.T) { assert.Check(t, is.Equal(tc.expectedErr, err.Error())) } else { assert.NilError(t, err) - assert.Check(t, is.DeepEqual(tc.expectedAuthConfig, *authconfig)) + assert.Check(t, is.DeepEqual(tc.expectedAuthConfig, authconfig)) } } } + +func TestGetDefaultAuthConfig_HelperError(t *testing.T) { + cli := test.NewFakeCli(&fakeClient{}) + errBuf := new(bytes.Buffer) + cli.SetErr(errBuf) + cli.ConfigFile().CredentialsStore = "fake-does-not-exist" + serverAddress := "test-server-address" + expectedAuthConfig := types.AuthConfig{ + ServerAddress: serverAddress, + } + authconfig, err := GetDefaultAuthConfig(cli, true, serverAddress, serverAddress == "https://index.docker.io/v1/") + assert.Check(t, is.DeepEqual(expectedAuthConfig, authconfig)) + assert.Check(t, is.ErrorContains(err, "docker-credential-fake-does-not-exist")) +} From 2012fbf111555f6fad5323b9e1c969c49bca99bc Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 7 Aug 2021 18:20:39 +0200 Subject: [PATCH 086/127] Update Go to 1.16.7 go1.16.7 (released 2021-08-05) includes a security fix to the net/http/httputil package, as well as bug fixes to the compiler, the linker, the runtime, the go command, and the net/http package. See the Go 1.16.7 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.7+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 3112b382a3f9e319e7e0d95c75ecb18e204d6583) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- appveyor.yml | 2 +- dockerfiles/Dockerfile.binary-native | 2 +- dockerfiles/Dockerfile.dev | 2 +- dockerfiles/Dockerfile.e2e | 2 +- dockerfiles/Dockerfile.lint | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5a6752aa14ec..751f4f8037f7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.16.6 +ARG GO_VERSION=1.16.7 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable FROM --platform=$BUILDPLATFORM golang:1.17rc1-${BASE_VARIANT} AS golatest diff --git a/appveyor.yml b/appveyor.yml index b05ffc6aebda..5977a47400b7 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.16.6 + GOVERSION: 1.16.7 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.binary-native b/dockerfiles/Dockerfile.binary-native index 7d7cc4226888..fffd7548e509 100644 --- a/dockerfiles/Dockerfile.binary-native +++ b/dockerfiles/Dockerfile.binary-native @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.6 +ARG GO_VERSION=1.16.7 FROM golang:${GO_VERSION}-alpine diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index 9df860c9fae4..f9e7b3c6d684 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.6 +ARG GO_VERSION=1.16.7 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 diff --git a/dockerfiles/Dockerfile.e2e b/dockerfiles/Dockerfile.e2e index 36ea70b8c432..41504455f6f1 100644 --- a/dockerfiles/Dockerfile.e2e +++ b/dockerfiles/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.6 +ARG GO_VERSION=1.16.7 # Use Debian based image as docker-compose requires glibc. FROM golang:${GO_VERSION}-buster diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 6d272db22711..0e9768d84b93 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.6 +ARG GO_VERSION=1.16.7 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build From 061051c24da9cb9e480e27d7948ff2c210f3f462 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 23 Aug 2021 17:35:25 +0200 Subject: [PATCH 087/127] docs: add missing redirect, and remove /go/experimental redirect The /go/ redirects are now defined in the docs repository, so the one we defined here can be removed. Also adds a missing redirect for an old URL to the main CLI page. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 463746ff22662a1e28059ce9d1c1ae4b0eb4dbdd) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/cli.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/reference/commandline/cli.md b/docs/reference/commandline/cli.md index b2988adcbecf..6187a6ad898f 100644 --- a/docs/reference/commandline/cli.md +++ b/docs/reference/commandline/cli.md @@ -3,7 +3,7 @@ title: "Use the Docker command line" description: "Docker's CLI command description and usage" keywords: "Docker, Docker documentation, CLI, command line, config.json, CLI configuration file" redirect_from: - - /go/experimental/ + - /reference/commandline/cli/ - /engine/reference/commandline/engine/ - /engine/reference/commandline/engine_activate/ - /engine/reference/commandline/engine_check/ @@ -312,6 +312,9 @@ Experimental features provide early access to future product functionality. These features are intended for testing and feedback, and they may change between releases without warning or can be removed from a future release. +Starting with Docker 20.10, experimental CLI features are enabled by default, +and require no configuration to enable them. + ### Notary If using your own notary server and a self-signed certificate or an internal From 44fdac11f59ca5929169e4076259e64b9ef383ca Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 15 Sep 2021 13:26:11 +0200 Subject: [PATCH 088/127] Update Go to 1.16.8 This includes additional fixes for CVE-2021-39293. go1.16.8 (released 2021-09-09) includes a security fix to the archive/zip package, as well as bug fixes to the archive/zip, go/internal/gccgoimporter, html/template, net/http, and runtime/pprof packages. See the Go 1.16.8 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.8+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 01fa5d925abbed19f7e91db2933241161196d109) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- appveyor.yml | 2 +- dockerfiles/Dockerfile.binary-native | 2 +- dockerfiles/Dockerfile.dev | 2 +- dockerfiles/Dockerfile.e2e | 2 +- dockerfiles/Dockerfile.lint | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 751f4f8037f7..1bcd4afdeda5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.16.7 +ARG GO_VERSION=1.16.8 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable FROM --platform=$BUILDPLATFORM golang:1.17rc1-${BASE_VARIANT} AS golatest diff --git a/appveyor.yml b/appveyor.yml index 5977a47400b7..6b7667676aa2 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.16.7 + GOVERSION: 1.16.8 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.binary-native b/dockerfiles/Dockerfile.binary-native index fffd7548e509..ee9093b859e2 100644 --- a/dockerfiles/Dockerfile.binary-native +++ b/dockerfiles/Dockerfile.binary-native @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.7 +ARG GO_VERSION=1.16.8 FROM golang:${GO_VERSION}-alpine diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index f9e7b3c6d684..eefb81e069dc 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.7 +ARG GO_VERSION=1.16.8 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 diff --git a/dockerfiles/Dockerfile.e2e b/dockerfiles/Dockerfile.e2e index 41504455f6f1..3ed650133868 100644 --- a/dockerfiles/Dockerfile.e2e +++ b/dockerfiles/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.7 +ARG GO_VERSION=1.16.8 # Use Debian based image as docker-compose requires glibc. FROM golang:${GO_VERSION}-buster diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 0e9768d84b93..1aaa2e111d42 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.7 +ARG GO_VERSION=1.16.8 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build From 6c1c8b55aa6e6dd49fe0cf375df76e64ca4fc984 Mon Sep 17 00:00:00 2001 From: "takeshi.koenuma" Date: Thu, 30 Sep 2021 12:45:59 +0900 Subject: [PATCH 089/127] docs: fix search results by filterd is-official Signed-off-by: takeshi.koenuma (cherry picked from commit 1de937c144e564e2cb67da02d1246a840af4545e) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/search.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/reference/commandline/search.md b/docs/reference/commandline/search.md index 90d19e2631ed..b86aee350821 100644 --- a/docs/reference/commandline/search.md +++ b/docs/reference/commandline/search.md @@ -127,9 +127,8 @@ This example displays images with a name containing 'busybox', at least ```bash $ docker search --filter is-official=true --filter stars=3 busybox -NAME DESCRIPTION STARS OFFICIAL AUTOMATED -progrium/busybox 50 [OK] -radial/busyboxplus Full-chain, Internet enabled, busybox made... 8 [OK] +NAME DESCRIPTION STARS OFFICIAL AUTOMATED +busybox Busybox base image. 325 [OK] ``` ### Format the output From d0014a86bcbf9d12a48993d9d39ab9e63d345401 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 22 Sep 2021 17:55:45 +0200 Subject: [PATCH 090/127] docs: fix description of restart-delay to mention max (1 minute) Commit https://github.com/docker/docker/commit/9bd3a7c0297fdb93deb846070c85ac23da0a20e8 (docker 17.04 and up) added a maximum timeout of 1 minute to the restart timeout. This patch updates the documentation to match the current behavior. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 47e5cfa9e96ad4eeb6892fd08496f93fd734aa51) Signed-off-by: Sebastiaan van Stijn --- docs/reference/run.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/reference/run.md b/docs/reference/run.md index d95b1a8aeba0..3d836fb3bb8d 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -554,17 +554,17 @@ Docker supports the following restart policies: -An ever increasing delay (double the previous delay, starting at 100 -milliseconds) is added before each restart to prevent flooding the server. +An increasing delay (double the previous delay, starting at 100 milliseconds) +is added before each restart to prevent flooding the server. This means the daemon will wait for 100 ms, then 200 ms, 400, 800, 1600, -and so on until either the `on-failure` limit is hit, or when you `docker stop` -or `docker rm -f` the container. +and so on until either the `on-failure` limit, the maximum delay of 1 minute is +hit, or when you `docker stop` or `docker rm -f` the container. If a container is successfully restarted (the container is started and runs for at least 10 seconds), the delay is reset to its default value of 100 ms. You can specify the maximum amount of times Docker will try to restart the -container when using the **on-failure** policy. The default is that Docker +container when using the **on-failure** policy. The default is that Docker will try forever to restart the container. The number of (attempted) restarts for a container can be obtained via [`docker inspect`](commandline/inspect.md). For example, to get the number of restarts for container "my-container"; From cbf0d2b7b797839dcd523103ee718a1a90fc913b Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 13 Sep 2021 16:20:09 +0200 Subject: [PATCH 091/127] docs: fix some broken anchors Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 2621af848aad882f6998d4f1464a293544a69de3) Signed-off-by: Sebastiaan van Stijn --- docs/deprecated.md | 2 +- docs/extend/plugins_authorization.md | 2 +- docs/reference/builder.md | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/deprecated.md b/docs/deprecated.md index 34cd3ec195d2..0f3cba83b662 100644 --- a/docs/deprecated.md +++ b/docs/deprecated.md @@ -54,7 +54,7 @@ Deprecated | [Support for encrypted TLS private keys](#support-for-encrypted-tls Deprecated | [Kubernetes stack and context support](#kubernetes-stack-and-context-support) | v20.10 | - Deprecated | [Pulling images from non-compliant image registries](#pulling-images-from-non-compliant-image-registries) | v20.10 | - Deprecated | [Linux containers on Windows (LCOW)](#linux-containers-on-windows-lcow-experimental) | v20.10 | - -Deprecated | [BLKIO weight options with cgroups v1](#blkio-weight-options–with-cgroups-v1) | v20.10 | - +Deprecated | [BLKIO weight options with cgroups v1](#blkio-weight-options-with-cgroups-v1) | v20.10 | - Deprecated | [Kernel memory limit](#kernel-memory-limit) | v20.10 | - Deprecated | [Classic Swarm and overlay networks using external key/value stores](#classic-swarm-and-overlay-networks-using-cluster-store) | v20.10 | - Deprecated | [Support for the legacy `~/.dockercfg` configuration file for authentication](#support-for-legacy-dockercfg-configuration-files) | v20.10 | - diff --git a/docs/extend/plugins_authorization.md b/docs/extend/plugins_authorization.md index d62c795862d8..6cee34e80259 100644 --- a/docs/extend/plugins_authorization.md +++ b/docs/extend/plugins_authorization.md @@ -114,7 +114,7 @@ Enable the authorization plugin with a dedicated command line flag in the `--authorization-plugin=PLUGIN_ID` format. The flag supplies a `PLUGIN_ID` value. This value can be the plugin’s socket or a path to a specification file. Authorization plugins can be loaded without restarting the daemon. Refer -to the [`dockerd` documentation](../reference/commandline/dockerd.md#configuration-reloading) for more information. +to the [`dockerd` documentation](../reference/commandline/dockerd.md#configuration-reload-behavior) for more information. ```bash $ dockerd --authorization-plugin=plugin1 --authorization-plugin=plugin2,... diff --git a/docs/reference/builder.md b/docs/reference/builder.md index d5651db8ea60..698fce98fc72 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -179,7 +179,7 @@ Docker runs instructions in a `Dockerfile` in order. A `Dockerfile` **must begin with a `FROM` instruction**. This may be after [parser directives](#parser-directives), [comments](#format), and globally scoped [ARGs](#arg). The `FROM` instruction specifies the [*Parent -Image*](https://docs.docker.com/glossary/#parent_image) from which you are +Image*](https://docs.docker.com/glossary/#parent-image) from which you are building. `FROM` may only be preceded by one or more `ARG` instructions, which declare arguments that are used in `FROM` lines in the `Dockerfile`. @@ -677,7 +677,7 @@ FROM [--platform=] [@] [AS ] ``` The `FROM` instruction initializes a new build stage and sets the -[*Base Image*](https://docs.docker.com/glossary/#base_image) for subsequent instructions. As such, a +[*Base Image*](https://docs.docker.com/glossary/#base-image) for subsequent instructions. As such, a valid `Dockerfile` must start with a `FROM` instruction. The image can be any valid image – it is especially easy to start by **pulling an image** from the [*Public Repositories*](https://docs.docker.com/docker-hub/repos/). From 77db97d59513e16e4ee2abe6fcfa130d453604bd Mon Sep 17 00:00:00 2001 From: Pawel Date: Sat, 11 Sep 2021 22:52:44 +0200 Subject: [PATCH 092/127] Use private network address for default-address-pools setting in daemon.json example Signed-off-by: Pawel (cherry picked from commit 6482f3f9b043817d975757a3b6fd5e295ee22676) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/dockerd.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index e3414168e044..ea480b2950f5 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -1360,11 +1360,11 @@ This is a full example of the allowed configuration options on Linux: "debug": true, "default-address-pools": [ { - "base": "172.80.0.0/16", + "base": "172.30.0.0/16", "size": 24 }, { - "base": "172.90.0.0/16", + "base": "172.31.0.0/16", "size": 24 } ], From c72057c8db3ca3001bb382248900d8ce8b15953a Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 23 Aug 2021 17:41:23 +0200 Subject: [PATCH 093/127] docs: move checkpoint/restore doc from experimental into reference This allows this information to be read from docs.docker.com. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit aa89e6847a114e58fff3a0e758cc1abb1922203b) Signed-off-by: Sebastiaan van Stijn --- .../reference/commandline/checkpoint.md | 63 +++++++++++-------- experimental/README.md | 4 +- 2 files changed, 39 insertions(+), 28 deletions(-) rename experimental/checkpoint-restore.md => docs/reference/commandline/checkpoint.md (57%) diff --git a/experimental/checkpoint-restore.md b/docs/reference/commandline/checkpoint.md similarity index 57% rename from experimental/checkpoint-restore.md rename to docs/reference/commandline/checkpoint.md index 2f7cdf46b8bd..9d99a7a9c855 100644 --- a/experimental/checkpoint-restore.md +++ b/docs/reference/commandline/checkpoint.md @@ -1,6 +1,13 @@ -# Docker Checkpoint & Restore +--- +title: docker checkpoint +description: "The checkpoint command description and usage" +keywords: experimental, checkpoint, restore, criu +experimental: true +--- -Checkpoint & Restore is a new feature that allows you to freeze a running +## Description + +Checkpoint and Restore is an experimental feature that allows you to freeze a running container by checkpointing it, which turns its state into a collection of files on disk. Later, the container can be restored from the point it was frozen. @@ -9,16 +16,16 @@ external dependency of this feature. A good overview of the history of checkpoint and restore in Docker is available in this [Kubernetes blog post](https://kubernetes.io/blog/2015/07/how-did-quake-demo-from-dockercon-work/). -## Installing CRIU +### Installing CRIU If you use a Debian system, you can add the CRIU PPA and install with apt-get [from the criu launchpad](https://launchpad.net/~criu/+archive/ubuntu/ppa). -Alternatively, you can [build CRIU from source](http://criu.org/Installation). +Alternatively, you can [build CRIU from source](https://criu.org/Installation). You need at least version 2.0 of CRIU to run checkpoint/restore in Docker. -## Use cases for checkpoint & restore +### Use cases for checkpoint & restore This feature is currently focused on single-host use cases for checkpoint and restore. Here are a few: @@ -33,7 +40,7 @@ migration of a server from one machine to another. This is possible with the current implementation, but not currently a priority (and so the workflow is not optimized for the task). -## Using checkpoint & restore +### Using checkpoint & restore A new top level command `docker checkpoint` is introduced, with three subcommands: - `create` (creates a new checkpoint) @@ -44,35 +51,40 @@ Additionally, a `--checkpoint` flag is added to the container start command. The options for checkpoint create: - Usage: docker checkpoint create [OPTIONS] CONTAINER CHECKPOINT +```console +Usage: docker checkpoint create [OPTIONS] CONTAINER CHECKPOINT - Create a checkpoint from a running container +Create a checkpoint from a running container - --leave-running=false Leave the container running after checkpoint - --checkpoint-dir Use a custom checkpoint storage directory + --leave-running=false Leave the container running after checkpoint + --checkpoint-dir Use a custom checkpoint storage directory +``` And to restore a container: - Usage: docker start --checkpoint CHECKPOINT_ID [OTHER OPTIONS] CONTAINER - +```console +Usage: docker start --checkpoint CHECKPOINT_ID [OTHER OPTIONS] CONTAINER +``` -A simple example of using checkpoint & restore on a container: +Example of using checkpoint & restore on a container: - $ docker run --security-opt=seccomp:unconfined --name cr -d busybox /bin/sh -c 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' - > abc0123 +```console +$ docker run --security-opt=seccomp:unconfined --name cr -d busybox /bin/sh -c 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' +abc0123 - $ docker checkpoint create cr checkpoint1 +$ docker checkpoint create cr checkpoint1 - # - $ docker start --checkpoint checkpoint1 cr - > abc0123 +# +$ docker start --checkpoint checkpoint1 cr +abc0123 +``` This process just logs an incrementing counter to stdout. If you `docker logs` in between running/checkpoint/restoring you should see that the counter increases while the process is running, stops while it's checkpointed, and resumes from the point it left off once you restore. -## Current limitation +### Known limitations seccomp is only supported by CRIU in very up to date kernels. @@ -80,9 +92,10 @@ External terminal (i.e. `docker run -t ..`) is not supported at the moment. If you try to create a checkpoint for a container with an external terminal, it would fail: - $ docker checkpoint create cr checkpoint1 - Error response from daemon: Cannot checkpoint container c1: rpc error: code = 2 desc = exit status 1: "criu failed: type NOTIFY errno 0\nlog file: /var/lib/docker/containers/eb62ebdbf237ce1a8736d2ae3c7d88601fc0a50235b0ba767b559a1f3c5a600b/checkpoints/checkpoint1/criu.work/dump.log\n" - - $ cat /var/lib/docker/containers/eb62ebdbf237ce1a8736d2ae3c7d88601fc0a50235b0ba767b559a1f3c5a600b/checkpoints/checkpoint1/criu.work/dump.log - Error (mount.c:740): mnt: 126:./dev/console doesn't have a proper root mount +```console +$ docker checkpoint create cr checkpoint1 +Error response from daemon: Cannot checkpoint container c1: rpc error: code = 2 desc = exit status 1: "criu failed: type NOTIFY errno 0\nlog file: /var/lib/docker/containers/eb62ebdbf237ce1a8736d2ae3c7d88601fc0a50235b0ba767b559a1f3c5a600b/checkpoints/checkpoint1/criu.work/dump.log\n" +$ cat /var/lib/docker/containers/eb62ebdbf237ce1a8736d2ae3c7d88601fc0a50235b0ba767b559a1f3c5a600b/checkpoints/checkpoint1/criu.work/dump.log +Error (mount.c:740): mnt: 126:./dev/console doesn't have a proper root mount +``` diff --git a/experimental/README.md b/experimental/README.md index 21753f5c9ed5..d3727b4e3640 100644 --- a/experimental/README.md +++ b/experimental/README.md @@ -11,8 +11,6 @@ please feel free to provide any feedback on these features you wish. ## Use Docker experimental -Experimental features are now included in the standard Docker binaries as of -version 1.13.0. To enable experimental features, start the Docker daemon with the `--experimental` flag or enable the daemon flag in the `/etc/docker/daemon.json` configuration file: @@ -39,5 +37,5 @@ Checkpoint and restore support for Containers. Metrics (Prometheus) output for basic container, image, and daemon operations. * [External graphdriver plugins](../docs/extend/plugins_graphdriver.md) - * [Checkpoint & Restore](checkpoint-restore.md) + * [Checkpoint & Restore](../docs/reference/commandline/checkpoint-restore.md) * [Docker build with --squash argument](../docs/reference/commandline/build.md#squash-an-images-layers---squash-experimental) From 400f81089af3ea0fec83400a076d3956c24cdfb9 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 7 Sep 2021 13:30:48 +0200 Subject: [PATCH 094/127] experimental: fix broken link to "checkpoint and restore" page Signed-off-by: Sebastiaan van Stijn (cherry picked from commit ea98f6c923f5831ba37bc8b59872ed631cc4970a) Signed-off-by: Sebastiaan van Stijn --- experimental/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/experimental/README.md b/experimental/README.md index d3727b4e3640..73e0f137a3e1 100644 --- a/experimental/README.md +++ b/experimental/README.md @@ -37,5 +37,5 @@ Checkpoint and restore support for Containers. Metrics (Prometheus) output for basic container, image, and daemon operations. * [External graphdriver plugins](../docs/extend/plugins_graphdriver.md) - * [Checkpoint & Restore](../docs/reference/commandline/checkpoint-restore.md) + * [Checkpoint & Restore](../docs/reference/commandline/checkpoint.md) * [Docker build with --squash argument](../docs/reference/commandline/build.md#squash-an-images-layers---squash-experimental) From fa46b923617bb2ae80e8b7d8c09fc88a7e097b7c Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 21 Aug 2021 13:50:05 +0200 Subject: [PATCH 095/127] docs: rewrite reference docs for --stop-signal and --stop-timeout Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 16466f1ce6b6d27592973c5b94bcc06fa4c88e89) Signed-off-by: Sebastiaan van Stijn --- docs/reference/builder.md | 11 ++++++++--- docs/reference/commandline/create.md | 2 +- docs/reference/commandline/kill.md | 20 +++++++++++++++----- docs/reference/commandline/run.md | 23 +++++++++++++++++------ man/Dockerfile.5.md | 12 ++++++++++++ man/docker-run.1.md | 22 +++++++++++++++++++--- 6 files changed, 72 insertions(+), 18 deletions(-) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index 698fce98fc72..b7a1c88e7f2f 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -2171,9 +2171,14 @@ ONBUILD RUN /usr/local/bin/python-build --dir /app/src STOPSIGNAL signal ``` -The `STOPSIGNAL` instruction sets the system call signal that will be sent to the container to exit. -This signal can be a valid unsigned number that matches a position in the kernel's syscall table, for instance 9, -or a signal name in the format SIGNAME, for instance SIGKILL. +The `STOPSIGNAL` instruction sets the system call signal that will be sent to the +container to exit. This signal can be a signal name in the format `SIG`, +for instance `SIGKILL`, or an unsigned number that matches a position in the +kernel's syscall table, for instance `9`. The default is `SIGTERM` if not +defined. + +The image's default stopsignal can be overridden per container, using the +`--stop-signal` flag on `docker run` and `docker create`. ## HEALTHCHECK diff --git a/docs/reference/commandline/create.md b/docs/reference/commandline/create.md index 0c9a96ee26d1..94381710b612 100644 --- a/docs/reference/commandline/create.md +++ b/docs/reference/commandline/create.md @@ -109,7 +109,7 @@ Options: Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes. --stop-signal string Signal to stop a container (default "SIGTERM") - --stop-timeout=10 Timeout (in seconds) to stop a container + --stop-timeout int Timeout (in seconds) to stop a container --storage-opt value Storage driver options for the container (default []) --sysctl value Sysctl options (default map[]) --tmpfs value Mount a tmpfs directory (default []) diff --git a/docs/reference/commandline/kill.md b/docs/reference/commandline/kill.md index 942605ec52ad..4df13e341164 100644 --- a/docs/reference/commandline/kill.md +++ b/docs/reference/commandline/kill.md @@ -20,8 +20,18 @@ Options: The `docker kill` subcommand kills one or more containers. The main process inside the container is sent `SIGKILL` signal (default), or the signal that is -specified with the `--signal` option. You can kill a container using the -container's ID, ID-prefix, or name. +specified with the `--signal` option. You can reference a container by its +ID, ID-prefix, or name. + +The `--signal` (or `-s` shorthand) flag sets the system call signal that is sent +to the container. This signal can be a signal name in the format `SIG`, for +instance `SIGINT`, or an unsigned number that matches a position in the kernel's +syscall table, for instance `2`. + +While the default (`SIGKILL`) signal will terminate the container, the signal +set through `--signal` may be non-terminal, depending on the container's main +process. For example, the `SIGHUP` signal in most cases will be non-terminal, +and the container will continue running after receiving the signal. > **Note** > @@ -32,16 +42,16 @@ container's ID, ID-prefix, or name. ## Examples -### Send a KILL signal to a container +### Send a KILL signal to a container -The following example sends the default `KILL` signal to the container named +The following example sends the default `SIGKILL` signal to the container named `my_container`: ```bash $ docker kill my_container ``` -### Send a custom signal to a container +### Send a custom signal to a container The following example sends a `SIGHUP` signal to the container named `my_container`: diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index eef81dd81cde..28ba5ef8c62e 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -120,7 +120,7 @@ Options: or `g` (gigabytes). If you omit the unit, the system uses bytes. --sig-proxy Proxy received signals to the process (default true) --stop-signal string Signal to stop a container (default "SIGTERM") - --stop-timeout=10 Timeout (in seconds) to stop a container + --stop-timeout int Timeout (in seconds) to stop a container --storage-opt value Storage driver options for the container (default []) --sysctl value Sysctl options (default map[]) --tmpfs value Mount a tmpfs directory (default []) @@ -745,9 +745,12 @@ the three processes quota set for the `daemon` user. ### Stop container with signal (--stop-signal) -The `--stop-signal` flag sets the system call signal that will be sent to the container to exit. -This signal can be a valid unsigned number that matches a position in the kernel's syscall table, for instance 9, -or a signal name in the format SIGNAME, for instance SIGKILL. +The `--stop-signal` flag sets the system call signal that will be sent to the +container to exit. This signal can be a signal name in the format `SIG`, +for instance `SIGKILL`, or an unsigned number that matches a position in the +kernel's syscall table, for instance `9`. + +The default is `SIGTERM` if not specified. ### Optional security options (--security-opt) @@ -756,8 +759,16 @@ The `credentialspec` must be in the format `file://spec.txt` or `registry://keyn ### Stop container with timeout (--stop-timeout) -The `--stop-timeout` flag sets the timeout (in seconds) that a pre-defined (see `--stop-signal`) system call -signal that will be sent to the container to exit. After timeout elapses the container will be killed with SIGKILL. +The `--stop-timeout` flag sets the number of seconds to wait for the container +to stop after sending the pre-defined (see `--stop-signal`) system call signal. +If the container does not exit after the timeout elapses, it is forcibly killed +with a `SIGKILL` signal. + +If `--stop-timeout` is set to `-1`, no timeout is applied, and the daemon will +wait indefinitely for the container to exit. + +The default is determined by the daemon, and is 10 seconds for Linux containers, +and 30 seconds for Windows containers. ### Specify isolation technology for container (--isolation) diff --git a/man/Dockerfile.5.md b/man/Dockerfile.5.md index 0b1fb99a330c..3a7ccb974310 100644 --- a/man/Dockerfile.5.md +++ b/man/Dockerfile.5.md @@ -183,6 +183,18 @@ A Dockerfile is similar to a Makefile. To display an image's labels, use the `docker inspect` command. +**STOPSIGNAL** + + -- `STOPSIGNAL ` + The **STOPSIGNAL** instruction sets the system call signal that will be sent + to the container to exit. This signal can be a signal name in the format + **SIG**, for instance **SIGKILL**, or an unsigned number that matches a + position in the kernel's syscall table, for instance **9**. The default is + **SIGTERM** if not defined. + + The image's default stopsignal can be overridden per container, using the + **--stop-signal** flag on **docker-run(1)** and **docker-create(1)**. + **EXPOSE** -- `EXPOSE [...]` The **EXPOSE** instruction informs Docker that the container listens on the diff --git a/man/docker-run.1.md b/man/docker-run.1.md index c36af3303108..46ad4f1cef51 100644 --- a/man/docker-run.1.md +++ b/man/docker-run.1.md @@ -622,10 +622,26 @@ incompatible with any restart policy other than `none`. Under these conditions, user can pass any size less than the backing fs size. **--stop-signal**=*SIGTERM* - Signal to stop a container. Default is SIGTERM. + Signal to stop the container. Default is SIGTERM. -**--stop-timeout**=*10* - Timeout (in seconds) to stop a container. Default is 10. + The `--stop-signal` flag sets the system call signal that will be sent to the + container to exit. This signal can be a signal name in the format `SIG`, + for instance `SIGKILL`, or an unsigned number that matches a position in the + kernel's syscall table, for instance `9`. + +**--stop-timeout** + Timeout (in seconds) to stop a container, or **-1** to disable timeout. + + The `--stop-timeout` flag sets the number of seconds to wait for the container + to stop after sending the pre-defined (see `--stop-signal`) system call signal. + If the container does not exit after the timeout elapses, it is forcibly killed + with a `SIGKILL` signal. + + If `--stop-timeout` is set to **-1**, no timeout is applied, and the daemon will + wait indefinitely for the container to exit. + + The default is determined by the daemon, and 10 seconds for Linux containers, + and 30 seconds for Windows containers. **--shm-size**="" Size of `/dev/shm`. The format is ``. From f2e79b826c0ceb87b6a9caeb3a1dc8ffe210a467 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 21 Aug 2021 14:54:14 +0200 Subject: [PATCH 096/127] docs: use "console" code-hint for shell examples This replaces the use of bash where suitable, to allow easier copy/pasting of shell examples without copying the prompt or process output. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 47ba76afb159273e35326bd0cb548e960c51fbc7) Signed-off-by: Sebastiaan van Stijn --- docs/deprecated.md | 4 +- docs/extend/index.md | 40 +++--- docs/extend/plugin_api.md | 8 +- docs/extend/plugins_authorization.md | 17 +-- docs/extend/plugins_graphdriver.md | 4 +- docs/extend/plugins_logging.md | 1 + docs/extend/plugins_network.md | 4 +- docs/extend/plugins_services.md | 39 ++--- docs/extend/plugins_volume.md | 2 +- docs/reference/builder.md | 2 + docs/reference/commandline/attach.md | 25 ++-- docs/reference/commandline/build.md | 65 ++++----- docs/reference/commandline/cli.md | 2 +- docs/reference/commandline/commit.md | 6 +- docs/reference/commandline/config_create.md | 8 +- docs/reference/commandline/config_inspect.md | 6 +- docs/reference/commandline/config_ls.md | 14 +- docs/reference/commandline/config_rm.md | 2 +- docs/reference/commandline/container_prune.md | 6 +- docs/reference/commandline/context_create.md | 12 +- docs/reference/commandline/context_inspect.md | 2 +- docs/reference/commandline/context_ls.md | 4 +- docs/reference/commandline/context_update.md | 2 +- docs/reference/commandline/cp.md | 4 +- docs/reference/commandline/create.md | 13 +- docs/reference/commandline/diff.md | 2 +- docs/reference/commandline/dockerd.md | 96 ++++++------- docs/reference/commandline/events.md | 12 +- docs/reference/commandline/exec.md | 14 +- docs/reference/commandline/export.md | 4 +- docs/reference/commandline/history.md | 6 +- docs/reference/commandline/image_prune.md | 14 +- docs/reference/commandline/images.md | 38 ++--- docs/reference/commandline/import.md | 34 ++--- docs/reference/commandline/info.md | 10 +- docs/reference/commandline/inspect.md | 16 +-- docs/reference/commandline/kill.md | 6 +- docs/reference/commandline/load.md | 3 +- docs/reference/commandline/login.md | 4 +- docs/reference/commandline/logout.md | 2 +- docs/reference/commandline/logs.md | 2 +- docs/reference/commandline/manifest.md | 24 ++-- docs/reference/commandline/network_connect.md | 14 +- docs/reference/commandline/network_create.md | 16 +-- .../commandline/network_disconnect.md | 2 +- docs/reference/commandline/network_inspect.md | 12 +- docs/reference/commandline/network_ls.md | 30 ++-- docs/reference/commandline/network_prune.md | 4 +- docs/reference/commandline/network_rm.md | 8 +- docs/reference/commandline/node_demote.md | 2 +- docs/reference/commandline/node_inspect.md | 6 +- docs/reference/commandline/node_ls.md | 16 ++- docs/reference/commandline/node_promote.md | 2 +- docs/reference/commandline/node_ps.md | 12 +- docs/reference/commandline/node_rm.md | 5 +- docs/reference/commandline/node_update.md | 2 +- docs/reference/commandline/pause.md | 2 +- docs/reference/commandline/plugin_create.md | 2 +- docs/reference/commandline/plugin_disable.md | 4 +- docs/reference/commandline/plugin_enable.md | 4 +- docs/reference/commandline/plugin_inspect.md | 4 +- docs/reference/commandline/plugin_install.md | 4 +- docs/reference/commandline/plugin_ls.md | 6 +- docs/reference/commandline/plugin_push.md | 2 +- docs/reference/commandline/plugin_rm.md | 2 +- docs/reference/commandline/plugin_set.md | 8 +- docs/reference/commandline/plugin_upgrade.md | 2 +- docs/reference/commandline/port.md | 2 +- docs/reference/commandline/ps.md | 54 +++---- docs/reference/commandline/pull.md | 51 ++++--- docs/reference/commandline/push.md | 12 +- docs/reference/commandline/rename.md | 2 +- docs/reference/commandline/restart.md | 2 +- docs/reference/commandline/rm.md | 10 +- docs/reference/commandline/rmi.md | 8 +- docs/reference/commandline/run.md | 98 ++++++------- docs/reference/commandline/save.md | 8 +- docs/reference/commandline/search.md | 15 +- docs/reference/commandline/secret_create.md | 17 +-- docs/reference/commandline/secret_inspect.md | 6 +- docs/reference/commandline/secret_ls.md | 14 +- docs/reference/commandline/secret_rm.md | 2 +- docs/reference/commandline/service_create.md | 81 +++++------ docs/reference/commandline/service_inspect.md | 10 +- docs/reference/commandline/service_ls.md | 14 +- docs/reference/commandline/service_ps.md | 17 ++- docs/reference/commandline/service_rm.md | 2 +- .../reference/commandline/service_rollback.md | 8 +- docs/reference/commandline/service_scale.md | 10 +- docs/reference/commandline/service_update.md | 19 +-- docs/reference/commandline/stack_deploy.md | 8 +- docs/reference/commandline/stack_ls.md | 4 +- docs/reference/commandline/stack_ps.md | 30 ++-- docs/reference/commandline/stack_rm.md | 4 +- docs/reference/commandline/stack_services.md | 6 +- docs/reference/commandline/start.md | 2 +- docs/reference/commandline/stats.md | 10 +- docs/reference/commandline/stop.md | 2 +- docs/reference/commandline/swarm_ca.md | 7 +- docs/reference/commandline/swarm_init.md | 16 ++- .../reference/commandline/swarm_join-token.md | 6 +- docs/reference/commandline/swarm_join.md | 6 +- docs/reference/commandline/swarm_leave.md | 4 +- .../reference/commandline/swarm_unlock-key.md | 6 +- docs/reference/commandline/swarm_unlock.md | 2 +- docs/reference/commandline/swarm_update.md | 2 +- docs/reference/commandline/system_df.md | 8 +- docs/reference/commandline/system_events.md | 12 +- docs/reference/commandline/system_prune.md | 4 +- docs/reference/commandline/tag.md | 8 +- docs/reference/commandline/trust_inspect.md | 22 +-- .../commandline/trust_key_generate.md | 4 +- docs/reference/commandline/trust_key_load.md | 4 +- docs/reference/commandline/trust_revoke.md | 12 +- docs/reference/commandline/trust_sign.md | 18 +-- .../reference/commandline/trust_signer_add.md | 26 ++-- .../commandline/trust_signer_remove.md | 19 +-- docs/reference/commandline/unpause.md | 2 +- docs/reference/commandline/update.md | 12 +- docs/reference/commandline/version.md | 12 +- docs/reference/commandline/volume_create.md | 10 +- docs/reference/commandline/volume_inspect.md | 7 +- docs/reference/commandline/volume_ls.md | 19 +-- docs/reference/commandline/volume_prune.md | 2 +- docs/reference/commandline/volume_rm.md | 2 +- docs/reference/commandline/wait.md | 8 +- docs/reference/run.md | 135 +++++++++--------- 127 files changed, 861 insertions(+), 812 deletions(-) diff --git a/docs/deprecated.md b/docs/deprecated.md index 0f3cba83b662..e17450507da4 100644 --- a/docs/deprecated.md +++ b/docs/deprecated.md @@ -588,9 +588,9 @@ Log tags are now generated in a standard way across different logging drivers. Because of which, the driver specific log tag options `syslog-tag`, `gelf-tag` and `fluentd-tag` have been deprecated in favor of the generic `tag` option. -```bash +```console {% raw %} -docker --log-driver=syslog --log-opt tag="{{.ImageName}}/{{.Name}}/{{.ID}}" +$ docker --log-driver=syslog --log-opt tag="{{.ImageName}}/{{.Name}}/{{.ID}}" {% endraw %} ``` diff --git a/docs/extend/index.md b/docs/extend/index.md index dd885d535fda..2608d0590baf 100644 --- a/docs/extend/index.md +++ b/docs/extend/index.md @@ -55,7 +55,7 @@ enabled, and use it to create a volume. 1. Install the `sshfs` plugin. - ```bash + ```console $ docker plugin install vieux/sshfs Plugin "vieux/sshfs" is requesting the following privileges: @@ -74,7 +74,7 @@ enabled, and use it to create a volume. 2. Check that the plugin is enabled in the output of `docker plugin ls`. - ```bash + ```console $ docker plugin ls ID NAME TAG DESCRIPTION ENABLED @@ -87,7 +87,7 @@ enabled, and use it to create a volume. This volume can now be mounted into containers. - ```bash + ```console $ docker volume create \ -d vieux/sshfs \ --name sshvolume \ @@ -96,9 +96,10 @@ enabled, and use it to create a volume. sshvolume ``` + 4. Verify that the volume was created successfully. - ```bash + ```console $ docker volume ls DRIVER NAME @@ -107,18 +108,19 @@ enabled, and use it to create a volume. 5. Start a container that uses the volume `sshvolume`. - ```bash + ```console $ docker run --rm -v sshvolume:/data busybox ls /data ``` 6. Remove the volume `sshvolume` - ```bash - docker volume rm sshvolume + ```console + $ docker volume rm sshvolume sshvolume ``` + To disable a plugin, use the `docker plugin disable` command. To completely remove it, use the `docker plugin remove` command. For other available commands and options, see the @@ -134,7 +136,7 @@ example, it was created from a Dockerfile: >**Note:** The `/run/docker/plugins` directory is mandatory inside of the plugin's filesystem for docker to communicate with the plugin. -```bash +```console $ git clone https://github.com/vieux/docker-volume-sshfs $ cd docker-volume-sshfs $ docker build -t rootfsimage . @@ -193,13 +195,13 @@ Stdout of a plugin is redirected to dockerd logs. Such entries have a `f52a3df433b9aceee436eaada0752f5797aab1de47e5485f1690a073b860ff62` and their corresponding log entries in the docker daemon logs. -```bash +```console $ docker plugin install tiborvass/sample-volume-plugin INFO[0036] Starting... Found 0 volumes on startup plugin=f52a3df433b9aceee436eaada0752f5797aab1de47e5485f1690a073b860ff62 ``` -```bash +```console $ docker volume create -d tiborvass/sample-volume-plugin samplevol INFO[0193] Create Called... Ensuring directory /data/samplevol exists on host... plugin=f52a3df433b9aceee436eaada0752f5797aab1de47e5485f1690a073b860ff62 @@ -208,7 +210,7 @@ INFO[0193] Created volume samplevol with mountpoint /data/samp INFO[0193] Path Called... Returned path /data/samplevol plugin=f52a3df433b9aceee436eaada0752f5797aab1de47e5485f1690a073b860ff62 ``` -```bash +```console $ docker run -v samplevol:/tmp busybox sh INFO[0421] Get Called... Found samplevol plugin=f52a3df433b9aceee436eaada0752f5797aab1de47e5485f1690a073b860ff62 @@ -223,7 +225,7 @@ INFO[0421] Unmount Called... Unmounted samplevol plugin=f52a3df433b9a plugins. This is specifically useful to collect plugin logs if they are redirected to a file. -```bash +```console $ sudo docker-runc --root /var/run/docker/plugins/runtime-root/moby-plugins list ID PID STATUS BUNDLE CREATED OWNER @@ -232,13 +234,14 @@ ID PID S c5bb4b90941efcaccca999439ed06d6a6affdde7081bb34dc84126b57b3e793d 14984 running /run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby-plugins/c5bb4b90941efcaccca999439ed06d6a6affdde7081bb34dc84126b57b3e793d 2018-02-08T21:35:12.321288966Z root ``` -```bash +```console $ sudo docker-runc --root /var/run/docker/plugins/runtime-root/moby-plugins exec 93f1e7dbfe11c938782c2993628c895cf28e2274072c4a346a6002446c949b25 cat /var/log/plugin.log ``` If the plugin has a built-in shell, then exec into the plugin can be done as follows: -```bash + +```console $ sudo docker-runc --root /var/run/docker/plugins/runtime-root/moby-plugins exec -t 93f1e7dbfe11c938782c2993628c895cf28e2274072c4a346a6002446c949b25 sh ``` @@ -251,17 +254,18 @@ the plugin is listening on the said socket. For a well functioning plugin, these basic requests should work. Note that plugin sockets are available on the host under `/var/run/docker/plugins/` -```bash -curl -H "Content-Type: application/json" -XPOST -d '{}' --unix-socket /var/run/docker/plugins/e8a37ba56fc879c991f7d7921901723c64df6b42b87e6a0b055771ecf8477a6d/plugin.sock http:/VolumeDriver.List +```console +$ curl -H "Content-Type: application/json" -XPOST -d '{}' --unix-socket /var/run/docker/plugins/e8a37ba56fc879c991f7d7921901723c64df6b42b87e6a0b055771ecf8477a6d/plugin.sock http:/VolumeDriver.List {"Mountpoint":"","Err":"","Volumes":[{"Name":"myvol1","Mountpoint":"/data/myvol1"},{"Name":"myvol2","Mountpoint":"/data/myvol2"}],"Volume":null} ``` -```bash -curl -H "Content-Type: application/json" -XPOST -d '{}' --unix-socket /var/run/docker/plugins/45e00a7ce6185d6e365904c8bcf62eb724b1fe307e0d4e7ecc9f6c1eb7bcdb70/plugin.sock http:/NetworkDriver.GetCapabilities +```console +$ curl -H "Content-Type: application/json" -XPOST -d '{}' --unix-socket /var/run/docker/plugins/45e00a7ce6185d6e365904c8bcf62eb724b1fe307e0d4e7ecc9f6c1eb7bcdb70/plugin.sock http:/NetworkDriver.GetCapabilities {"Scope":"local"} ``` + When using curl 7.5 and above, the URL should be of the form `http://hostname/APICall`, where `hostname` is the valid hostname where the plugin is installed and `APICall` is the call to the plugin API. diff --git a/docs/extend/plugin_api.md b/docs/extend/plugin_api.md index 2a317f953aa2..d1c415af9c1b 100644 --- a/docs/extend/plugin_api.md +++ b/docs/extend/plugin_api.md @@ -114,7 +114,7 @@ a `service` file and a `socket` file. The `service` file (for example `/lib/systemd/system/your-plugin.service`): -``` +```systemd [Unit] Description=Your plugin Before=docker.service @@ -127,9 +127,10 @@ ExecStart=/usr/lib/docker/your-plugin [Install] WantedBy=multi-user.target ``` + The `socket` file (for example `/lib/systemd/system/your-plugin.socket`): -``` +```systemd [Unit] Description=Your plugin @@ -166,7 +167,8 @@ Plugins are activated via the following "handshake" API call. **Request:** empty body **Response:** -``` + +```json { "Implements": ["VolumeDriver"] } diff --git a/docs/extend/plugins_authorization.md b/docs/extend/plugins_authorization.md index 6cee34e80259..2fc444e1017d 100644 --- a/docs/extend/plugins_authorization.md +++ b/docs/extend/plugins_authorization.md @@ -116,7 +116,7 @@ value. This value can be the plugin’s socket or a path to a specification file Authorization plugins can be loaded without restarting the daemon. Refer to the [`dockerd` documentation](../reference/commandline/dockerd.md#configuration-reload-behavior) for more information. -```bash +```console $ dockerd --authorization-plugin=plugin1 --authorization-plugin=plugin2,... ``` @@ -124,26 +124,26 @@ Docker's authorization subsystem supports multiple `--authorization-plugin` para ### Calling authorized command (allow) -```bash +```console $ docker pull centos -... +<...> f1b10cd84249: Pull complete -... +<...> ``` ### Calling unauthorized command (deny) -```bash +```console $ docker pull centos -... +<...> docker: Error response from daemon: authorization denied by plugin PLUGIN_NAME: volumes are not allowed. ``` ### Error from plugins -```bash +```console $ docker pull centos -... +<...> docker: Error response from daemon: plugin PLUGIN_NAME failed with error: AuthZPlugin.AuthZReq: Cannot connect to the Docker daemon. Is the docker daemon running on this host?. ``` @@ -180,6 +180,7 @@ should implement the following two methods: "Err": "The error message if things go wrong" } ``` + #### /AuthZPlugin.AuthZRes **Request**: diff --git a/docs/extend/plugins_graphdriver.md b/docs/extend/plugins_graphdriver.md index d8d4531d8cf2..da7ab68ea2f0 100644 --- a/docs/extend/plugins_graphdriver.md +++ b/docs/extend/plugins_graphdriver.md @@ -31,7 +31,7 @@ You need to install and enable the plugin and then restart the Docker daemon before using the plugin. See the following example for the correct ordering of steps. -``` +```console $ docker plugin install cpuguy83/docker-overlay2-graphdriver-plugin # this command also enables the driver $ pkill dockerd @@ -309,6 +309,7 @@ Get an archive of the changes between the filesystem layers specified by the `ID and `Parent`. `Parent` may be an empty string, in which case there is no parent. **Response**: + ``` {% raw %} {{ TAR STREAM }} @@ -354,6 +355,7 @@ Respond with a non-empty string error if an error occurred. ### /GraphDriver.ApplyDiff **Request**: + ``` {% raw %} {{ TAR STREAM }} diff --git a/docs/extend/plugins_logging.md b/docs/extend/plugins_logging.md index fbfd2197c14a..6405dd26cf37 100644 --- a/docs/extend/plugins_logging.md +++ b/docs/extend/plugins_logging.md @@ -211,6 +211,7 @@ as they come in once the existing logs have been read. to determine what set of logs to read. **Response**: + ``` {% raw %}{{ log stream }}{% endraw %} ``` diff --git a/docs/extend/plugins_network.md b/docs/extend/plugins_network.md index 93aea4bd0f9d..1e218bb4d4b1 100644 --- a/docs/extend/plugins_network.md +++ b/docs/extend/plugins_network.md @@ -42,7 +42,7 @@ Once running however, network driver plugins are used just like the built-in network drivers: by being mentioned as a driver in network-oriented Docker commands. For example, -```bash +```console $ docker network create --driver weave mynet ``` @@ -51,7 +51,7 @@ Some network driver plugins are listed in [plugins](legacy_plugins.md) The `mynet` network is now owned by `weave`, so subsequent commands referring to that network will be sent to the plugin, -```bash +```console $ docker run --network=mynet busybox top ``` diff --git a/docs/extend/plugins_services.md b/docs/extend/plugins_services.md index cd94d11cb5e6..20889dd976ca 100644 --- a/docs/extend/plugins_services.md +++ b/docs/extend/plugins_services.md @@ -29,20 +29,20 @@ node1 is the manager and node2 is the worker. 1. Prepare manager. In node 1: - ```bash + ```console $ docker swarm init Swarm initialized: current node (dxn1zf6l61qsb1josjja83ngz) is now a manager. ``` 2. Join swarm, install plugin and create volume on worker. In node 2: - ```bash + ```console $ docker swarm join \ - --token SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c \ - 192.168.99.100:2377 + --token SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c \ + 192.168.99.100:2377 ``` - ```bash + ```console $ docker plugin install tiborvass/sample-volume-plugin latest: Pulling from tiborvass/sample-volume-plugin eb9c16fbdc53: Download complete @@ -51,23 +51,24 @@ node1 is the manager and node2 is the worker. Installed plugin tiborvass/sample-volume-plugin ``` - ```bash + ```console $ docker volume create -d tiborvass/sample-volume-plugin --name pluginVol ``` 3. Create a service using the plugin and volume. In node1: - ```bash + ```console $ docker service create --name my-service --mount type=volume,volume-driver=tiborvass/sample-volume-plugin,source=pluginVol,destination=/tmp busybox top $ docker service ls z1sj8bb8jnfn my-service replicated 1/1 busybox:latest ``` - docker service ls shows service 1 instance of service running. + + `docker service ls` shows service 1 instance of service running. 4. Observe the task getting scheduled in node 2: - ```bash + ```console {% raw %} $ docker ps --format '{{.ID}}\t {{.Status}} {{.Names}} {{.Command}}' 83fc1e842599 Up 2 days my-service.1.9jn59qzn7nbc3m0zt1hij12xs "top" @@ -87,7 +88,7 @@ Note that node1 is the manager and node2 is the worker. 1. Install a global scoped network plugin on both manager and worker. On node1 and node2: - ```bash + ```console $ docker plugin install bboreham/weave2 Plugin "bboreham/weave2" is requesting the following privileges: - network: [host] @@ -102,7 +103,7 @@ Note that node1 is the manager and node2 is the worker. 2. Create a network using plugin on manager. On node1: - ```bash + ```console $ docker network create --driver=bboreham/weave2:latest globalnet $ docker network ls @@ -115,12 +116,12 @@ containers get scheduled on both manager and worker. On node 1: - ```bash + ```console $ docker service create --network globalnet --name myservice --replicas=8 mrjana/simpleweb simpleweb w90drnfzw85nygbie9kb89vpa ``` - ```bash + ```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 87520965206a mrjana/simpleweb@sha256:317d7f221d68c86d503119b0ea12c29de42af0a22ca087d522646ad1069a47a4 "simpleweb" 5 seconds ago Up 4 seconds myservice.4.ytdzpktmwor82zjxkh118uf1v @@ -131,7 +132,7 @@ w90drnfzw85nygbie9kb89vpa On node 2: - ```bash + ```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 53c0ae7c1dae mrjana/simpleweb@sha256:317d7f221d68c86d503119b0ea12c29de42af0a22ca087d522646ad1069a47a4 "simpleweb" 2 seconds ago Up Less than a second myservice.7.x44tvvdm3iwkt9kif35f7ykz1 @@ -142,14 +143,14 @@ w90drnfzw85nygbie9kb89vpa 4. Scale down the number of instances. On node1: - ```bash + ```console $ docker service scale myservice=0 myservice scaled to 0 ``` 5. Disable and uninstall the plugin on the worker. On node2: - ```bash + ```console $ docker plugin rm -f bboreham/weave2 bboreham/weave2 ``` @@ -159,12 +160,12 @@ scheduled on the master and not on the worker, because the plugin is not availab On node 1: - ```bash + ```console $ docker service scale myservice=8 myservice scaled to 8 ``` - ```bash + ```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES cf4b0ec2415e mrjana/simpleweb@sha256:317d7f221d68c86d503119b0ea12c29de42af0a22ca087d522646ad1069a47a4 "simpleweb" 39 seconds ago Up 36 seconds myservice.3.r7p5o208jmlzpcbm2ytl3q6n1 @@ -179,7 +180,7 @@ scheduled on the master and not on the worker, because the plugin is not availab On node 2: - ```bash + ```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ``` diff --git a/docs/extend/plugins_volume.md b/docs/extend/plugins_volume.md index 74abfd1bff21..23e7cddf9e94 100644 --- a/docs/extend/plugins_volume.md +++ b/docs/extend/plugins_volume.md @@ -54,7 +54,7 @@ flags on the `docker container run` command. The `--volume` (or `-v`) flag accepts a volume name and path on the host, and the `--volume-driver` flag accepts a driver type. -```bash +```console $ docker volume create --driver=flocker volumename $ docker container run -it --volume volumename:/data busybox sh diff --git a/docs/reference/builder.md b/docs/reference/builder.md index b7a1c88e7f2f..f86601a6bfd1 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -759,6 +759,7 @@ RUN instruction onto the next line. For example, consider these two lines: RUN /bin/bash -c 'source $HOME/.bashrc; \ echo $HOME' ``` + Together they are equivalent to this single line: ```dockerfile @@ -938,6 +939,7 @@ the `--format` option to show just the labels; ```console $ docker image inspect --format='{{json .Config.Labels}}' myimage ``` + ```json { "com.example.vendor": "ACME Incorporated", diff --git a/docs/reference/commandline/attach.md b/docs/reference/commandline/attach.md index dcd8a91fa2ea..4418f7b054d3 100644 --- a/docs/reference/commandline/attach.md +++ b/docs/reference/commandline/attach.md @@ -84,7 +84,7 @@ containers, see [**Configuration file** section](cli.md#configuration-files). ### Attach to and detach from a running container -```bash +```console $ docker run -d --name topdemo ubuntu /usr/bin/top -b $ docker attach topdemo @@ -130,22 +130,19 @@ $ docker ps -a | grep topdemo And in this second example, you can see the exit code returned by the `bash` process is returned by the `docker attach` command to its caller too: -```bash - $ docker run --name test -d -it debian +```console +$ docker run --name test -d -it debian +275c44472aebd77c926d4527885bb09f2f6db21d878c75f0a1c212c03d3bcfab - 275c44472aebd77c926d4527885bb09f2f6db21d878c75f0a1c212c03d3bcfab +$ docker attach test +root@f38c87f2a42d:/# exit 13 - $ docker attach test +exit - root@f38c87f2a42d:/# exit 13 - - exit - - $ echo $? - - 13 +$ echo $? +13 - $ docker ps -a | grep test +$ docker ps -a | grep test - 275c44472aeb debian:7 "/bin/bash" 26 seconds ago Exited (13) 17 seconds ago test +275c44472aeb debian:7 "/bin/bash" 26 seconds ago Exited (13) 17 seconds ago test ``` diff --git a/docs/reference/commandline/build.md b/docs/reference/commandline/build.md index c4c36a2b6a4c..8f78c6618899 100644 --- a/docs/reference/commandline/build.md +++ b/docs/reference/commandline/build.md @@ -92,7 +92,7 @@ context. For example, run this command to use a directory called `docker` in the branch `container`: -```bash +```console $ docker build https://github.com/docker/rootfs.git#container:docker ``` @@ -120,7 +120,7 @@ Build Syntax Suffix | Commit Used | Build Context Used If you pass an URL to a remote tarball, the URL itself is sent to the daemon: -```bash +```console $ docker build http://server/context.tar.gz ``` @@ -136,7 +136,7 @@ build context. Tarball contexts must be tar archives conforming to the standard Instead of specifying a context, you can pass a single `Dockerfile` in the `URL` or pipe the file in via `STDIN`. To pipe a `Dockerfile` from `STDIN`: -```bash +```console $ docker build - < Dockerfile ``` @@ -176,7 +176,7 @@ build fails, a non-zero failure code will be returned. There should be informational output of the reason for failure output to `STDERR`: -```bash +```console $ docker build -t fail . Sending build context to Docker daemon 2.048 kB @@ -198,7 +198,7 @@ See also: ### Build with PATH -```bash +```console $ docker build . Uploading context 10240 bytes @@ -243,7 +243,7 @@ you must use `--rm=false`. This does not affect the build cache. ### Build with URL -```bash +```console $ docker build github.com/creack/docker-firefox ``` @@ -251,7 +251,7 @@ This will clone the GitHub repository and use the cloned repository as context. The Dockerfile at the root of the repository is used as Dockerfile. You can specify an arbitrary Git repository by using the `git://` or `git@` scheme. -```bash +```console $ docker build -f ctx/Dockerfile http://server/ctx.tar.gz Downloading context: http://server/ctx.tar.gz [===================>] 240 B/240 B @@ -277,7 +277,7 @@ ctx/container.cfg /` operation works as expected. ### Build with - -```bash +```console $ docker build - < Dockerfile ``` @@ -286,7 +286,7 @@ context, no contents of any local directory will be sent to the Docker daemon. Since there is no context, a Dockerfile `ADD` only works if it refers to a remote URL. -```bash +```console $ docker build - < context.tar.gz ``` @@ -295,7 +295,7 @@ formats are: bzip2, gzip and xz. ### Use a .dockerignore file -```bash +```console $ docker build . Uploading context 18.829 MB @@ -334,7 +334,7 @@ files. ### Tag an image (-t) -```bash +```console $ docker build -t vieux/apache:2.0 . ``` @@ -348,27 +348,27 @@ version. For example, to tag an image both as `whenry/fedora-jboss:latest` and `whenry/fedora-jboss:v2.1`, use the following: -```bash +```console $ docker build -t whenry/fedora-jboss:latest -t whenry/fedora-jboss:v2.1 . ``` ### Specify a Dockerfile (-f) -```bash +```console $ docker build -f Dockerfile.debug . ``` This will use a file called `Dockerfile.debug` for the build instructions instead of `Dockerfile`. -```bash +```console $ curl example.com/remote/Dockerfile | docker build -f - . ``` The above command will use the current directory as the build context and read a Dockerfile from stdin. -```bash +```console $ docker build -f dockerfiles/Dockerfile.debug -t myapp_debug . $ docker build -f dockerfiles/Dockerfile.prod -t myapp_prod . ``` @@ -377,7 +377,7 @@ The above commands will build the current build context (as specified by the `.`) twice, once using a debug version of a `Dockerfile` and once using a production version. -```bash +```console $ cd /home/me/myapp/some/dir/really/deep $ docker build -f /home/me/myapp/dockerfiles/debug /home/me/myapp $ docker build -f ../../../../dockerfiles/debug /home/me/myapp @@ -420,7 +420,7 @@ A good example is `http_proxy` or source versions for pulling intermediate files. The `ARG` instruction lets Dockerfile authors define values that users can set at build-time using the `--build-arg` flag: -```bash +```console $ docker build --build-arg HTTP_PROXY=http://10.20.30.2:1234 --build-arg FTP_PROXY=http://40.50.60.5:4567 . ``` @@ -439,7 +439,7 @@ You may also use the `--build-arg` flag without a value, in which case the value from the local environment will be propagated into the Docker container being built: -```bash +```console $ export HTTP_PROXY=http://10.20.30.2:1234 $ docker build --build-arg HTTP_PROXY . ``` @@ -491,7 +491,7 @@ FROM alpine AS production-env ... ``` -```bash +```console $ docker build -t mybuildimage --target build-env . ``` @@ -516,7 +516,7 @@ The following example builds an image using the current directory (`.`) as build context, and exports the files to a directory named `out` in the current directory. If the directory does not exist, Docker creates the directory automatically: -```bash +```console $ docker build -o out . ``` @@ -525,13 +525,13 @@ thus uses the default (`local`) exporter. The example below shows the equivalent using the long-hand CSV syntax, specifying both `type` and `dest` (destination path): -```bash +```console $ docker build --output type=local,dest=out . ``` Use the `tar` type to export the files as a `.tar` archive: -```bash +```console $ docker build --output type=tar,dest=out.tar . ``` @@ -540,8 +540,8 @@ case, `-` is specified as destination, which automatically selects the `tar` typ and writes the output tarball to standard output, which is then redirected to the `out.tar` file: -```bash -docker build -o - . > out.tar +```console +$ docker build -o - . > out.tar ``` The `--output` option exports all files from the target stage. A common pattern @@ -562,7 +562,7 @@ COPY --from=build-stage /go/bin/vndr / When building the Dockerfile with the `-o` option, only the files from the final stage are exported to the `out` directory, in this case, the `vndr` binary: -```bash +```console $ docker build -o out . [+] Building 2.3s (7/7) FINISHED @@ -610,7 +610,7 @@ options) allow pulling layer data for intermediate stages in multi-stage builds. The following example builds an image with inline-cache metadata and pushes it to a registry, then uses the image as a cache source on another machine: -```bash +```console $ docker build -t myname/myapp --build-arg BUILDKIT_INLINE_CACHE=1 . $ docker push myname/myapp ``` @@ -618,8 +618,9 @@ $ docker push myname/myapp After pushing the image, the image is used as cache source on another machine. BuildKit automatically pulls the image from the registry if needed. -```bash -# on another machine +On another machine: + +```console $ docker build --cache-from myname/myapp . ``` @@ -725,7 +726,7 @@ To enable experimental features, you need to start the Docker daemon with Then make sure the experimental flag is enabled: -```bash +```console $ docker version -f '{{.Server.Experimental}}' true ``` @@ -745,15 +746,15 @@ RUN rm /remove_me An image named `test` is built with `--squash` argument. -```bash +```console $ docker build --squash -t test . -[...] +<...> ``` If everything is right, the history looks like this: -```bash +```console $ docker history test IMAGE CREATED CREATED BY SIZE COMMENT diff --git a/docs/reference/commandline/cli.md b/docs/reference/commandline/cli.md index b2988adcbecf..e189d0428952 100644 --- a/docs/reference/commandline/cli.md +++ b/docs/reference/commandline/cli.md @@ -24,7 +24,7 @@ redirect_from: To list available commands, either run `docker` with no parameters or execute `docker help`: -```bash +```console $ docker Usage: docker [OPTIONS] COMMAND [ARG...] docker [ --help | -v | --version ] diff --git a/docs/reference/commandline/commit.md b/docs/reference/commandline/commit.md index 4af081440b2d..9fb49c3b66f6 100644 --- a/docs/reference/commandline/commit.md +++ b/docs/reference/commandline/commit.md @@ -43,7 +43,7 @@ created. Supported `Dockerfile` instructions: ### Commit a container -```bash +```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -62,7 +62,7 @@ svendowideit/testimage version3 f5283438590d 16 sec ### Commit a container with new configurations -```bash +```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -84,7 +84,7 @@ $ docker inspect -f "{{ .Config.Env }}" f5283438590d ### Commit a container with new `CMD` and `EXPOSE` instructions -```bash +```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES diff --git a/docs/reference/commandline/config_create.md b/docs/reference/commandline/config_create.md index 957484626502..eca320a84fb9 100644 --- a/docs/reference/commandline/config_create.md +++ b/docs/reference/commandline/config_create.md @@ -33,7 +33,7 @@ For detailed information about using configs, refer to [store configuration data ### Create a config -```bash +```console $ printf | docker config create my_config - onakdyv307se2tl7nl20anokv @@ -46,7 +46,7 @@ onakdyv307se2tl7nl20anokv my_config 6 seconds ago 6 seconds ag ### Create a config with a file -```bash +```console $ docker config create my_config ./config.json dg426haahpi5ezmkkj5kyl3sn @@ -59,7 +59,7 @@ dg426haahpi5ezmkkj5kyl3sn my_config 7 seconds ago 7 seconds ag ### Create a config with labels -```bash +```console $ docker config create \ --label env=dev \ --label rev=20170324 \ @@ -68,7 +68,7 @@ $ docker config create \ eo7jnzguqgtpdah3cm5srfb97 ``` -```bash +```console $ docker config inspect my_config [ diff --git a/docs/reference/commandline/config_inspect.md b/docs/reference/commandline/config_inspect.md index e93b67ede9da..d0d92a018493 100644 --- a/docs/reference/commandline/config_inspect.md +++ b/docs/reference/commandline/config_inspect.md @@ -43,14 +43,14 @@ You can inspect a config, either by its *name*, or *ID* For example, given the following config: -```bash +```console $ docker config ls ID NAME CREATED UPDATED eo7jnzguqgtpdah3cm5srfb97 my_config 3 minutes ago 3 minutes ago ``` -```bash +```console $ docker config inspect config.json ``` @@ -83,7 +83,7 @@ You can use the --format option to obtain specific information about a config. The following example command outputs the creation time of the config. -```bash +```console $ docker config inspect --format='{{.CreatedAt}}' eo7jnzguqgtpdah3cm5srfb97 2017-03-24 08:15:09.735271783 +0000 UTC diff --git a/docs/reference/commandline/config_ls.md b/docs/reference/commandline/config_ls.md index 4befdfdee4e8..196203422c39 100644 --- a/docs/reference/commandline/config_ls.md +++ b/docs/reference/commandline/config_ls.md @@ -36,7 +36,7 @@ For detailed information about using configs, refer to [store configuration data ## Examples -```bash +```console $ docker config ls ID NAME CREATED UPDATED @@ -60,7 +60,7 @@ The currently supported filters are: The `id` filter matches all or prefix of a config's id. -```bash +```console $ docker config ls -f "id=6697bflskwj1998km1gnnjr38" ID NAME CREATED UPDATED @@ -75,7 +75,7 @@ a `label` and a value. The following filter matches all configs with a `project` label regardless of its value: -```bash +```console $ docker config ls --filter label=project ID NAME CREATED UPDATED @@ -85,7 +85,7 @@ mem02h8n73mybpgqjf0kfi1n0 test_config About an hour ago Abou The following filter matches only services with the `project` label with the `project-a` value. -```bash +```console $ docker service ls --filter label=project=test ID NAME CREATED UPDATED @@ -98,7 +98,7 @@ The `name` filter matches on all or prefix of a config's name. The following filter matches config with a name containing a prefix of `test`. -```bash +```console $ docker config ls --filter name=test_config ID NAME CREATED UPDATED @@ -128,7 +128,7 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `ID` and `Name` entries separated by a colon (`:`) for all images: -```bash +```console $ docker config ls --format "{{.ID}}: {{.Name}}" 77af4d6b9913: config-1 @@ -139,7 +139,7 @@ b6fa739cedf5: config-2 To list all configs with their name and created date in a table format you can use: -```bash +```console $ docker config ls --format "table {{.ID}}\t{{.Name}}\t{{.CreatedAt}}" ID NAME CREATED diff --git a/docs/reference/commandline/config_rm.md b/docs/reference/commandline/config_rm.md index 72a64da60585..03b7413ce139 100644 --- a/docs/reference/commandline/config_rm.md +++ b/docs/reference/commandline/config_rm.md @@ -35,7 +35,7 @@ For detailed information about using configs, refer to [store configuration data This example removes a config: -```bash +```console $ docker config rm my_config sapth4csdo5b6wz2p5uimh5xg ``` diff --git a/docs/reference/commandline/container_prune.md b/docs/reference/commandline/container_prune.md index 9426939ee94a..c1101e25ce8e 100644 --- a/docs/reference/commandline/container_prune.md +++ b/docs/reference/commandline/container_prune.md @@ -26,7 +26,7 @@ Removes all stopped containers. ### Prune containers -```bash +```console $ docker container prune WARNING! This will remove all stopped containers. Are you sure you want to continue? [y/N] y @@ -66,7 +66,7 @@ containers without the specified labels. The following removes containers created more than 5 minutes ago: -```bash +```console $ docker ps -a --format 'table {{.ID}}\t{{.Image}}\t{{.Command}}\t{{.CreatedAt}}\t{{.Status}}' CONTAINER ID IMAGE COMMAND CREATED AT STATUS @@ -88,7 +88,7 @@ CONTAINER ID IMAGE COMMAND CREATED AT The following removes containers created before `2017-01-04T13:10:00`: -```bash +```console $ docker ps -a --format 'table {{.ID}}\t{{.Image}}\t{{.Command}}\t{{.CreatedAt}}\t{{.Status}}' CONTAINER ID IMAGE COMMAND CREATED AT STATUS diff --git a/docs/reference/commandline/context_create.md b/docs/reference/commandline/context_create.md index ac5fb7550070..c6e2d4303347 100644 --- a/docs/reference/commandline/context_create.md +++ b/docs/reference/commandline/context_create.md @@ -62,7 +62,7 @@ kubernetes options. The example below creates the context `my-context` with a docker endpoint of `/var/run/docker.sock` and a kubernetes configuration sourced from the file `/home/me/my-kube-config`: -```bash +```console $ docker context create \ --docker host=unix:///var/run/docker.sock \ --kubernetes config-file=/home/me/my-kube-config \ @@ -75,19 +75,19 @@ Use the `--from=` option to create a new context from an existing context. The example below creates a new context named `my-context` from the existing context `existing-context`: -```bash +```console $ docker context create --from existing-context my-context ``` If the `--from` option is not set, the `context` is created from the current context: -```bash +```console $ docker context create my-context ``` This can be used to create a context out of an existing `DOCKER_HOST` based script: -```bash +```console $ source my-setup-script.sh $ docker context create my-context ``` @@ -98,7 +98,7 @@ new context named `my-context` using the docker endpoint configuration from the existing context `existing-context` and a kubernetes configuration sourced from the file `/home/me/my-kube-config`: -```bash +```console $ docker context create \ --docker from=existing-context \ --kubernetes config-file=/home/me/my-kube-config \ @@ -110,7 +110,7 @@ To source only the `kubernetes` configuration from an existing context use the context named `my-context` using the kuberentes configuration from the existing context `existing-context` and a docker endpoint of `/var/run/docker.sock`: -```bash +```console $ docker context create \ --docker host=unix:///var/run/docker.sock \ --kubernetes from=existing-context \ diff --git a/docs/reference/commandline/context_inspect.md b/docs/reference/commandline/context_inspect.md index 562259651619..10e3bd8a7c63 100644 --- a/docs/reference/commandline/context_inspect.md +++ b/docs/reference/commandline/context_inspect.md @@ -23,7 +23,7 @@ Inspects one or more contexts. ### Inspect a context by name -```bash +```console $ docker context inspect "local+aks" [ diff --git a/docs/reference/commandline/context_ls.md b/docs/reference/commandline/context_ls.md index 181940e27221..5d0a3c875485 100644 --- a/docs/reference/commandline/context_ls.md +++ b/docs/reference/commandline/context_ls.md @@ -25,7 +25,9 @@ Options: Use `docker context ls` to print all contexts. The currently active context is indicated with an `*`: -```bash +```console +$ docker context ls + NAME DESCRIPTION DOCKER ENDPOINT KUBERNETES ENDPOINT ORCHESTRATOR default * Current DOCKER_HOST based configuration unix:///var/run/docker.sock swarm production tcp:///prod.corp.example.com:2376 diff --git a/docs/reference/commandline/context_update.md b/docs/reference/commandline/context_update.md index 959a42e49ab6..8b1721df6437 100644 --- a/docs/reference/commandline/context_update.md +++ b/docs/reference/commandline/context_update.md @@ -54,7 +54,7 @@ See [context create](context_create.md). ### Update an existing context -```bash +```console $ docker context update \ --description "some description" \ --docker "host=tcp://myserver:2376,ca=~/ca-file,cert=~/cert-file,key=~/key-file" \ diff --git a/docs/reference/commandline/cp.md b/docs/reference/commandline/cp.md index 839ce0022f3f..397d6eadc23a 100644 --- a/docs/reference/commandline/cp.md +++ b/docs/reference/commandline/cp.md @@ -95,11 +95,11 @@ the user in the container. However, you can still copy such files by manually running `tar` in `docker exec`. Both of the following examples do the same thing in different ways (consider `SRC_PATH` and `DEST_PATH` are directories): -```bash +```console $ docker exec CONTAINER tar Ccf $(dirname SRC_PATH) - $(basename SRC_PATH) | tar Cxf DEST_PATH - ``` -```bash +```console $ tar Ccf $(dirname SRC_PATH) - $(basename SRC_PATH) | docker exec -i CONTAINER tar Cxf DEST_PATH - ``` diff --git a/docs/reference/commandline/create.md b/docs/reference/commandline/create.md index 94381710b612..21fce0e8e667 100644 --- a/docs/reference/commandline/create.md +++ b/docs/reference/commandline/create.md @@ -131,6 +131,7 @@ Options: --volumes-from value Mount volumes from the specified container(s) (default []) -w, --workdir string Working directory inside the container ``` + ## Description The `docker create` command creates a writeable container layer over the @@ -149,7 +150,7 @@ Please see the [run command](run.md) section and the [Docker run reference](../r ### Create and start a container -```bash +```console $ docker create -t -i fedora bash 6d8af538ec541dd581ebc2a24153a28329acb5268abe5ef868c1f1a261221752 @@ -165,7 +166,7 @@ As of v1.4.0 container volumes are initialized during the `docker create` phase (i.e., `docker run` too). For example, this allows you to `create` the `data` volume container, and then use it from another container: -```bash +```console $ docker create -v /data --name data ubuntu 240633dfbb98128fa77473d3d9018f6123b99c454b3251427ae190a7d951ad57 @@ -180,7 +181,7 @@ drwxr-xr-x 48 root root 4096 Dec 5 04:11 .. Similarly, `create` a host directory bind mounted volume container, which can then be used from the subsequent container: -```bash +```console $ docker create -v /home/docker:/docker --name docker ubuntu 9aa88c08f319cd1e4515c3c46b0de7cc9aa75e878357b1e96f91e2c773029f03 @@ -202,7 +203,7 @@ drwxr-xr-x 32 1000 staff 1140 Dec 5 04:01 docker Set storage driver options per container. -```bash +```console $ docker create -it --storage-opt size=120G fedora /bin/bash ``` @@ -245,8 +246,8 @@ our container needs access to a character device with major `42` and any number of minor number (added as new devices appear), the following rule would be added: -``` -docker create --device-cgroup-rule='c 42:* rmw' -name my-container my-image +```console +$ docker create --device-cgroup-rule='c 42:* rmw' -name my-container my-image ``` Then, a user could ask `udev` to execute a script that would `docker exec my-container mknod newDevX c 42 ` diff --git a/docs/reference/commandline/diff.md b/docs/reference/commandline/diff.md index 51eab8d440fc..cc9c1c41333d 100644 --- a/docs/reference/commandline/diff.md +++ b/docs/reference/commandline/diff.md @@ -33,7 +33,7 @@ You can use the full or shortened container ID or the container name set using Inspect the changes to an `nginx` container: -```bash +```console $ docker diff 1fdfd1f54c1b C /dev diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index ea480b2950f5..ee1c31ad8c85 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -174,20 +174,21 @@ find examples of using Systemd socket activation with Docker and Systemd in the You can configure the Docker daemon to listen to multiple sockets at the same time using multiple `-H` options: -```bash -# listen using the default unix socket, and on 2 specific IP addresses on this host. +The example below runs the daemon listenin on the default unix socket, and +on 2 specific IP addresses on this host: +```console $ sudo dockerd -H unix:///var/run/docker.sock -H tcp://192.168.59.106 -H tcp://10.10.10.2 ``` The Docker client will honor the `DOCKER_HOST` environment variable to set the `-H` flag for the client. Use **one** of the following commands: -```bash +```console $ docker -H tcp://0.0.0.0:2375 ps ``` -```bash +```console $ export DOCKER_HOST="tcp://0.0.0.0:2375" $ docker ps @@ -197,7 +198,7 @@ Setting the `DOCKER_TLS_VERIFY` environment variable to any value other than the empty string is equivalent to setting the `--tlsverify` flag. The following are equivalent: -```bash +```console $ docker --tlsverify ps # or $ export DOCKER_TLS_VERIFY=1 @@ -210,7 +211,7 @@ precedence over `HTTP_PROXY`. The Docker client supports connecting to a remote daemon via SSH: -``` +```console $ docker -H ssh://me@example.com:22 ps $ docker -H ssh://me@example.com ps $ docker -H ssh://example.com ps @@ -267,22 +268,21 @@ when no `-H` was passed in. Run Docker in daemon mode: -```bash +```console $ sudo /dockerd -H 0.0.0.0:5555 & ``` Download an `ubuntu` image: -```bash +```console $ docker -H :5555 pull ubuntu ``` You can use multiple `-H`, for example, if you want to listen on both TCP and a Unix socket -```bash -# Run docker in daemon mode -$ sudo /dockerd -H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock & +```console +$ sudo dockerd -H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock & # Download an ubuntu image, use default Unix socket $ docker pull ubuntu # OR use the TCP port @@ -395,7 +395,7 @@ not use loopback in production. Ensure your Engine daemon has a ###### Example: -```bash +```console $ sudo dockerd --storage-opt dm.thinpooldev=/dev/mapper/thin-pool ``` @@ -406,7 +406,7 @@ device for you. ###### Example: -```bash +```console $ sudo dockerd --storage-opt dm.directlvm_device=/dev/xvdf ``` @@ -416,7 +416,7 @@ Sets the percentage of passed in block device to use for storage. ###### Example: -```bash +```console $ sudo dockerd --storage-opt dm.thinp_percent=95 ``` @@ -426,7 +426,7 @@ Sets the percentage of the passed in block device to use for metadata storage. ###### Example: -```bash +```console $ sudo dockerd --storage-opt dm.thinp_metapercent=1 ``` @@ -437,7 +437,7 @@ autoextend the available space [100 = disabled] ###### Example: -```bash +```console $ sudo dockerd --storage-opt dm.thinp_autoextend_threshold=80 ``` @@ -448,7 +448,7 @@ attempts to autoextend the available space [100 = disabled] ###### Example: -```bash +```console $ sudo dockerd --storage-opt dm.thinp_autoextend_percent=20 ``` @@ -467,7 +467,7 @@ new base device size. ###### Examples -```bash +```console $ sudo dockerd --storage-opt dm.basesize=50G ``` @@ -479,7 +479,7 @@ This value affects the system-wide "base" empty filesystem that may already be initialized and inherited by pulled images. Typically, a change to this value requires additional steps to take effect: - ```bash +```console $ sudo service docker stop $ sudo rm -rf /var/lib/docker @@ -502,7 +502,7 @@ much space. ###### Example -```bash +```console $ sudo dockerd --storage-opt dm.loopdatasize=200G ``` @@ -520,7 +520,7 @@ this much space. ###### Example -```bash +```console $ sudo dockerd --storage-opt dm.loopmetadatasize=4G ``` @@ -531,7 +531,7 @@ options are "ext4" and "xfs". The default is "xfs" ###### Example -```bash +```console $ sudo dockerd --storage-opt dm.fs=ext4 ``` @@ -541,7 +541,7 @@ Specifies extra mkfs arguments to be used when creating the base device. ###### Example -```bash +```console $ sudo dockerd --storage-opt "dm.mkfsarg=-O ^has_journal" ``` @@ -551,7 +551,7 @@ Specifies extra mount options used when mounting the thin devices. ###### Example -```bash +```console $ sudo dockerd --storage-opt dm.mountopt=nodiscard ``` @@ -567,7 +567,7 @@ device. ###### Example -```bash +```console $ sudo dockerd \ --storage-opt dm.datadev=/dev/sdb1 \ --storage-opt dm.metadatadev=/dev/sdc1 @@ -585,13 +585,13 @@ data, or even better on an SSD. If setting up a new metadata pool it is required to be valid. This can be achieved by zeroing the first 4k to indicate empty metadata, like this: -```bash +```console $ dd if=/dev/zero of=$metadata_dev bs=4096 count=1 ``` ###### Example -```bash +```console $ sudo dockerd \ --storage-opt dm.datadev=/dev/sdb1 \ --storage-opt dm.metadatadev=/dev/sdc1 @@ -604,7 +604,7 @@ blocksize is 64K. ###### Example -```bash +```console $ sudo dockerd --storage-opt dm.blocksize=512K ``` @@ -620,7 +620,7 @@ returned to the system for other use when containers are removed. ###### Examples -```bash +```console $ sudo dockerd --storage-opt dm.blkdiscard=false ``` @@ -632,11 +632,11 @@ Overrides the `udev` synchronization checks between `devicemapper` and `udev`. To view the `udev` sync support of a Docker daemon that is using the `devicemapper` driver, run: -```bash +```console $ docker info -[...] +<...> Udev Sync Supported: true -[...] +<...> ``` When `udev` sync support is `true`, then `devicemapper` and udev can @@ -650,7 +650,7 @@ results in errors and failures. (For information on these failures, see To allow the `docker` daemon to start, regardless of `udev` sync not being supported, set `dm.override_udev_sync_check` to true: -```bash +```console $ sudo dockerd --storage-opt dm.override_udev_sync_check=true ``` @@ -683,7 +683,7 @@ loop trying to remove a busy device. ###### Example -```bash +```console $ sudo dockerd --storage-opt dm.use_deferred_removal=true ``` @@ -701,7 +701,7 @@ Error deleting container: Error response from daemon: Cannot destroy container To avoid this failure, enable both deferred device deletion and deferred device removal on the daemon. -```bash +```console $ sudo dockerd \ --storage-opt dm.use_deferred_deletion=true \ --storage-opt dm.use_deferred_removal=true @@ -741,7 +741,7 @@ the issue. ###### Example -```bash +```console $ sudo dockerd --storage-opt dm.min_free_space=10% ``` @@ -757,7 +757,7 @@ ENOSPC and will shutdown filesystem. ###### Example -```bash +```console $ sudo dockerd --storage-opt dm.xfs_nospace_max_retries=0 ``` @@ -783,7 +783,7 @@ their corresponding levels when output by `dockerd`. ###### Example -```bash +```console $ sudo dockerd \ --log-level debug \ --storage-opt dm.libdm_log_level=7 @@ -799,7 +799,7 @@ By default docker will pick up the zfs filesystem where docker graph ###### Example -```bash +```console $ sudo dockerd -s zfs --storage-opt zfs.fsname=zroot/docker ``` @@ -814,7 +814,7 @@ a container with **--storage-opt size** option, docker should ensure the ###### Example -```bash +```console $ sudo dockerd -s btrfs --storage-opt btrfs.min_space=10G ``` @@ -837,7 +837,7 @@ conditions the user can pass any size less then the backing fs size. ###### Example -```bash +```console $ sudo dockerd -s overlay2 --storage-opt overlay2.size=1G ``` @@ -959,7 +959,7 @@ By default, the Docker daemon automatically starts `containerd`. If you want to control `containerd` startup, manually start `containerd` and pass the path to the `containerd` socket using the `--containerd` flag. For example: -```bash +```console $ sudo dockerd --containerd /var/run/dev/docker-containerd.sock ``` @@ -987,7 +987,7 @@ The following is an example adding 2 runtimes via the configuration: This is the same example via the command line: -```bash +```console $ sudo dockerd --add-runtime runc=runc --add-runtime custom=/usr/local/bin/my-runc-replacement ``` @@ -1009,7 +1009,7 @@ is used on cgroup v2 hosts with systemd available. This example sets the `cgroupdriver` to `systemd`: -```bash +```console $ sudo dockerd --exec-opt native.cgroupdriver=systemd ``` @@ -1030,13 +1030,13 @@ value is specified on daemon start, on Windows client, the default is To set the DNS server for all Docker containers, use: -```bash +```console $ sudo dockerd --dns 8.8.8.8 ``` To set the DNS search domain for all Docker containers, use: -```bash +```console $ sudo dockerd --dns-search example.com ``` @@ -1162,7 +1162,7 @@ TLS. To configure the client TLS settings used by the daemon can be configured using the `--cluster-store-opt` flag, specifying the paths to PEM encoded files. For example: -```bash +```console $ sudo dockerd \ --cluster-advertise 192.168.1.2:2376 \ --cluster-store etcd://192.168.1.2:2379 \ @@ -1189,7 +1189,7 @@ organization can purchase or build themselves. You can install one or more authorization plugins when you start the Docker `daemon` using the `--authorization-plugin=PLUGIN_ID` option. -```bash +```console $ sudo dockerd --authorization-plugin=plugin1 --authorization-plugin=plugin2,... ``` diff --git a/docs/reference/commandline/events.md b/docs/reference/commandline/events.md index d4ccec316314..4b626858cc4f 100644 --- a/docs/reference/commandline/events.md +++ b/docs/reference/commandline/events.md @@ -208,13 +208,13 @@ You'll need two shells for this example. **Shell 1: Listening for events:** -```bash +```console $ docker events ``` **Shell 2: Start and Stop containers:** -```bash +```console $ docker create --name test alpine:latest top $ docker start test $ docker stop test @@ -239,7 +239,7 @@ To exit the `docker events` command, use `CTRL+C`. You can filter the output by an absolute timestamp or relative time on the host machine, using the following different time syntaxes: -```bash +```console $ docker events --since 1483283804 2017-01-05T00:35:41.241772953+08:00 volume create testVol (driver=local) 2017-01-05T00:35:58.859401177+08:00 container create d9cd...4d70 (image=alpine:latest, name=test) @@ -292,7 +292,7 @@ $ docker events --since '2017-01-05T00:35:30' --until '2017-01-05T00:36:05' The following commands show several different ways to filter the `docker event` output. -```bash +```console $ docker events --filter 'event=stop' 2017-01-05T00:40:22.880175420+08:00 container stop 0fdb...ff37 (image=alpine:latest, name=test) @@ -388,7 +388,7 @@ $ docker events --filter 'scope=swarm' ### Format the output -```bash +```console $ docker events --filter 'type=container' --format 'Type={{.Type}} Status={{.Status}} ID={{.ID}}' Type=container Status=create ID=2ee349dac409e97974ce8d01b70d250b85e0ba8189299c126a87812311951e26 @@ -401,7 +401,7 @@ Type=container Status=destroy ID=2ee349dac409e97974ce8d01b70d250b85e0ba8189299 #### Format as JSON -```bash +```console $ docker events --format '{{json .}}' {"status":"create","id":"196016a57679bf42424484918746a9474cd905dd993c4d0f4.. diff --git a/docs/reference/commandline/exec.md b/docs/reference/commandline/exec.md index adfc6f7ea607..15a2eb5809b1 100644 --- a/docs/reference/commandline/exec.md +++ b/docs/reference/commandline/exec.md @@ -46,7 +46,7 @@ not work, but `docker exec -ti my_container sh -c "echo a && echo b"` will. First, start a container. -```bash +```console $ docker run --name ubuntu_bash --rm -i -t ubuntu bash ``` @@ -54,7 +54,7 @@ This will create a container named `ubuntu_bash` and start a Bash session. Next, execute a command on the container. -```bash +```console $ docker exec -d ubuntu_bash touch /tmp/execWorks ``` @@ -63,7 +63,7 @@ This will create a new file `/tmp/execWorks` inside the running container Next, execute an interactive `bash` shell on the container. -```bash +```console $ docker exec -it ubuntu_bash bash ``` @@ -71,7 +71,7 @@ This will create a new Bash session in the container `ubuntu_bash`. Next, set an environment variable in the current bash session. -```bash +```console $ docker exec -it -e VAR=1 ubuntu_bash bash ``` @@ -81,14 +81,14 @@ on the current Bash session. By default `docker exec` command runs in the same working directory set when container was created. -```bash +```console $ docker exec -it ubuntu_bash pwd / ``` You can select working directory for the command to execute into -```bash +```console $ docker exec -it -w /root ubuntu_bash pwd /root ``` @@ -98,7 +98,7 @@ $ docker exec -it -w /root ubuntu_bash pwd If the container is paused, then the `docker exec` command will fail with an error: -```bash +```console $ docker pause test test diff --git a/docs/reference/commandline/export.md b/docs/reference/commandline/export.md index 7f85fd27b4db..1eac5391619c 100644 --- a/docs/reference/commandline/export.md +++ b/docs/reference/commandline/export.md @@ -30,10 +30,10 @@ in the user guide for examples on exporting data in a volume. Each of these commands has the same result. -```bash +```console $ docker export red_panda > latest.tar ``` -```bash +```console $ docker export --output="latest.tar" red_panda ``` diff --git a/docs/reference/commandline/history.md b/docs/reference/commandline/history.md index c6cfdd1f7ba2..bbff26df3b85 100644 --- a/docs/reference/commandline/history.md +++ b/docs/reference/commandline/history.md @@ -24,7 +24,7 @@ Options: To see how the `docker:latest` image was built: -```bash +```console $ docker history docker IMAGE CREATED CREATED BY SIZE COMMENT @@ -38,7 +38,7 @@ be51b77efb42 8 days ago /bin/sh -c apt-get update && apt-get ins To see how the `docker:apache` image was added to a container's base image: -```bash +```console $ docker history docker:scm IMAGE CREATED CREATED BY SIZE COMMENT 2ac9d1098bf1 3 months ago /bin/bash 241.4 MB Added Apache to Fedora base image @@ -71,7 +71,7 @@ The following example uses a template without headers and outputs the `ID` and `CreatedSince` entries separated by a colon (`:`) for the `busybox` image: -```bash +```console $ docker history --format "{{.ID}}: {{.CreatedSince}}" busybox f6e427c148a7: 4 weeks ago diff --git a/docs/reference/commandline/image_prune.md b/docs/reference/commandline/image_prune.md index ac750517912c..7b3f968488db 100644 --- a/docs/reference/commandline/image_prune.md +++ b/docs/reference/commandline/image_prune.md @@ -26,7 +26,7 @@ Remove all dangling images. If `-a` is specified, will also remove all images no Example output: -```bash +```console $ docker image prune -a WARNING! This will remove all images without at least one container associated to them. @@ -101,7 +101,7 @@ images without the specified labels. The following removes images created before `2017-01-04T00:00:00`: -```bash +```console $ docker images --format 'table {{.Repository}}\t{{.Tag}}\t{{.ID}}\t{{.CreatedAt}}\t{{.Size}}' REPOSITORY TAG IMAGE ID CREATED AT SIZE foo latest 2f287ac753da 2017-01-04 13:42:23 -0800 PST 3.98 MB @@ -128,7 +128,7 @@ foo latest 2f287ac753da 2017-01-04 13:42:23 The following removes images created more than 10 days (`240h`) ago: -```bash +```console $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE @@ -168,25 +168,25 @@ busybox latest e02e811dd08f 2 months ago The following example removes images with the label `deprecated`: -```bash +```console $ docker image prune --filter="label=deprecated" ``` The following example removes images with the label `maintainer` set to `john`: -```bash +```console $ docker image prune --filter="label=maintainer=john" ``` This example removes images which have no `maintainer` label: -```bash +```console $ docker image prune --filter="label!=maintainer" ``` This example removes images which have a maintainer label not set to `john`: -```bash +```console $ docker image prune --filter="label!=maintainer=john" ``` diff --git a/docs/reference/commandline/images.md b/docs/reference/commandline/images.md index e64fd32dc186..5577de44beae 100644 --- a/docs/reference/commandline/images.md +++ b/docs/reference/commandline/images.md @@ -48,7 +48,7 @@ uses up the `SIZE` listed only once. ### List the most recently created images -```bash +```console $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE @@ -72,7 +72,7 @@ given repository. For example, to list all images in the "java" repository, run this command : -```bash +```console $ docker images java REPOSITORY TAG IMAGE ID CREATED SIZE @@ -88,7 +88,7 @@ If both `REPOSITORY` and `TAG` are provided, only images matching that repository and tag are listed. To find all local images in the "java" repository with tag "8" you can use: -```bash +```console $ docker images java:8 REPOSITORY TAG IMAGE ID CREATED SIZE @@ -97,7 +97,7 @@ java 8 308e519aac60 6 days ago If nothing matches `REPOSITORY[:TAG]`, the list is empty. -```bash +```console $ docker images java:0 REPOSITORY TAG IMAGE ID CREATED SIZE @@ -105,7 +105,7 @@ REPOSITORY TAG IMAGE ID CREATED ### List the full length image IDs -```bash +```console $ docker images --no-trunc REPOSITORY TAG IMAGE ID CREATED SIZE @@ -127,7 +127,7 @@ called a `digest`. As long as the input used to generate the image is unchanged, the digest value is predictable. To list image digest values, use the `--digests` flag: -```bash +```console $ docker images --digests REPOSITORY TAG DIGEST IMAGE ID CREATED SIZE localhost:5000/test/busybox sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf 4986bf8c1536 9 weeks ago 2.43 MB @@ -153,7 +153,7 @@ The currently supported filters are: #### Show untagged images (dangling) -```bash +```console $ docker images --filter "dangling=true" REPOSITORY TAG IMAGE ID CREATED SIZE @@ -173,7 +173,7 @@ using it. By having this flag it allows for batch cleanup. You can use this in conjunction with `docker rmi ...`: -```bash +```console $ docker rmi $(docker images -f "dangling=true" -q) 8abc22fbb042 @@ -194,7 +194,7 @@ value. The following filter matches images with the `com.example.version` label regardless of its value. -```bash +```console $ docker images --filter "label=com.example.version" REPOSITORY TAG IMAGE ID CREATED SIZE @@ -204,7 +204,7 @@ match-me-2 latest dea752e4e117 About a minute ago The following filter matches images with the `com.example.version` label with the `1.0` value. -```bash +```console $ docker images --filter "label=com.example.version=1.0" REPOSITORY TAG IMAGE ID CREATED SIZE @@ -213,7 +213,7 @@ match-me latest 511136ea3c5a About a minute ago In this example, with the `0.1` value, it returns an empty set because no matches were found. -```bash +```console $ docker images --filter "label=com.example.version=0.1" REPOSITORY TAG IMAGE ID CREATED SIZE ``` @@ -223,7 +223,7 @@ REPOSITORY TAG IMAGE ID CREATED The `before` filter shows only images created before the image with given id or reference. For example, having these images: -```bash +```console $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE @@ -234,7 +234,7 @@ image3 latest 511136ea3c5a 25 minutes ago Filtering with `before` would give: -```bash +```console $ docker images --filter "before=image1" REPOSITORY TAG IMAGE ID CREATED SIZE @@ -244,7 +244,7 @@ image3 latest 511136ea3c5a 25 minutes ago Filtering with `since` would give: -```bash +```console $ docker images --filter "since=image3" REPOSITORY TAG IMAGE ID CREATED SIZE image1 latest eeae25ada2aa 4 minutes ago 188.3 MB @@ -256,7 +256,7 @@ image2 latest dea752e4e117 9 minutes ago The `reference` filter shows only images whose reference matches the specified pattern. -```bash +```console $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE @@ -268,7 +268,7 @@ busybox glibc 21c16b6787c6 5 weeks ago Filtering with `reference` would give: -```bash +```console $ docker images --filter=reference='busy*:*libc' REPOSITORY TAG IMAGE ID CREATED SIZE @@ -278,7 +278,7 @@ busybox glibc 21c16b6787c6 5 weeks ago Filtering with multiple `reference` would give, either match A or B: -```bash +```console $ docker images --filter=reference='busy*:uclibc' --filter=reference='busy*:glibc' REPOSITORY TAG IMAGE ID CREATED SIZE @@ -310,7 +310,7 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `ID` and `Repository` entries separated by a colon (`:`) for all images: -```bash +```console $ docker images --format "{{.ID}}: {{.Repository}}" 77af4d6b9913: @@ -327,7 +327,7 @@ b6fa739cedf5: committ To list all images with their repository and tag in a table format you can use: -```bash +```console $ docker images --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}" IMAGE ID REPOSITORY TAG diff --git a/docs/reference/commandline/import.md b/docs/reference/commandline/import.md index 497f1aa8c25d..5542f166d6e2 100644 --- a/docs/reference/commandline/import.md +++ b/docs/reference/commandline/import.md @@ -39,39 +39,39 @@ Supported `Dockerfile` instructions: This will create a new untagged image. -```bash -$ docker import http://example.com/exampleimage.tgz +```console +$ docker import https://example.com/exampleimage.tgz ``` ### Import from a local file -- Import to docker via pipe and `STDIN`. +Import to docker via pipe and `STDIN`. - ```bash - $ cat exampleimage.tgz | docker import - exampleimagelocal:new - ``` +```console +$ cat exampleimage.tgz | docker import - exampleimagelocal:new +``` -- Import with a commit message. +Import with a commit message. - ```bash - $ cat exampleimage.tgz | docker import --message "New image imported from tarball" - exampleimagelocal:new - ``` +```console +$ cat exampleimage.tgz | docker import --message "New image imported from tarball" - exampleimagelocal:new +``` -- Import to docker from a local archive. +Import to docker from a local archive. - ```bash - $ docker import /path/to/exampleimage.tgz - ``` +```console +$ docker import /path/to/exampleimage.tgz +``` ### Import from a local directory -```bash +```console $ sudo tar -c . | docker import - exampleimagedir ``` ### Import from a local directory with new configurations -```bash +```console $ sudo tar -c . | docker import --change "ENV DEBUG=true" - exampleimagedir ``` @@ -87,6 +87,6 @@ does not match the default operating system, it may be necessary to add `--platform`. This would be necessary when importing a Linux image into a Windows daemon. -```bash +```console $ docker import --platform=linux .\linuximage.tar ``` diff --git a/docs/reference/commandline/info.md b/docs/reference/commandline/info.md index 185b6a8f859e..f84455db31d1 100644 --- a/docs/reference/commandline/info.md +++ b/docs/reference/commandline/info.md @@ -44,8 +44,9 @@ The example below shows the output for a daemon running on Red Hat Enterprise Li using the `devicemapper` storage driver. As can be seen in the output, additional information about the `devicemapper` storage driver is shown: -```bash +```console $ docker info + Client: Context: default Debug Mode: false @@ -104,8 +105,9 @@ Server: Here is a sample output for a daemon running on Ubuntu, using the overlay2 storage driver and a node that is part of a 2-node swarm: -```bash -$ docker -D info +```console +$ docker --debug info + Client: Context: default Debug Mode: true @@ -194,7 +196,7 @@ The global `-D` option causes all `docker` commands to output debug information. You can also specify the output format: -```bash +```console $ docker info --format '{{json .}}' {"ID":"I54V:OLXT:HVMM:TPKO:JPHQ:CQCD:JNLC:O3BZ:4ZVJ:43XJ:PFHZ:6N2S","Containers":14, ...} diff --git a/docs/reference/commandline/inspect.md b/docs/reference/commandline/inspect.md index 4806546ff774..cceb0835a07a 100644 --- a/docs/reference/commandline/inspect.md +++ b/docs/reference/commandline/inspect.md @@ -45,7 +45,7 @@ option. The following example inspects a _volume_ named "myvolume" -```bash +```console $ docker inspect --type=volume myvolume ``` @@ -56,25 +56,25 @@ $ docker inspect --type=volume myvolume For the most part, you can pick out any field from the JSON in a fairly straightforward manner. -```bash +```console $ docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $INSTANCE_ID ``` ### Get an instance's MAC address -```bash +```console $ docker inspect --format='{{range .NetworkSettings.Networks}}{{.MacAddress}}{{end}}' $INSTANCE_ID ``` ### Get an instance's log path -```bash +```console $ docker inspect --format='{{.LogPath}}' $INSTANCE_ID ``` ### Get an instance's image name -```bash +```console $ docker inspect --format='{{.Config.Image}}' $INSTANCE_ID ``` @@ -83,7 +83,7 @@ $ docker inspect --format='{{.Config.Image}}' $INSTANCE_ID You can loop over arrays and maps in the results to produce simple text output: -```bash +```console $ docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}} {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' $INSTANCE_ID ``` @@ -97,7 +97,7 @@ numeric public port, you use `index` to find the specific port map, and then `index` 0 contains the first object inside of that. Then we ask for the `HostPort` field to get the public address. -```bash +```console $ docker inspect --format='{{(index (index .NetworkSettings.Ports "8787/tcp") 0).HostPort}}' $INSTANCE_ID ``` @@ -108,6 +108,6 @@ fields, by default you get a Go-style dump of the inner values. Docker adds a template function, `json`, which can be applied to get results in JSON format. -```bash +```console $ docker inspect --format='{{json .Config}}' $INSTANCE_ID ``` diff --git a/docs/reference/commandline/kill.md b/docs/reference/commandline/kill.md index 4df13e341164..b828d3433ed3 100644 --- a/docs/reference/commandline/kill.md +++ b/docs/reference/commandline/kill.md @@ -47,7 +47,7 @@ and the container will continue running after receiving the signal. The following example sends the default `SIGKILL` signal to the container named `my_container`: -```bash +```console $ docker kill my_container ``` @@ -56,7 +56,7 @@ $ docker kill my_container The following example sends a `SIGHUP` signal to the container named `my_container`: -```bash +```console $ docker kill --signal=SIGHUP my_container ``` @@ -64,7 +64,7 @@ $ docker kill --signal=SIGHUP my_container You can specify a custom signal either by _name_, or _number_. The `SIG` prefix is optional, so the following examples are equivalent: -```bash +```console $ docker kill --signal=SIGHUP my_container $ docker kill --signal=HUP my_container $ docker kill --signal=1 my_container diff --git a/docs/reference/commandline/load.md b/docs/reference/commandline/load.md index 565cc666bc64..a81756d1772c 100644 --- a/docs/reference/commandline/load.md +++ b/docs/reference/commandline/load.md @@ -18,6 +18,7 @@ Options: The tarball may be compressed with gzip, bzip, or xz -q, --quiet Suppress the load output but still outputs the imported images ``` + ## Description Load an image or repository from a tar archive (even if compressed with gzip, @@ -25,7 +26,7 @@ bzip2, or xz) from a file or STDIN. It restores both images and tags. ## Examples -```bash +```console $ docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE diff --git a/docs/reference/commandline/login.md b/docs/reference/commandline/login.md index ae0f9406c829..66354f30c490 100644 --- a/docs/reference/commandline/login.md +++ b/docs/reference/commandline/login.md @@ -30,7 +30,7 @@ Login to a registry. If you want to login to a self-hosted registry you can specify this by adding the server name. -```bash +```console $ docker login localhost:8080 ``` @@ -44,7 +44,7 @@ or log-files. The following example reads a password from a file, and passes it to the `docker login` command using `STDIN`: -```bash +```console $ cat ~/my_password.txt | docker login --username foo --password-stdin ``` diff --git a/docs/reference/commandline/logout.md b/docs/reference/commandline/logout.md index 4d0dd362acde..24c51843dbab 100644 --- a/docs/reference/commandline/logout.md +++ b/docs/reference/commandline/logout.md @@ -18,7 +18,7 @@ Options: ## Examples -```bash +```console $ docker logout localhost:8080 ``` diff --git a/docs/reference/commandline/logs.md b/docs/reference/commandline/logs.md index 26bf9d3daa71..57b2f42c1aab 100644 --- a/docs/reference/commandline/logs.md +++ b/docs/reference/commandline/logs.md @@ -67,7 +67,7 @@ fraction of a second no more than nine digits long. You can combine the In order to retrieve logs before a specific point in time, run: -```bash +```console $ docker run --name test -d busybox sh -c "while true; do $(echo date); sleep 1; done" $ date Tue 14 Nov 2017 16:40:00 CET diff --git a/docs/reference/commandline/manifest.md b/docs/reference/commandline/manifest.md index 73c60a8cc8a9..b67c066ad4f0 100644 --- a/docs/reference/commandline/manifest.md +++ b/docs/reference/commandline/manifest.md @@ -40,8 +40,8 @@ to two images -- one for windows on amd64, and one for darwin on amd64. ### manifest inspect -```bash -manifest inspect --help +```console +$ docker manifest inspect --help Usage: docker manifest inspect [OPTIONS] [MANIFEST_LIST] MANIFEST @@ -55,7 +55,7 @@ Options: ### manifest create -```bash +```console Usage: docker manifest create MANIFEST_LIST MANIFEST [MANIFEST...] Create a local manifest list for annotating and pushing to a registry @@ -68,7 +68,7 @@ Options: ### manifest annotate -```bash +```console Usage: docker manifest annotate [OPTIONS] MANIFEST_LIST MANIFEST Add additional information to a local image manifest @@ -85,7 +85,7 @@ Options: ### manifest push -```bash +```console Usage: docker manifest push [OPTIONS] MANIFEST_LIST Push a manifest list to a repository @@ -113,7 +113,7 @@ default requirements. ### Inspect an image's manifest object -```bash +```console $ docker manifest inspect hello-world { "schemaVersion": 2, @@ -143,7 +143,7 @@ without a tag, or by digest (e.g. `hello-world@sha256:f3b3b28a45160805bb16542c95 Here is an example of inspecting an image's manifest with the `--verbose` flag: -```bash +```console $ docker manifest inspect --verbose hello-world { "Ref": "docker.io/library/hello-world:latest", @@ -187,7 +187,7 @@ After you have created your local copy of the manifest list, you may optionally Finally, you need to `push` your manifest list to the desired registry. Below are descriptions of these three commands, and an example putting them all together. -```bash +```console $ docker manifest create 45.55.81.106:5000/coolapp:v1 \ 45.55.81.106:5000/coolapp-ppc64le-linux:v1 \ 45.55.81.106:5000/coolapp-arm-linux:v1 \ @@ -197,11 +197,11 @@ $ docker manifest create 45.55.81.106:5000/coolapp:v1 \ Created manifest list 45.55.81.106:5000/coolapp:v1 ``` -```bash +```console $ docker manifest annotate 45.55.81.106:5000/coolapp:v1 45.55.81.106:5000/coolapp-arm-linux --arch arm ``` -```bash +```console $ docker manifest push 45.55.81.106:5000/coolapp:v1 Pushed manifest 45.55.81.106:5000/coolapp@sha256:9701edc932223a66e49dd6c894a11db8c2cf4eccd1414f1ec105a623bf16b426 with digest: sha256:f67dcc5fc786f04f0743abfe0ee5dae9bd8caf8efa6c8144f7f2a43889dc513b Pushed manifest 45.55.81.106:5000/coolapp@sha256:f3b3b28a45160805bb16542c9531888519430e9e6d6ffc09d72261b0d26ff74f with digest: sha256:b64ca0b60356a30971f098c92200b1271257f100a55b351e6bbe985638352f3a @@ -213,7 +213,7 @@ sha256:050b213d49d7673ba35014f21454c573dcbec75254a08f4a7c34f66a47c06aba ### Inspect a manifest list -```bash +```console $ docker manifest inspect coolapp:v1 { "schemaVersion": 2, @@ -264,7 +264,7 @@ $ docker manifest inspect coolapp:v1 Here is an example of creating and pushing a manifest list using a known insecure registry. -```bash +```console $ docker manifest create --insecure myprivateregistry.mycompany.com/repo/image:1.0 \ myprivateregistry.mycompany.com/repo/image-linux-ppc64le:1.0 \ myprivateregistry.mycompany.com/repo/image-linux-s390x:1.0 \ diff --git a/docs/reference/commandline/network_connect.md b/docs/reference/commandline/network_connect.md index ae024b31ec8e..f7b2fe564467 100644 --- a/docs/reference/commandline/network_connect.md +++ b/docs/reference/commandline/network_connect.md @@ -30,7 +30,7 @@ the same network. ### Connect a running container to a network -```bash +```console $ docker network connect multi-host-network container1 ``` @@ -38,7 +38,7 @@ $ docker network connect multi-host-network container1 You can also use the `docker run --network=` option to start a container and immediately connect it to a network. -```bash +```console $ docker run -itd --network=multi-host-network busybox ``` @@ -46,7 +46,7 @@ $ docker run -itd --network=multi-host-network busybox You can specify the IP address you want to be assigned to the container's interface. -```bash +```console $ docker network connect --ip 10.10.36.122 multi-host-network container2 ``` @@ -54,7 +54,7 @@ $ docker network connect --ip 10.10.36.122 multi-host-network container2 You can use `--link` option to link another container with a preferred alias -```bash +```console $ docker network connect --link container1:c1 multi-host-network container2 ``` @@ -63,7 +63,7 @@ $ docker network connect --link container1:c1 multi-host-network container2 `--alias` option can be used to resolve the container by another name in the network being connected to. -```bash +```console $ docker network connect --alias db --alias mysql multi-host-network container2 ``` @@ -79,11 +79,11 @@ to specify an `--ip-range` when creating the network, and choose the static IP address(es) from outside that range. This ensures that the IP address is not given to another container while this container is not on the network. -```bash +```console $ docker network create --subnet 172.20.0.0/16 --ip-range 172.20.240.0/20 multi-host-network ``` -```bash +```console $ docker network connect --ip 172.20.128.2 multi-host-network container2 ``` diff --git a/docs/reference/commandline/network_create.md b/docs/reference/commandline/network_create.md index 9e3ac66b619f..c3b68d37c066 100644 --- a/docs/reference/commandline/network_create.md +++ b/docs/reference/commandline/network_create.md @@ -45,7 +45,7 @@ on. When you launch a new container with `docker run` it automatically connects this bridge network. You cannot remove this default bridge network, but you can create new ones using the `network create` command. -```bash +```console $ docker network create -d bridge my-bridge-network ``` @@ -75,7 +75,7 @@ discovery and server management tools that can assist your implementation. Once you have prepared the `overlay` network prerequisites you simply choose a Docker host in the cluster and issue the following to create the network: -```bash +```console $ docker network create -d overlay my-multihost-network ``` @@ -102,7 +102,7 @@ for more information about different endpoint modes. When you start a container, use the `--network` flag to connect it to a network. This example adds the `busybox` container to the `mynet` network: -```bash +```console $ docker run -itd --network=mynet busybox ``` @@ -126,14 +126,14 @@ network. It is purely for ip-addressing purposes. You can override this default and specify subnetwork values directly using the `--subnet` option. On a `bridge` network you can only create a single subnet: -```bash +```console $ docker network create --driver=bridge --subnet=192.168.0.0/16 br0 ``` Additionally, you also specify the `--gateway` `--ip-range` and `--aux-address` options. -```bash +```console $ docker network create \ --driver=bridge \ --subnet=172.28.0.0/16 \ @@ -148,7 +148,7 @@ support it you can create multiple subnetworks. This example uses two `/25` subnet mask to adhere to the current guidance of not having more than 256 IPs in a single overlay network. Each of the subnetworks has 126 usable addresses. -```bash +```console $ docker network create -d overlay \ --subnet=192.168.10.0/25 \ --subnet=192.168.20.0/25 \ @@ -191,7 +191,7 @@ network driver, again with their approximate equivalents to `docker daemon`. For example, let's use `-o` or `--opt` options to specify an IP address binding when publishing ports: -```bash +```console $ docker network create \ -o "com.docker.network.bridge.host_binding_ipv4"="172.19.0.1" \ simple-network @@ -212,7 +212,7 @@ one ingress network can be created at the time. The network can be removed only if no services depend on it. Any option available when creating an overlay network is also available when creating the ingress network, besides the `--attachable` option. -```bash +```console $ docker network create -d overlay \ --subnet=10.11.0.0/16 \ --ingress \ diff --git a/docs/reference/commandline/network_disconnect.md b/docs/reference/commandline/network_disconnect.md index 4e6f2f6d3163..59ff61578bed 100644 --- a/docs/reference/commandline/network_disconnect.md +++ b/docs/reference/commandline/network_disconnect.md @@ -23,7 +23,7 @@ disconnect it from the network. ## Examples -```bash +```console $ docker network disconnect multi-host-network container1 ``` diff --git a/docs/reference/commandline/network_inspect.md b/docs/reference/commandline/network_inspect.md index 29b89653cf44..bbc087f1b9d5 100644 --- a/docs/reference/commandline/network_inspect.md +++ b/docs/reference/commandline/network_inspect.md @@ -27,7 +27,7 @@ all results in a JSON object. Connect two containers to the default `bridge` network: -```bash +```console $ sudo docker run -itd --name=container1 busybox f2870c98fd504370fb86e59f32cd0753b1ac9b69b7d80566ffc7192a82b3ed27 @@ -47,7 +47,7 @@ template for each result. Go's [text/template](http://golang.org/pkg/text/template/) package describes all the details of the format. -```bash +```console $ sudo docker network inspect bridge ``` @@ -104,13 +104,13 @@ The output is in JSON format, for example: Create and inspect a user-defined network: -```bash +```console $ docker network create simple-network 69568e6336d8c96bbf57869030919f7c69524f71183b44d80948bd3927c87f6a ``` -```bash +```console $ docker network inspect simple-network ``` @@ -146,7 +146,7 @@ For swarm mode overlay networks `network inspect` also shows the IP address and of the peers. Peers are the nodes in the swarm cluster which have at least one task attached to the network. Node name is of the format `-`. -```bash +```console $ docker network inspect ingress ``` @@ -213,7 +213,7 @@ and the IPs of the nodes where the tasks are running. Following is an example output for an overlay network `ov1` that has one service `s1` attached to. service `s1` in this case has three replicas. -```bash +```console $ docker network inspect --verbose ov1 ``` diff --git a/docs/reference/commandline/network_ls.md b/docs/reference/commandline/network_ls.md index d48673aaba10..8b938b33bea3 100644 --- a/docs/reference/commandline/network_ls.md +++ b/docs/reference/commandline/network_ls.md @@ -31,8 +31,8 @@ networks that span across multiple hosts in a cluster. ### List all networks -```bash -$ sudo docker network ls +```console +$ docker network ls NETWORK ID NAME DRIVER SCOPE 7fca4eb8c647 bridge bridge local 9f904ee27bf5 none null local @@ -42,7 +42,7 @@ cf03ee007fb4 host host local Use the `--no-trunc` option to display the full network id: -```bash +```console $ docker network ls --no-trunc NETWORK ID NAME DRIVER SCOPE 18a2866682b85619a026c81b98a5e375bd33e1b0936a26cc497c283d27bae9b3 none null local @@ -74,7 +74,7 @@ The `driver` filter matches networks based on their driver. The following example matches networks with the `bridge` driver: -```bash +```console $ docker network ls --filter driver=bridge NETWORK ID NAME DRIVER SCOPE db9db329f835 test1 bridge local @@ -88,7 +88,7 @@ The `id` filter matches on all or part of a network's ID. The following filter matches all networks with an ID containing the `63d1ff1f77b0...` string. -```bash +```console $ docker network ls --filter id=63d1ff1f77b07ca51070a8c227e962238358bd310bde1529cf62e6c307ade161 NETWORK ID NAME DRIVER SCOPE 63d1ff1f77b0 dev bridge local @@ -96,7 +96,7 @@ NETWORK ID NAME DRIVER SCOPE You can also filter for a substring in an ID as this shows: -```bash +```console $ docker network ls --filter id=95e74588f40d NETWORK ID NAME DRIVER SCOPE 95e74588f40d foo bridge local @@ -113,7 +113,7 @@ value. The following filter matches networks with the `usage` label regardless of its value. -```bash +```console $ docker network ls -f "label=usage" NETWORK ID NAME DRIVER SCOPE db9db329f835 test1 bridge local @@ -122,7 +122,7 @@ f6e212da9dfd test2 bridge local The following filter matches networks with the `usage` label with the `prod` value. -```bash +```console $ docker network ls -f "label=usage=prod" NETWORK ID NAME DRIVER SCOPE f6e212da9dfd test2 bridge local @@ -134,7 +134,7 @@ The `name` filter matches on all or part of a network's name. The following filter matches all networks with a name containing the `foobar` string. -```bash +```console $ docker network ls --filter name=foobar NETWORK ID NAME DRIVER SCOPE 06e7eef0a170 foobar bridge local @@ -142,7 +142,7 @@ NETWORK ID NAME DRIVER SCOPE You can also filter for a substring in a name as this shows: -```bash +```console $ docker network ls --filter name=foo NETWORK ID NAME DRIVER SCOPE 95e74588f40d foo bridge local @@ -155,7 +155,7 @@ The `scope` filter matches networks based on their scope. The following example matches networks with the `swarm` scope: -```bash +```console $ docker network ls --filter scope=swarm NETWORK ID NAME DRIVER SCOPE xbtm0v4f1lfh ingress overlay swarm @@ -164,7 +164,7 @@ ic6r88twuu92 swarmnet overlay swarm The following example matches networks with the `local` scope: -```bash +```console $ docker network ls --filter scope=local NETWORK ID NAME DRIVER SCOPE e85227439ac7 bridge bridge local @@ -180,7 +180,7 @@ The `type` filter supports two values; `builtin` displays predefined networks The following filter matches all user defined networks: -```bash +```console $ docker network ls --filter type=custom NETWORK ID NAME DRIVER SCOPE 95e74588f40d foo bridge local @@ -190,7 +190,7 @@ NETWORK ID NAME DRIVER SCOPE By having this flag it allows for batch cleanup. For example, use this filter to delete all user defined networks: -```bash +```console $ docker network rm `docker network ls --filter type=custom -q` ``` @@ -223,7 +223,7 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `ID` and `Driver` entries separated by a colon (`:`) for all networks: -```bash +```console $ docker network ls --format "{{.ID}}: {{.Driver}}" afaaab448eb2: bridge d1584f8dc718: host diff --git a/docs/reference/commandline/network_prune.md b/docs/reference/commandline/network_prune.md index c49ff5f0a860..3d4e742ed90e 100644 --- a/docs/reference/commandline/network_prune.md +++ b/docs/reference/commandline/network_prune.md @@ -24,7 +24,7 @@ by any containers. ## Examples -```bash +```console $ docker network prune WARNING! This will remove all custom networks not used by at least one container. @@ -64,7 +64,7 @@ networks without the specified labels. The following removes networks created more than 5 minutes ago. Note that system networks such as `bridge`, `host`, and `none` will never be pruned: -```bash +```console $ docker network ls NETWORK ID NAME DRIVER SCOPE diff --git a/docs/reference/commandline/network_rm.md b/docs/reference/commandline/network_rm.md index 52a4265aa728..ecbcdd16f2c0 100644 --- a/docs/reference/commandline/network_rm.md +++ b/docs/reference/commandline/network_rm.md @@ -29,8 +29,8 @@ you must first disconnect any containers connected to it. To remove the network named 'my-network': -```bash - $ docker network rm my-network +```console +$ docker network rm my-network ``` ### Remove multiple networks @@ -39,8 +39,8 @@ To delete multiple networks in a single `docker network rm` command, provide multiple network names or ids. The following example deletes a network with id `3695c422697f` and a network named `my-network`: -```bash - $ docker network rm 3695c422697f my-network +```console +$ docker network rm 3695c422697f my-network ``` When you specify multiple networks, the command attempts to delete each in turn. diff --git a/docs/reference/commandline/node_demote.md b/docs/reference/commandline/node_demote.md index 103c57f697ac..7bb5b59bda71 100644 --- a/docs/reference/commandline/node_demote.md +++ b/docs/reference/commandline/node_demote.md @@ -28,7 +28,7 @@ Demotes an existing manager so that it is no longer a manager. ## Examples -```bash +```console $ docker node demote ``` diff --git a/docs/reference/commandline/node_inspect.md b/docs/reference/commandline/node_inspect.md index 16ad0b98c278..c2345433abcd 100644 --- a/docs/reference/commandline/node_inspect.md +++ b/docs/reference/commandline/node_inspect.md @@ -36,7 +36,7 @@ details of the format. ### Inspect a node -```bash +```console $ docker node inspect swarm-manager ``` @@ -113,7 +113,7 @@ $ docker node inspect swarm-manager ### Specify an output format -```bash +```console $ docker node inspect --format '{{ .ManagerStatus.Leader }}' self false @@ -121,7 +121,7 @@ false Use `--format=pretty` or the `--pretty` shorthand to pretty-print the output: -```bash +```console $ docker node inspect --format=pretty self ID: e216jshn25ckzbvmwlnh5jr3g diff --git a/docs/reference/commandline/node_ls.md b/docs/reference/commandline/node_ls.md index 06a82d69f22a..11e3296972bf 100644 --- a/docs/reference/commandline/node_ls.md +++ b/docs/reference/commandline/node_ls.md @@ -36,7 +36,7 @@ for more information about available filter options. ## Examples -```bash +```console $ docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS @@ -44,6 +44,7 @@ ID HOSTNAME STATUS AVAILABILITY MANAGER STATU 38ciaotwjuritcdtn9npbnkuz swarm-worker1 Ready Active e216jshn25ckzbvmwlnh5jr3g * swarm-manager1 Ready Active Leader ``` + > **Note** > > In the above example output, there is a hidden column of `.Self` that indicates @@ -69,7 +70,7 @@ The currently supported filters are: The `id` filter matches all or part of a node's id. -```bash +```console $ docker node ls -f id=1 ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS @@ -85,7 +86,7 @@ Swarm `node` labels, use [`node.label` instead](#nodelabel). The following filter matches nodes with the `foo` label regardless of its value. -```bash +```console $ docker node ls -f "label=foo" ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS @@ -135,7 +136,7 @@ The `membership` filter matches nodes based on the presence of a `membership` an The following filter matches nodes with the `membership` of `accepted`. -```bash +```console $ docker node ls -f "membership=accepted" ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS @@ -149,7 +150,7 @@ The `name` filter matches on all or part of a node hostname. The following filter matches the nodes with a name equal to `swarm-master` string. -```bash +```console $ docker node ls -f name=swarm-manager1 ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS @@ -162,7 +163,7 @@ The `role` filter matches nodes based on the presence of a `role` and a value `w The following filter matches nodes with the `manager` role. -```bash +```console $ docker node ls -f "role=manager" ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS @@ -195,8 +196,9 @@ The following example uses a template without headers and outputs the `ID`, `Hostname`, and `TLS Status` entries separated by a colon (`:`) for all nodes: -```bash +```console $ docker node ls --format "{{.ID}}: {{.Hostname}} {{.TLSStatus}}" + e216jshn25ckzbvmwlnh5jr3g: swarm-manager1 Ready 35o6tiywb700jesrt3dmllaza: swarm-worker1 Needs Rotation ``` diff --git a/docs/reference/commandline/node_promote.md b/docs/reference/commandline/node_promote.md index 8906e6737555..665dd9486a98 100644 --- a/docs/reference/commandline/node_promote.md +++ b/docs/reference/commandline/node_promote.md @@ -28,7 +28,7 @@ Promotes a node to manager. This command can only be executed on a manager node. ## Examples -```bash +```console $ docker node promote ``` diff --git a/docs/reference/commandline/node_ps.md b/docs/reference/commandline/node_ps.md index c6dcc9f891fb..45d517634189 100644 --- a/docs/reference/commandline/node_ps.md +++ b/docs/reference/commandline/node_ps.md @@ -36,8 +36,9 @@ information about available filter options. ## Examples -```bash +```console $ docker node ps swarm-manager1 + NAME IMAGE NODE DESIRED STATE CURRENT STATE redis.1.7q92v0nr1hcgts2amcjyqg3pq redis:3.0.6 swarm-manager1 Running Running 5 hours redis.6.b465edgho06e318egmgjbqo4o redis:3.0.6 swarm-manager1 Running Running 29 seconds @@ -64,7 +65,7 @@ The `name` filter matches on all or part of a task's name. The following filter matches all tasks with a name containing the `redis` string. -```bash +```console $ docker node ps -f name=redis swarm-manager1 NAME IMAGE NODE DESIRED STATE CURRENT STATE @@ -79,7 +80,7 @@ redis.10.0tgctg8h8cech4w0k0gwrmr23 redis:3.0.6 swarm-manager1 Running The `id` filter matches a task's id. -```bash +```console $ docker node ps -f id=bg8c07zzg87di2mufeq51a2qp swarm-manager1 NAME IMAGE NODE DESIRED STATE CURRENT STATE @@ -93,7 +94,7 @@ value. The following filter matches tasks with the `usage` label regardless of its value. -```bash +```console $ docker node ps -f "label=usage" NAME IMAGE NODE DESIRED STATE CURRENT STATE @@ -132,8 +133,9 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `Name` and `Image` entries separated by a colon (`:`) for all tasks: -```bash +```console $ docker node ps --format "{{.Name}}: {{.Image}}" + top.1: busybox top.2: busybox top.3: busybox diff --git a/docs/reference/commandline/node_rm.md b/docs/reference/commandline/node_rm.md index 53cd309eebfb..ea334f204b4b 100644 --- a/docs/reference/commandline/node_rm.md +++ b/docs/reference/commandline/node_rm.md @@ -34,11 +34,12 @@ Removes the specified nodes from a swarm. ### Remove a stopped node from the swarm -```bash +```console $ docker node rm swarm-node-02 Node swarm-node-02 removed from swarm ``` + ### Attempt to remove a running node from a swarm Removes the specified nodes from the swarm, but only if the nodes are in the @@ -58,7 +59,7 @@ compromised or is not behaving as expected, you can use the `--force` option. This may cause transient errors or interruptions, depending on the type of task being run on the node. -```bash +```console $ docker node rm --force swarm-node-03 Node swarm-node-03 removed from swarm diff --git a/docs/reference/commandline/node_update.md b/docs/reference/commandline/node_update.md index f8dc40db6979..6ef0b1bd5fbc 100644 --- a/docs/reference/commandline/node_update.md +++ b/docs/reference/commandline/node_update.md @@ -43,7 +43,7 @@ $ docker node update --label-add foo worker1 To add multiple labels to a node, pass the `--label-add` flag for each label: -```bash +```console $ docker node update --label-add foo --label-add bar worker1 ``` diff --git a/docs/reference/commandline/pause.md b/docs/reference/commandline/pause.md index 515efb7f61fc..abdc1ea63ba7 100644 --- a/docs/reference/commandline/pause.md +++ b/docs/reference/commandline/pause.md @@ -30,7 +30,7 @@ for further details. ## Examples -```bash +```console $ docker pause my_container ``` diff --git a/docs/reference/commandline/plugin_create.md b/docs/reference/commandline/plugin_create.md index b56df04aa0fa..78cd78e87448 100644 --- a/docs/reference/commandline/plugin_create.md +++ b/docs/reference/commandline/plugin_create.md @@ -25,7 +25,7 @@ Creates a plugin. Before creating the plugin, prepare the plugin's root filesyst The following example shows how to create a sample `plugin`. -```bash +```console $ ls -ls /home/pluginDir total 4 diff --git a/docs/reference/commandline/plugin_disable.md b/docs/reference/commandline/plugin_disable.md index 927b6d580142..12a7c9368c71 100644 --- a/docs/reference/commandline/plugin_disable.md +++ b/docs/reference/commandline/plugin_disable.md @@ -27,7 +27,7 @@ a plugin that has references (e.g., volumes, networks) cannot be disabled. The following example shows that the `sample-volume-plugin` plugin is installed and enabled: -```bash +```console $ docker plugin ls ID NAME DESCRIPTION ENABLED @@ -36,7 +36,7 @@ ID NAME DESCRIPTION To disable the plugin, use the following command: -```bash +```console $ docker plugin disable tiborvass/sample-volume-plugin tiborvass/sample-volume-plugin diff --git a/docs/reference/commandline/plugin_enable.md b/docs/reference/commandline/plugin_enable.md index 2f6a5f5198a0..11a0b09a68a5 100644 --- a/docs/reference/commandline/plugin_enable.md +++ b/docs/reference/commandline/plugin_enable.md @@ -26,7 +26,7 @@ see [`docker plugin install`](plugin_install.md). The following example shows that the `sample-volume-plugin` plugin is installed, but disabled: -```bash +```console $ docker plugin ls ID NAME DESCRIPTION ENABLED @@ -35,7 +35,7 @@ ID NAME DESCRIPTION To enable the plugin, use the following command: -```bash +```console $ docker plugin enable tiborvass/sample-volume-plugin tiborvass/sample-volume-plugin diff --git a/docs/reference/commandline/plugin_inspect.md b/docs/reference/commandline/plugin_inspect.md index ab8679b7ac5e..30caa13a3612 100644 --- a/docs/reference/commandline/plugin_inspect.md +++ b/docs/reference/commandline/plugin_inspect.md @@ -27,7 +27,7 @@ in a JSON array. The following example example inspects the `tiborvass/sample-volume-plugin` plugin: -```bash +```console $ docker plugin inspect tiborvass/sample-volume-plugin:latest ``` @@ -144,7 +144,7 @@ Output is in JSON format (output below is formatted for readability): ### Formatting the output -```bash +```console $ docker plugin inspect -f '{{.Id}}' tiborvass/sample-volume-plugin:latest 8c74c978c434745c3ade82f1bc0acf38d04990eaf494fa507c16d9f1daa99c21 diff --git a/docs/reference/commandline/plugin_install.md b/docs/reference/commandline/plugin_install.md index 4028cc17c196..784edad46554 100644 --- a/docs/reference/commandline/plugin_install.md +++ b/docs/reference/commandline/plugin_install.md @@ -33,7 +33,7 @@ The following example installs `vieus/sshfs` plugin and [sets](plugin_set.md) it Hub and prompt the user to accept the list of privileges that the plugin needs, set the plugin's parameters and enable the plugin. -```bash +```console $ docker plugin install vieux/sshfs DEBUG=1 Plugin "vieux/sshfs" is requesting the following privileges: @@ -46,7 +46,7 @@ vieux/sshfs After the plugin is installed, it appears in the list of plugins: -```bash +```console $ docker plugin ls ID NAME DESCRIPTION ENABLED diff --git a/docs/reference/commandline/plugin_ls.md b/docs/reference/commandline/plugin_ls.md index dedd2270dc66..47a657d9d81b 100644 --- a/docs/reference/commandline/plugin_ls.md +++ b/docs/reference/commandline/plugin_ls.md @@ -31,7 +31,7 @@ Refer to the [filtering](#filtering) section for more information about availabl ## Examples -```bash +```console $ docker plugin ls ID NAME DESCRIPTION ENABLED @@ -58,7 +58,7 @@ The `capability` filter matches on plugin capabilities. One plugin might have multiple capabilities. Currently `volumedriver`, `networkdriver`, `ipamdriver`, `logdriver`, `metricscollector`, and `authz` are supported capabilities. -```bash +```console $ docker plugin install --disable vieux/sshfs Installed plugin vieux/sshfs @@ -90,7 +90,7 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `ID` and `Name` entries separated by a colon (`:`) for all plugins: -```bash +```console $ docker plugin ls --format "{{.ID}}: {{.Name}}" 4be01827a72e: vieux/sshfs:latest diff --git a/docs/reference/commandline/plugin_push.md b/docs/reference/commandline/plugin_push.md index c554a747fd73..f00d2f56d3f3 100644 --- a/docs/reference/commandline/plugin_push.md +++ b/docs/reference/commandline/plugin_push.md @@ -26,7 +26,7 @@ Registry credentials are managed by [docker login](login.md). The following example shows how to push a sample `user/plugin`. -```bash +```console $ docker plugin ls ID NAME DESCRIPTION ENABLED diff --git a/docs/reference/commandline/plugin_rm.md b/docs/reference/commandline/plugin_rm.md index 184ab5f375dd..8dec068a404a 100644 --- a/docs/reference/commandline/plugin_rm.md +++ b/docs/reference/commandline/plugin_rm.md @@ -31,7 +31,7 @@ functioning of running containers using the plugin). The following example disables and removes the `sample-volume-plugin:latest` plugin: -```bash +```console $ docker plugin disable tiborvass/sample-volume-plugin tiborvass/sample-volume-plugin diff --git a/docs/reference/commandline/plugin_set.md b/docs/reference/commandline/plugin_set.md index 33ea04567c69..20a4ed24420b 100644 --- a/docs/reference/commandline/plugin_set.md +++ b/docs/reference/commandline/plugin_set.md @@ -84,7 +84,7 @@ On the contrary, the `LOGGING` environment variable doesn't have any settable fi The following example change the env variable `DEBUG` on the `sample-volume-plugin` plugin. -```bash +```console $ docker plugin inspect -f {{.Settings.Env}} tiborvass/sample-volume-plugin [DEBUG=0] @@ -99,7 +99,7 @@ $ docker plugin inspect -f {{.Settings.Env}} tiborvass/sample-volume-plugin The following example change the source of the `mymount` mount on the `myplugin` plugin. -```bash +```console $ docker plugin inspect -f '{{with $mount := index .Settings.Mounts 0}}{{$mount.Source}}{{end}}' myplugin /foo @@ -119,7 +119,7 @@ $ docker plugin inspect -f '{{with $mount := index .Settings.Mounts 0}}{{$mount. The following example change the path of the `mydevice` device on the `myplugin` plugin. -```bash +```console $ docker plugin inspect -f '{{with $device := index .Settings.Devices 0}}{{$device.Path}}{{end}}' myplugin /dev/foo @@ -139,7 +139,7 @@ $ docker plugin inspect -f '{{with $device := index .Settings.Devices 0}}{{$devi The following example change the value of the args on the `myplugin` plugin. -```bash +```console $ docker plugin inspect -f '{{.Settings.Args}}' myplugin ["foo", "bar"] diff --git a/docs/reference/commandline/plugin_upgrade.md b/docs/reference/commandline/plugin_upgrade.md index 23b063a8c418..fc70732fdc70 100644 --- a/docs/reference/commandline/plugin_upgrade.md +++ b/docs/reference/commandline/plugin_upgrade.md @@ -30,7 +30,7 @@ The plugin must be disabled before running the upgrade. The following example installs `vieus/sshfs` plugin, uses it to create and use a volume, then upgrades the plugin. -```bash +```console $ docker plugin install vieux/sshfs DEBUG=1 Plugin "vieux/sshfs:next" is requesting the following privileges: diff --git a/docs/reference/commandline/port.md b/docs/reference/commandline/port.md index 029df710f8fe..a35ae175f687 100644 --- a/docs/reference/commandline/port.md +++ b/docs/reference/commandline/port.md @@ -22,7 +22,7 @@ Options: You can find out all the ports mapped by not specifying a `PRIVATE_PORT`, or just a specific mapping: -```bash +```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES diff --git a/docs/reference/commandline/ps.md b/docs/reference/commandline/ps.md index 4a95d7b2f41c..02f8e27f22b0 100644 --- a/docs/reference/commandline/ps.md +++ b/docs/reference/commandline/ps.md @@ -45,7 +45,7 @@ Options: Running `docker ps --no-trunc` showing 2 linked containers. -```bash +```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -58,7 +58,7 @@ d7886598dbe2 crosbymichael/redis:latest /redis-server --dir 33 minut The `docker ps` command only shows running containers by default. To see all containers, use the `-a` (or `--all`) flag: -```bash +```console $ docker ps -a ``` @@ -70,7 +70,7 @@ the `PORTS` column. The `docker ps -s` command displays two different on-disk-sizes for each container: -```bash +```console $ docker ps -s CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES SIZE SIZE @@ -114,7 +114,7 @@ value. The following filter matches containers with the `color` label regardless of its value. -```bash +```console $ docker ps --filter "label=color" CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -124,7 +124,7 @@ d85756f57265 busybox "top" 52 seconds ago The following filter matches containers with the `color` label with the `blue` value. -```bash +```console $ docker ps --filter "label=color=blue" CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -137,7 +137,7 @@ The `name` filter matches on all or part of a container's name. The following filter matches all containers with a name containing the `nostalgic_stallman` string. -```bash +```console $ docker ps --filter "name=nostalgic_stallman" CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -146,7 +146,7 @@ CONTAINER ID IMAGE COMMAND CREATED You can also filter for a substring in a name as this shows: -```bash +```console $ docker ps --filter "name=nostalgic" CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -160,7 +160,7 @@ CONTAINER ID IMAGE COMMAND CREATED The `exited` filter matches containers by exist status code. For example, to filter for containers that have exited successfully: -```bash +```console $ docker ps -a --filter 'exited=0' CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -174,7 +174,7 @@ ea09c3c82f6e registry:latest /srv/run.sh 2 weeks ago You can use a filter to locate containers that exited with status of `137` meaning a `SIGKILL(9)` killed them. -```bash +```console $ docker ps -a --filter 'exited=137' CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -194,7 +194,7 @@ The `status` filter matches containers by status. You can filter using `created`, `restarting`, `running`, `removing`, `paused`, `exited` and `dead`. For example, to filter for `running` containers: -```bash +```console $ docker ps --filter status=running CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -205,7 +205,7 @@ d5c976d3c462 busybox "top" 23 minutes ago To filter for `paused` containers: -```bash +```console $ docker ps --filter status=paused CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -226,7 +226,7 @@ it. The filter supports the following image representation: If you don't specify a `tag`, the `latest` tag is used. For example, to filter for containers that use the latest `ubuntu` image: -```bash +```console $ docker ps --filter ancestor=ubuntu CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -239,7 +239,7 @@ bab2a34ba363 ubuntu "top" 3 minutes ago Match containers based on the `ubuntu-c1` image which, in this case, is a child of `ubuntu`: -```bash +```console $ docker ps --filter ancestor=ubuntu-c1 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -248,7 +248,7 @@ CONTAINER ID IMAGE COMMAND CREATED Match containers based on the `ubuntu` version `12.04.5` image: -```bash +```console $ docker ps --filter ancestor=ubuntu:12.04.5 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -258,7 +258,7 @@ CONTAINER ID IMAGE COMMAND CREATED The following matches containers based on the layer `d0e008c6cf02` or an image that have this layer in its layer stack. -```bash +```console $ docker ps --filter ancestor=d0e008c6cf02 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -272,7 +272,7 @@ CONTAINER ID IMAGE COMMAND CREATED The `before` filter shows only containers created before the container with given id or name. For example, having these containers created: -```bash +```console $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -283,7 +283,7 @@ CONTAINER ID IMAGE COMMAND CREATED STATUS Filtering with `before` would give: -```bash +```console $ docker ps -f before=9c3527ed70ce CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -296,7 +296,7 @@ CONTAINER ID IMAGE COMMAND CREATED STATUS The `since` filter shows only containers created since the container with given id or name. For example, with the same containers as in `before` filter: -```bash +```console $ docker ps -f since=6e63f6ff38b0 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -309,7 +309,7 @@ CONTAINER ID IMAGE COMMAND CREATED STATUS The `volume` filter shows only containers that mount a specific volume or have a volume mounted in a specific path: -```bash +```console $ docker ps --filter volume=remote-volume --format "table {{.ID}}\t{{.Mounts}}" CONTAINER ID MOUNTS @@ -329,7 +329,7 @@ a given name or id. The following filter matches all containers that are connected to a network with a name containing `net1`. -```bash +```console $ docker run -d --net=net1 --name=test1 ubuntu top $ docker run -d --net=net2 --name=test2 ubuntu top @@ -343,7 +343,7 @@ The network filter matches on both the network's name and id. The following example shows all containers that are attached to the `net1` network, using the network id as a filter; -```bash +```console $ docker network inspect --format "{{.ID}}" net1 8c0b4110ae930dbe26b258de9bc34a03f98056ed6f27f991d32919bfe401d7c5 @@ -361,7 +361,7 @@ number, port range, and/or protocol. The default protocol is `tcp` when not spec The following filter matches all containers that have published port of 80: -```bash +```console $ docker run -d --publish=80 busybox top $ docker run -d --expose=8080 busybox top @@ -378,7 +378,8 @@ fc7e477723b7 busybox "top" About a minute ago ``` The following filter matches all containers that have exposed TCP port in the range of `8000-8080`: -```bash + +```console $ docker ps --filter expose=8000-8080/tcp CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -386,7 +387,8 @@ CONTAINER ID IMAGE COMMAND CREATED ``` The following filter matches all containers that have exposed UDP port `80`: -```bash + +```console $ docker ps --filter publish=80/udp CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES @@ -423,7 +425,7 @@ column headers as well. The following example uses a template without headers and outputs the `ID` and `Command` entries separated by a colon (`:`) for all running containers: -```bash +```console $ docker ps --format "{{.ID}}: {{.Command}}" a87ecb4f327c: /bin/sh -c #(nop) MA @@ -434,7 +436,7 @@ c1d3b0166030: /bin/sh -c yum -y up To list all running containers with their labels in a table format you can use: -```bash +```console $ docker ps --format "table {{.ID}}\t{{.Labels}}" CONTAINER ID LABELS diff --git a/docs/reference/commandline/pull.md b/docs/reference/commandline/pull.md index 7d02c356e620..cb65b32a2883 100644 --- a/docs/reference/commandline/pull.md +++ b/docs/reference/commandline/pull.md @@ -53,7 +53,7 @@ To download a particular image, or set of images (i.e., a repository), use `docker pull`. If no tag is provided, Docker Engine uses the `:latest` tag as a default. This command pulls the `debian:latest` image: -```bash +```console $ docker pull debian Using default tag: latest @@ -72,7 +72,7 @@ both layers with `debian:latest`. Pulling the `debian:jessie` image therefore only pulls its metadata, but not its layers, because all layers are already present locally: -```bash +```console $ docker pull debian:jessie jessie: Pulling from library/debian @@ -85,7 +85,7 @@ Status: Downloaded newer image for debian:jessie To see which images are present locally, use the [`docker images`](images.md) command: -```bash +```console $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE @@ -121,22 +121,22 @@ and guarantee that the image you're using is always the same. To know the digest of an image, pull the image first. Let's pull the latest `ubuntu:14.04` image from Docker Hub: -```bash -$ docker pull ubuntu:14.04 +```console +$ docker pull ubuntu:20.04 -14.04: Pulling from library/ubuntu -5a132a7e7af1: Pull complete -fd2731e4c50c: Pull complete -28a2f68d1120: Pull complete -a3ed95caeb02: Pull complete -Digest: sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 -Status: Downloaded newer image for ubuntu:14.04 +20.04: Pulling from library/ubuntu +16ec32c2132b: Pull complete +Digest: sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 +Status: Downloaded newer image for ubuntu:20.04 +docker.io/library/ubuntu:20.04 ``` Docker prints the digest of the image after the pull has finished. In the example above, the digest of the image is: - sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 +```console +sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 +``` Docker also prints the digest of an image when *pushing* to a registry. This may be useful if you want to pin to a version of the image you just pushed. @@ -144,22 +144,19 @@ may be useful if you want to pin to a version of the image you just pushed. A digest takes the place of the tag when pulling an image, for example, to pull the above image by digest, run the following command: -```bash -$ docker pull ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 +```console +$ docker pull ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 -sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2: Pulling from library/ubuntu -5a132a7e7af1: Already exists -fd2731e4c50c: Already exists -28a2f68d1120: Already exists -a3ed95caeb02: Already exists -Digest: sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 -Status: Downloaded newer image for ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 +docker.io/library/ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3: Pulling from library/ubuntu +Digest: sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 +Status: Image is up to date for ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 +docker.io/library/ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 ``` Digest can also be used in the `FROM` of a Dockerfile, for example: ```dockerfile -FROM ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 +FROM ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 LABEL org.opencontainers.image.authors="some maintainer " ``` @@ -181,7 +178,7 @@ path is similar to a URL, but does not contain a protocol specifier (`https://`) The following command pulls the `testing/test-image` image from a local registry listening on port 5000 (`myregistry.local:5000`): -```bash +```console $ docker pull myregistry.local:5000/testing/test-image ``` @@ -200,7 +197,7 @@ can contain multiple images. To pull all images from a repository, provide the This command pulls all images from the `fedora` repository: -```bash +```console $ docker pull --all-tags fedora Pulling repository fedora @@ -217,7 +214,7 @@ After the pull has completed use the `docker images` command to see the images that were pulled. The example below shows all the `fedora` images that are present locally: -```bash +```console $ docker images fedora REPOSITORY TAG IMAGE ID CREATED SIZE @@ -232,7 +229,7 @@ fedora latest 105182bb5e8b 5 days ago 372.7 MB Killing the `docker pull` process, for example by pressing `CTRL-c` while it is running in a terminal, will terminate the pull operation. -```bash +```console $ docker pull fedora Using default tag: latest diff --git a/docs/reference/commandline/push.md b/docs/reference/commandline/push.md index a0906753c2f0..f72036fad50f 100644 --- a/docs/reference/commandline/push.md +++ b/docs/reference/commandline/push.md @@ -50,7 +50,7 @@ First save the new image by finding the container ID (using [`docker container l and then committing it to a new image name. Note that only `a-z0-9-_.` are allowed when naming images: -```bash +```console $ docker container commit c16378f943fe rhel-httpd:latest ``` @@ -59,7 +59,7 @@ registry is on host named `registry-host` and listening on port `5000`. To do this, tag the image with the host name or IP address, and the port of the registry: -```bash +```console $ docker image tag rhel-httpd:latest registry-host:5000/myadmin/rhel-httpd:latest $ docker image push registry-host:5000/myadmin/rhel-httpd:latest @@ -67,7 +67,7 @@ $ docker image push registry-host:5000/myadmin/rhel-httpd:latest Check that this worked by running: -```bash +```console $ docker image ls ``` @@ -82,7 +82,7 @@ The following example creates multiple tags for an image, and pushes all those tags to Docker Hub. -```bash +```console $ docker image tag myimage registry-host:5000/myname/myimage:latest $ docker image tag myimage registry-host:5000/myname/myimage:v1.0.1 $ docker image tag myimage registry-host:5000/myname/myimage:v1.0 @@ -91,7 +91,7 @@ $ docker image tag myimage registry-host:5000/myname/myimage:v1 The image is now tagged under multiple names: -```bash +```console $ docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE @@ -106,7 +106,7 @@ When pushing with the `--all-tags` option, all tags of the `registry-host:5000/m image are pushed: -```bash +```console $ docker image push --all-tags registry-host:5000/myname/myimage The push refers to repository [registry-host:5000/myname/myimage] diff --git a/docs/reference/commandline/rename.md b/docs/reference/commandline/rename.md index d16890bb559b..f95f9c3457e3 100644 --- a/docs/reference/commandline/rename.md +++ b/docs/reference/commandline/rename.md @@ -21,6 +21,6 @@ The `docker rename` command renames a container. ## Examples -```bash +```console $ docker rename my_container my_new_container ``` diff --git a/docs/reference/commandline/restart.md b/docs/reference/commandline/restart.md index 28652c376afb..aa64257d8680 100644 --- a/docs/reference/commandline/restart.md +++ b/docs/reference/commandline/restart.md @@ -18,6 +18,6 @@ Options: ## Examples -```bash +```console $ docker restart my_container ``` diff --git a/docs/reference/commandline/rm.md b/docs/reference/commandline/rm.md index a995e3264769..703734f5dc22 100644 --- a/docs/reference/commandline/rm.md +++ b/docs/reference/commandline/rm.md @@ -24,7 +24,7 @@ Options: This removes the container referenced under the link `/redis`. -```bash +```console $ docker rm /redis /redis @@ -37,7 +37,7 @@ containers on the default bridge network, removing all network communication between the two containers. This does not apply when `--link` is used with user-specified networks. -```bash +```console $ docker rm --link /webapp/redis /webapp/redis @@ -47,7 +47,7 @@ $ docker rm --link /webapp/redis This command force-removes a running container. -```bash +```console $ docker rm --force redis redis @@ -88,7 +88,7 @@ $ docker ps --filter status=exited -q | xargs docker rm ### Remove a container and its volumes -```bash +```console $ docker rm -v redis redis ``` @@ -98,7 +98,7 @@ Note that if a volume was specified with a name, it will not be removed. ### Remove a container and selectively remove volumes -```bash +```console $ docker create -v awesome:/foo -v /bar --name hello redis hello diff --git a/docs/reference/commandline/rmi.md b/docs/reference/commandline/rmi.md index 78cc4909a84f..a63ffb7658c3 100644 --- a/docs/reference/commandline/rmi.md +++ b/docs/reference/commandline/rmi.md @@ -35,7 +35,7 @@ an image has one or more tags referencing it, you must remove all of them before the image is removed. Digest references are removed automatically when an image is removed by tag. -```bash +```console $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE @@ -71,7 +71,7 @@ Deleted: fd484f19954f4920da7ff372b5067f5b7ddb2fd3830cecd17b96ea9e286ba5b8 If you use the `-f` flag and specify the image's short or long ID, then this command untags and removes all images that match the specified ID. -```bash +```console $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE @@ -89,7 +89,7 @@ Deleted: fd484f19954f4920da7ff372b5067f5b7ddb2fd3830cecd17b96ea9e286ba5b8 An image pulled by digest has no tag associated with it: -```bash +```console $ docker images --digests REPOSITORY TAG DIGEST IMAGE ID CREATED SIZE @@ -98,7 +98,7 @@ localhost:5000/test/busybox sha256:cbbf2f9a99b47fc460d422812b6a5adf To remove an image using its digest: -```bash +```console $ docker rmi localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf Untagged: localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf Deleted: 4986bf8c15363d1c5d15512d5266f8777bfba4974ac56e3270e7760f6f0a8125 diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index 28ba5ef8c62e..eb6906a01516 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -161,7 +161,7 @@ For information on connecting a container to a network, see the ["*Docker networ ### Assign name and allocate pseudo-TTY (--name, -it) -```bash +```console $ docker run --name test -it debian root@d6c0fe130dba:/# exit 13 @@ -180,7 +180,7 @@ In the example, the `bash` shell is quit by entering ### Capture container ID (--cidfile) -```bash +```console $ docker run --cidfile /tmp/docker_test.cid ubuntu echo "test" ``` @@ -191,7 +191,7 @@ file when `docker run` exits. ### Full container capabilities (--privileged) -```bash +```console $ docker run -t -i --rm ubuntu bash root@bc338942ef20:/# mount -t tmpfs none /mnt mount: permission denied @@ -201,7 +201,7 @@ This will *not* work, because by default, most potentially dangerous kernel capabilities are dropped; including `cap_sys_admin` (which is required to mount filesystems). However, the `--privileged` flag will allow it to run: -```bash +```console $ docker run -t -i --privileged ubuntu bash root@50e3f57e16e6:/# mount -t tmpfs none /mnt root@50e3f57e16e6:/# df -h @@ -216,7 +216,7 @@ flag exists to allow special use-cases, like running Docker within Docker. ### Set working directory (-w) -```bash +```console $ docker run -w /path/to/dir/ -i -t ubuntu pwd ``` @@ -225,7 +225,7 @@ The `-w` lets the command being executed inside directory given, here ### Set storage driver options per container -```bash +```console $ docker run -it --storage-opt size=120G fedora /bin/bash ``` @@ -240,7 +240,7 @@ Under these conditions, user can pass any size less than the backing fs size. ### Mount tmpfs (--tmpfs) -```bash +```console $ docker run -d --tmpfs /run:rw,noexec,nosuid,size=65536k my_image ``` @@ -249,7 +249,7 @@ The `--tmpfs` flag mounts an empty tmpfs into the container with the `rw`, ### Mount volume (-v, --read-only) -```bash +```console $ docker run -v `pwd`:`pwd` -w `pwd` -i -t ubuntu pwd ``` @@ -259,7 +259,7 @@ changing into the directory to the value returned by `pwd`. So this combination executes the command using the container, but inside the current working directory. -```bash +```console $ docker run -v /doesnt/exist:/foo -w /foo -i -t ubuntu bash ``` @@ -268,7 +268,7 @@ will automatically create this directory on the host for you. In the example above, Docker will create the `/doesnt/exist` folder before starting your container. -```bash +```console $ docker run --read-only -v /icanwrite busybox touch /icanwrite/here ``` @@ -277,7 +277,7 @@ a container writes files. The `--read-only` flag mounts the container's root filesystem as read only prohibiting writes to locations other than the specified volumes for the container. -```bash +```console $ docker run -t -i -v /var/run/docker.sock:/var/run/docker.sock -v /path/to/static-docker-binary:/usr/bin/docker busybox sh ``` @@ -327,17 +327,17 @@ Even though there is no plan to deprecate `--volume`, usage of `--mount` is reco Examples: -```bash +```console $ docker run --read-only --mount type=volume,target=/icanwrite busybox touch /icanwrite/here ``` -```bash +```console $ docker run -t -i --mount type=bind,src=/data,dst=/data busybox sh ``` ### Publish or expose port (-p, --expose) -```bash +```console $ docker run -p 127.0.0.1:80:8080/tcp ubuntu bash ``` @@ -351,7 +351,7 @@ Note that ports which are not bound to the host (i.e., `-p 80:80` instead of you configured UFW to block this specific port, as Docker manages his own iptables rules. [Read more](https://docs.docker.com/network/iptables/) -```bash +```console $ docker run --expose 80 ubuntu bash ``` @@ -360,7 +360,7 @@ system's interfaces. ### Set environment variables (-e, --env, --env-file) -```bash +```console $ docker run -e MYVAR1 --env MYVAR2=foo --env-file ./env.list ubuntu bash ``` @@ -370,7 +370,7 @@ that are defined in the Dockerfile of the image you're running. You can define the variable and its value when running the container: -```bash +```console $ docker run --env VAR1=value1 --env VAR2=value2 ubuntu env | grep VAR VAR1=value1 VAR2=value2 @@ -378,7 +378,7 @@ VAR2=value2 You can also use variables that you've exported to your local environment: -```bash +```console export VAR1=value1 export VAR2=value2 @@ -396,7 +396,7 @@ You can also load the environment variables from a file. This file should use the syntax `=value` (which sets the variable to the given value) or `` (which takes the value from the local environment), and `#` for comments. -```bash +```console $ cat env.list # This is a comment VAR1=value1 @@ -413,7 +413,7 @@ USER=denis A label is a `key=value` pair that applies metadata to a container. To label a container with two labels: -```bash +```console $ docker run -l my-label --label com.example.foo=bar ubuntu bash ``` @@ -428,7 +428,7 @@ Use the `--label-file` flag to load multiple labels from a file. Delimit each label in the file with an EOL mark. The example below loads labels from a labels file in the current directory: -```bash +```console $ docker run --label-file ./labels ubuntu bash ``` @@ -456,14 +456,14 @@ the Docker User Guide. When you start a container use the `--network` flag to connect it to a network. This adds the `busybox` container to the `my-net` network. -```bash +```console $ docker run -itd --network=my-net busybox ``` You can also choose the IP addresses for the container with `--ip` and `--ip6` flags when you start the container on a user-defined network. -```bash +```console $ docker run -itd --network=my-net --ip=10.10.9.75 busybox ``` @@ -486,7 +486,7 @@ disconnect` command. ### Mount volumes from container (--volumes-from) -```bash +```console $ docker run --volumes-from 777f7dc92da7 --volumes-from ba8c0c54f0f2:ro -i -t ubuntu pwd ``` @@ -516,14 +516,14 @@ The `-a` flag tells `docker run` to bind to the container's `STDIN`, `STDOUT` or `STDERR`. This makes it possible to manipulate the output and input as needed. -```bash +```console $ echo "test" | docker run -i -a stdin ubuntu cat - ``` This pipes data into a container and prints the container's ID by attaching only to the container's `STDIN`. -```bash +```console $ docker run -a stderr ubuntu echo test ``` @@ -531,7 +531,7 @@ This isn't going to print anything unless there's an error because we've only attached to the `STDERR` of the container. The container's logs still store what's been written to `STDERR` and `STDOUT`. -```bash +```console $ cat somefile | docker run -i -a stdin mybuilder dobuild ``` @@ -543,7 +543,7 @@ retrieve the container's ID once the container has finished running. ### Add host device to container (--device) -```bash +```console $ docker run --device=/dev/sdc:/dev/xvdc \ --device=/dev/sdd --device=/dev/zero:/dev/nulo \ -i -t \ @@ -564,7 +564,7 @@ This can be overridden using a third `:rwm` set of options to each `--device` flag. If the container is running in privileged mode, then the permissions specified will be ignored. -```bash +```console $ docker run --device=/dev/sda:/dev/xvdc --rm -it ubuntu fdisk /dev/xvdc Command (m for help): q @@ -620,20 +620,20 @@ for more information. To use `--gpus`, specify which GPUs (or all) to use. If no value is provied, all available GPUs are used. The example below exposes all available GPUs. -```bash +```console $ docker run -it --rm --gpus all ubuntu nvidia-smi ``` Use the `device` option to specify GPUs. The example below exposes a specific GPU. -```bash +```console $ docker run -it --rm --gpus device=GPU-3a23c669-1f69-c64e-cf85-44e9b07e7a2a ubuntu nvidia-smi ``` The example below exposes the first and third GPUs. -```bash +```console $ docker run -it --rm --gpus device=0,2 nvidia-smi ``` @@ -650,7 +650,7 @@ Docker supports the following restart policies: | `unless-stopped` | Restart the container unless it is explicitly stopped or Docker itself is stopped or restarted. | | `always` | Always restart the container regardless of the exit status. When you specify always, the Docker daemon will try to restart the container indefinitely. The container will also always start on daemon startup, regardless of the current state of the container. | -```bash +```console $ docker run --restart=always redis ``` @@ -667,16 +667,18 @@ You can add other hosts into a container's `/etc/hosts` file by using one or more `--add-host` flags. This example adds a static address for a host named `docker`: -```bash -$ docker run --add-host=docker:10.180.0.1 --rm -it debian +```console +$ docker run --add-host=docker:93.184.216.34 --rm -it alpine -root@f38c87f2a42d:/# ping docker -PING docker (10.180.0.1): 48 data bytes -56 bytes from 10.180.0.1: icmp_seq=0 ttl=254 time=7.600 ms -56 bytes from 10.180.0.1: icmp_seq=1 ttl=254 time=30.705 ms -^C--- docker ping statistics --- -2 packets transmitted, 2 packets received, 0% packet loss -round-trip min/avg/max/stddev = 7.600/19.152/30.705/11.553 ms +/ # ping docker +PING docker (93.184.216.34): 56 data bytes +64 bytes from 93.184.216.34: seq=0 ttl=37 time=93.052 ms +64 bytes from 93.184.216.34: seq=1 ttl=37 time=92.467 ms +64 bytes from 93.184.216.34: seq=2 ttl=37 time=92.252 ms +^C +--- docker ping statistics --- +4 packets transmitted, 4 packets received, 0% packet loss +round-trip min/avg/max = 92.209/92.495/93.052 ms ``` Sometimes you need to connect to the Docker host from within your @@ -688,7 +690,7 @@ The flags you pass to `ip addr show` depend on whether you are using IPv4 or IPv6 networking in your containers. Use the following flags for IPv4 address retrieval for a network device named `eth0`: -```bash +```console $ HOSTIP=`ip -4 addr show scope global dev eth0 | grep inet | awk '{print $2}' | cut -d / -f 1 | sed -n 1p` $ docker run --add-host=docker:${HOSTIP} --rm -it debian ``` @@ -704,7 +706,7 @@ available in the default container, you can set these using the `--ulimit` flag. `--ulimit` is specified with a soft and hard limit as such: `=[:]`, for example: -```bash +```console $ docker run --ulimit nofile=1024:1024 --rm debian sh -c "ulimit -n" 1024 ``` @@ -716,7 +718,7 @@ $ docker run --ulimit nofile=1024:1024 --rm debian sh -c "ulimit -n" > the default `ulimits` set on the daemon. The `as` option is disabled now. > In other words, the following script is not supported: > -> ```bash +> ```console > $ docker run -it --ulimit as=1024 fedora /bin/bash` > ``` @@ -729,7 +731,7 @@ Be careful setting `nproc` with the `ulimit` flag as `nproc` is designed by Linu maximum number of processes available to a user, not to a container. For example, start four containers with `daemon` user: -```bash +```console $ docker run -d -u daemon --ulimit nproc=3 busybox top $ docker run -d -u daemon --ulimit nproc=3 busybox top @@ -777,7 +779,7 @@ Windows. The `--isolation ` option sets a container's isolation technolog On Linux, the only supported is the `default` option which uses Linux namespaces. These two commands are equivalent on Linux: -```bash +```console $ docker run -d busybox top $ docker run -d --isolation default busybox top ``` @@ -858,7 +860,7 @@ The `--sysctl` sets namespaced kernel parameters (sysctls) in the container. For example, to turn on IP forwarding in the containers network namespace, run this command: -```bash +```console $ docker run --sysctl net.ipv4.ip_forward=1 someimage ``` diff --git a/docs/reference/commandline/save.md b/docs/reference/commandline/save.md index f7bf0593a3f6..562bf2d79912 100644 --- a/docs/reference/commandline/save.md +++ b/docs/reference/commandline/save.md @@ -26,7 +26,7 @@ each argument provided. ### Create a backup that can then be used with `docker load`. -```bash +```console $ docker save busybox > busybox.tar $ ls -sh busybox.tar @@ -48,14 +48,14 @@ $ docker save -o fedora-latest.tar fedora:latest You can use gzip to save the image file and make the backup smaller. -```bash -docker save myimage:latest | gzip > myimage_latest.tar.gz +```console +$ docker save myimage:latest | gzip > myimage_latest.tar.gz ``` ### Cherry-pick particular tags You can even cherry-pick particular tags of an image repository. -```bash +```console $ docker save -o ubuntu.tar ubuntu:lucid ubuntu:saucy ``` diff --git a/docs/reference/commandline/search.md b/docs/reference/commandline/search.md index b86aee350821..51587921e943 100644 --- a/docs/reference/commandline/search.md +++ b/docs/reference/commandline/search.md @@ -32,7 +32,7 @@ Search [Docker Hub](https://hub.docker.com) for images This example displays images with a name containing 'busybox': -```bash +```console $ docker search busybox NAME DESCRIPTION STARS OFFICIAL AUTOMATED @@ -68,8 +68,9 @@ marclop/busybox-solr This example displays images with a name containing 'busybox', at least 3 stars and the description isn't truncated in the output: -```bash +```console $ docker search --filter=stars=3 --no-trunc busybox + NAME DESCRIPTION STARS OFFICIAL AUTOMATED busybox Busybox base image. 325 [OK] progrium/busybox 50 [OK] @@ -97,7 +98,7 @@ The currently supported filters are: This example displays images with a name containing 'busybox' and at least 3 stars: -```bash +```console $ docker search --filter stars=3 busybox NAME DESCRIPTION STARS OFFICIAL AUTOMATED @@ -111,7 +112,7 @@ radial/busyboxplus Full-chain, Internet enabled, busybox made... 8 This example displays images with a name containing 'busybox' and are automated builds: -```bash +```console $ docker search --filter is-automated=true busybox NAME DESCRIPTION STARS OFFICIAL AUTOMATED @@ -124,7 +125,7 @@ radial/busyboxplus Full-chain, Internet enabled, busybox made... 8 This example displays images with a name containing 'busybox', at least 3 stars and are official builds: -```bash +```console $ docker search --filter is-official=true --filter stars=3 busybox NAME DESCRIPTION STARS OFFICIAL AUTOMATED @@ -153,7 +154,7 @@ output the data exactly as the template declares. If you use the The following example uses a template without headers and outputs the `Name` and `StarCount` entries separated by a colon (`:`) for all images: -```bash +```console $ docker search --format "{{.Name}}: {{.StarCount}}" nginx nginx: 5441 @@ -170,7 +171,7 @@ maxexcloo/nginx: 7 This example outputs a table format: -```bash +```console $ docker search --format "table {{.Name}}\t{{.IsAutomated}}\t{{.IsOfficial}}" nginx NAME AUTOMATED OFFICIAL diff --git a/docs/reference/commandline/secret_create.md b/docs/reference/commandline/secret_create.md index 0c131b8a29c2..f09ffbd3c9d6 100644 --- a/docs/reference/commandline/secret_create.md +++ b/docs/reference/commandline/secret_create.md @@ -33,8 +33,8 @@ For detailed information about using secrets, refer to [manage sensitive data wi ### Create a secret -```bash -$ printf | docker secret create my_secret - +```console +$ printf "my super secret password" | docker secret create my_secret - onakdyv307se2tl7nl20anokv @@ -46,7 +46,7 @@ onakdyv307se2tl7nl20anokv my_secret 6 seconds ago 6 seconds ag ### Create a secret with a file -```bash +```console $ docker secret create my_secret ./secret.json dg426haahpi5ezmkkj5kyl3sn @@ -59,15 +59,16 @@ dg426haahpi5ezmkkj5kyl3sn my_secret 7 seconds ago 7 seconds ag ### Create a secret with labels -```bash -$ docker secret create --label env=dev \ - --label rev=20170324 \ - my_secret ./secret.json +```console +$ docker secret create \ + --label env=dev \ + --label rev=20170324 \ + my_secret ./secret.json eo7jnzguqgtpdah3cm5srfb97 ``` -```bash +```console $ docker secret inspect my_secret [ diff --git a/docs/reference/commandline/secret_inspect.md b/docs/reference/commandline/secret_inspect.md index ef4fe1e295a5..e02550aed189 100644 --- a/docs/reference/commandline/secret_inspect.md +++ b/docs/reference/commandline/secret_inspect.md @@ -43,14 +43,14 @@ You can inspect a secret, either by its *name*, or *ID* For example, given the following secret: -```bash +```console $ docker secret ls ID NAME CREATED UPDATED eo7jnzguqgtpdah3cm5srfb97 my_secret 3 minutes ago 3 minutes ago ``` -```bash +```console $ docker secret inspect secret.json ``` @@ -82,7 +82,7 @@ You can use the --format option to obtain specific information about a secret. The following example command outputs the creation time of the secret. -```bash +```console $ docker secret inspect --format='{{.CreatedAt}}' eo7jnzguqgtpdah3cm5srfb97 2017-03-24 08:15:09.735271783 +0000 UTC diff --git a/docs/reference/commandline/secret_ls.md b/docs/reference/commandline/secret_ls.md index 45519b1ca847..395af6102eef 100644 --- a/docs/reference/commandline/secret_ls.md +++ b/docs/reference/commandline/secret_ls.md @@ -36,7 +36,7 @@ For detailed information about using secrets, refer to [manage sensitive data wi ## Examples -```bash +```console $ docker secret ls ID NAME CREATED UPDATED @@ -60,7 +60,7 @@ The currently supported filters are: The `id` filter matches all or prefix of a secret's id. -```bash +```console $ docker secret ls -f "id=6697bflskwj1998km1gnnjr38" ID NAME CREATED UPDATED @@ -75,7 +75,7 @@ a `label` and a value. The following filter matches all secrets with a `project` label regardless of its value: -```bash +```console $ docker secret ls --filter label=project ID NAME CREATED UPDATED @@ -85,7 +85,7 @@ mem02h8n73mybpgqjf0kfi1n0 test_secret About an hour ago Abou The following filter matches only services with the `project` label with the `project-a` value. -```bash +```console $ docker service ls --filter label=project=test ID NAME CREATED UPDATED @@ -98,7 +98,7 @@ The `name` filter matches on all or prefix of a secret's name. The following filter matches secret with a name containing a prefix of `test`. -```bash +```console $ docker secret ls --filter name=test_secret ID NAME CREATED UPDATED @@ -128,7 +128,7 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `ID` and `Name` entries separated by a colon (`:`) for all images: -```bash +```console $ docker secret ls --format "{{.ID}}: {{.Name}}" 77af4d6b9913: secret-1 @@ -139,7 +139,7 @@ b6fa739cedf5: secret-2 To list all secrets with their name and created date in a table format you can use: -```bash +```console $ docker secret ls --format "table {{.ID}}\t{{.Name}}\t{{.CreatedAt}}" ID NAME CREATED diff --git a/docs/reference/commandline/secret_rm.md b/docs/reference/commandline/secret_rm.md index 96505bfc060d..df99f958ca16 100644 --- a/docs/reference/commandline/secret_rm.md +++ b/docs/reference/commandline/secret_rm.md @@ -35,7 +35,7 @@ For detailed information about using secrets, refer to [manage sensitive data wi This example removes a secret: -```bash +```console $ docker secret rm secret.json sapth4csdo5b6wz2p5uimh5xg ``` diff --git a/docs/reference/commandline/service_create.md b/docs/reference/commandline/service_create.md index 800c9ae39345..340193891180 100644 --- a/docs/reference/commandline/service_create.md +++ b/docs/reference/commandline/service_create.md @@ -101,7 +101,7 @@ Creates a service as described by the specified parameters. ### Create a service -```bash +```console $ docker service create --name redis redis:3.0.6 dmu1ept4cxcfe8k8lhtux3ro3 @@ -124,7 +124,7 @@ If your image is available on a private registry which requires login, use the your image is stored on `registry.example.com`, which is a private registry, use a command like the following: -```bash +```console $ docker login registry.example.com $ docker service create \ @@ -142,7 +142,7 @@ nodes are able to log into the registry and pull the image. Use the `--replicas` flag to set the number of replica tasks for a replicated service. The following command creates a `redis` service with `5` replica tasks: -```bash +```console $ docker service create --name redis --replicas=5 redis:3.0.6 4cdgfyky7ozwh3htjfw0d12qv @@ -156,7 +156,7 @@ of replica tasks for the service. In the following example the desired state is `5` replicas, but the current number of `RUNNING` tasks is `3`: -```bash +```console $ docker service ls ID NAME MODE REPLICAS IMAGE @@ -166,7 +166,7 @@ ID NAME MODE REPLICAS IMAGE Once all the tasks are created and `RUNNING`, the actual number of tasks is equal to the desired number: -```bash +```console $ docker service ls ID NAME MODE REPLICAS IMAGE @@ -180,7 +180,7 @@ Use the `--secret` flag to give a container access to a Create a service specifying a secret: -```bash +```console $ docker service create --name redis --secret secret.json redis:3.0.6 4cdgfyky7ozwh3htjfw0d12qv @@ -188,7 +188,7 @@ $ docker service create --name redis --secret secret.json redis:3.0.6 Create a service specifying the secret, target, user/group ID, and mode: -```bash +```console $ docker service create --name redis \ --secret source=ssh-key,target=ssh \ --secret source=app-key,target=app,uid=1000,gid=1001,mode=0400 \ @@ -217,13 +217,13 @@ as numerical IDs or names. When using names, the provided group/user names must pre-exist in the container. The `mode` is specified as a 4-number sequence such as `0755`. -```bash +```console $ docker service create --name=redis --config redis-conf redis:3.0.6 ``` Create a service with a config and specify the target location and file mode: -```bash +```console $ docker service create --name redis \ --config source=redis-conf,target=/etc/redis/redis.conf,mode=0400 redis:3.0.6 ``` @@ -236,7 +236,7 @@ the container. If a target is specified, that is used as the filename. ### Create a service with a rolling update policy -```bash +```console $ docker service create \ --replicas 10 \ --name redis \ @@ -254,7 +254,7 @@ tutorial](https://docs.docker.com/engine/swarm/swarm-tutorial/rolling-update/). This sets an environment variable for all tasks in a service. For example: -```bash +```console $ docker service create \ --name redis_2 \ --replicas 5 \ @@ -265,7 +265,7 @@ $ docker service create \ To specify multiple environment variables, specify multiple `--env` flags, each with a separate key-value pair. -```bash +```console $ docker service create \ --name redis_2 \ --replicas 5 \ @@ -279,7 +279,7 @@ $ docker service create \ This option sets the docker service containers hostname to a specific string. For example: -```bash +```console $ docker service create --name redis --hostname myredis redis:3.0.6 ``` @@ -288,7 +288,7 @@ $ docker service create --name redis --hostname myredis redis:3.0.6 A label is a `key=value` pair that applies metadata to a service. To label a service with two labels: -```bash +```console $ docker service create \ --name redis_2 \ --label com.example.foo="bar" @@ -592,7 +592,7 @@ or `--volume` flag for `docker run`, with some important exceptions: The following example creates a service that uses a named volume: -```bash +```console $ docker service create \ --name my-service \ --replicas 3 \ @@ -622,7 +622,7 @@ be deployed on a different node. The following command creates a service with three replicas with an anonymous volume on `/path/in/container`: -```bash +```console $ docker service create \ --name my-service \ --replicas 3 \ @@ -640,7 +640,7 @@ the task using them is complete. The following example bind-mounts a host directory at `/path/in/container` in the containers backing the service: -```bash +```console $ docker service create \ --name my-service \ --mount type=bind,source=/path/on/host,destination=/path/in/container \ @@ -655,7 +655,7 @@ service runs on each active node in the swarm. The following command creates a global service: -```bash +```console $ docker service create \ --name redis_2 \ --mode global \ @@ -688,7 +688,7 @@ the [`docker node update`](node_update.md) command. For example, the following limits tasks for the redis service to nodes where the node type label equals queue: -```bash +```console $ docker service create \ --name redis_2 \ --constraint node.platform.os==linux \ @@ -703,7 +703,7 @@ loop and deploy the service once a suitable node becomes available. In the example below, no node satisfying the constraint was found, causing the service to not reconcile with the desired state: -```bash +```console $ docker service create \ --name web \ --constraint node.labels.region==east \ @@ -721,7 +721,7 @@ b6lww17hrr4e web replicated 0/1 nginx:alpine After adding the `region=east` label to a node in the cluster, the service reconciles, and the desired number of replicas are deployed: -```bash +```console $ docker node update --label-add region=east yswe2dm4c5fdgtsrli1e8ya5l yswe2dm4c5fdgtsrli1e8ya5l @@ -736,7 +736,7 @@ You can set up the service to divide tasks evenly over different categories of nodes. One example of where this can be useful is to balance tasks over a set of datacenters or availability zones. The example below illustrates this: -```bash +```console $ docker service create \ --replicas 9 \ --name redis_2 \ @@ -787,7 +787,7 @@ The following example sets up a service with multiple placement preferences. Tasks are spread first over the various datacenters, and then over racks (as indicated by the respective labels): -```bash +```console $ docker service create \ --replicas 9 \ --name redis_2 \ @@ -812,7 +812,7 @@ pending state. The following example requires that 4GB of memory be available and reservable on a given node before scheduling the service to run on that node. -```bash +```console $ docker service create --reserve-memory=4GB --name=too-big nginx:alpine ``` @@ -825,7 +825,7 @@ given amount of memory on a node. This example limits the amount of memory used by the task to 4GB. The task will be scheduled even if each of your nodes has only 2GB of memory, because `--limit-memory` is an upper limit. -```bash +```console $ docker service create --limit-memory=4GB --name=too-big nginx:alpine ``` @@ -880,7 +880,7 @@ maintenance or datacenter failure. The example below illustrates this: -```bash +```console $ docker service create \ --name nginx \ --replicas 2 \ @@ -896,7 +896,7 @@ You can use overlay networks to connect one or more services within the swarm. First, create an overlay network on a manager node the docker network create command: -```bash +```console $ docker network create --driver overlay my-network etjpu59cykrptrgw0z0hk5snf @@ -908,7 +908,7 @@ access to the network. When you create a service and pass the `--network` flag to attach the service to the overlay network: -```bash +```console $ docker service create \ --replicas 3 \ --network my-network \ @@ -933,7 +933,7 @@ using the `--publish` flag. The `--publish` flag can take two different styles of arguments. The short version is positional, and allows you to specify the published port and target port separated by a colon (`:`). -```bash +```console $ docker service create --name my_web --replicas 3 --publish 8080:80 nginx ``` @@ -942,7 +942,7 @@ more options. The long format is preferred. You cannot specify the service's mode when using the short format. Here is an example of using the long format for the same service as above: -```bash +```console $ docker service create --name my_web --replicas 3 --publish published=8080,target=80 nginx ``` @@ -1074,7 +1074,7 @@ Valid placeholders for the Go template are listed below: In this example, we are going to set the template of the created containers based on the service's name, the node's ID and hostname where it sits. -```bash +```console $ docker service create \ --name hosttempl \ --hostname="{{.Node.Hostname}}-{{.Node.ID}}-{{.Service.Name}}"\ @@ -1098,7 +1098,7 @@ By default, tasks scheduled on Windows nodes are run using the default isolation configured for this particular node. To force a specific isolation mode, you can use the `--isolation` flag: -```bash +```console $ docker service create --name myservice --isolation=process microsoft/nanoserver ``` @@ -1112,7 +1112,7 @@ Supported isolation modes on Windows are: You can narrow the kind of nodes your task can land on through the using the `--generic-resource` flag (if the nodes advertise these resources): -```bash +```console $ docker service create \ --name cuda \ --generic-resource "NVIDIA-GPU=2" \ @@ -1129,7 +1129,7 @@ belonging to a job exits successfully (return value 0), the Task is marked as Jobs are started by using one of two modes, `replicated-job` or `global-job` -```bash +```console $ docker service create --name myjob \ --mode replicated-job \ bash "true" @@ -1159,12 +1159,13 @@ By default, all replicas of a replicated job will launch at once. To control the total number of replicas that are executing simultaneously at any one time, the `--max-concurrent` flag can be used: -```bash -$ docker service create --name mythrottledjob \ - --mode replicated-job \ - --replicas 10 \ - --max-concurrent 2 \ - bash "true" +```console +$ docker service create \ + --name mythrottledjob \ + --mode replicated-job \ + --replicas 10 \ + --max-concurrent 2 \ + bash "true" ``` The above command will execute 10 Tasks in total, but only 2 of them will be diff --git a/docs/reference/commandline/service_inspect.md b/docs/reference/commandline/service_inspect.md index b3a97e6cd995..8427eabfdc02 100644 --- a/docs/reference/commandline/service_inspect.md +++ b/docs/reference/commandline/service_inspect.md @@ -42,7 +42,7 @@ You can inspect a service, either by its *name*, or *ID* For example, given the following service; -```bash +```console $ docker service ls ID NAME MODE REPLICAS IMAGE dmu1ept4cxcf redis replicated 3/3 redis:3.0.6 @@ -51,7 +51,7 @@ dmu1ept4cxcf redis replicated 3/3 redis:3.0.6 Both `docker service inspect redis`, and `docker service inspect dmu1ept4cxcf` produce the same result: -```bash +```console $ docker service inspect redis ``` @@ -99,7 +99,7 @@ The output is in JSON format, for example: ] ``` -```bash +```console $ docker service inspect dmu1ept4cxcf [ @@ -118,7 +118,7 @@ $ docker service inspect dmu1ept4cxcf You can print the inspect output in a human-readable format instead of the default JSON output, by using the `--pretty` option: -```bash +```console $ docker service inspect --pretty frontend ID: c8wgl7q4ndfd52ni6qftkvnnp @@ -153,7 +153,7 @@ The `--format` option can be used to obtain specific information about a service. For example, the following command outputs the number of replicas of the "redis" service. -```bash +```console $ docker service inspect --format='{{.Spec.Mode.Replicated.Replicas}}' redis 10 diff --git a/docs/reference/commandline/service_ls.md b/docs/reference/commandline/service_ls.md index 1cf5f765e6ab..97f7763abe3f 100644 --- a/docs/reference/commandline/service_ls.md +++ b/docs/reference/commandline/service_ls.md @@ -36,7 +36,7 @@ This command lists services are running in the swarm. On a manager node: -```bash +```console $ docker service ls ID NAME MODE REPLICAS IMAGE @@ -67,7 +67,7 @@ The currently supported filters are: The `id` filter matches all or part of a service's id. -```bash +```console $ docker service ls -f "id=0bcjw" ID NAME MODE REPLICAS IMAGE 0bcjwfh8ychr redis replicated 1/1 redis:3.0.6 @@ -81,7 +81,7 @@ a `label` and a value. The following filter matches all services with a `project` label regardless of its value: -```bash +```console $ docker service ls --filter label=project ID NAME MODE REPLICAS IMAGE 01sl1rp6nj5u frontend2 replicated 1/1 nginx:alpine @@ -92,7 +92,7 @@ ID NAME MODE REPLICAS IMAGE The following filter matches only services with the `project` label with the `project-a` value. -```bash +```console $ docker service ls --filter label=project=project-a ID NAME MODE REPLICAS IMAGE 36xvvwwauej0 frontend replicated 5/5 nginx:alpine @@ -105,7 +105,7 @@ The `mode` filter matches on the mode (either `replicated` or `global`) of a ser The following filter matches only `global` services. -```bash +```console $ docker service ls --filter mode=global ID NAME MODE REPLICAS IMAGE w7y0v2yrn620 top global 1/1 busybox @@ -117,7 +117,7 @@ The `name` filter matches on all or part of a service's name. The following filter matches services with a name containing `redis`. -```bash +```console $ docker service ls --filter name=redis ID NAME MODE REPLICAS IMAGE 0bcjwfh8ychr redis replicated 1/1 redis:3.0.6 @@ -146,7 +146,7 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `ID`, `Mode`, and `Replicas` entries separated by a colon (`:`) for all services: -```bash +```console $ docker service ls --format "{{.ID}}: {{.Mode}} {{.Replicas}}" 0zmvwuiu3vue: replicated 10/10 diff --git a/docs/reference/commandline/service_ps.md b/docs/reference/commandline/service_ps.md index 66c9a52d3b86..2e0ba6bef507 100644 --- a/docs/reference/commandline/service_ps.md +++ b/docs/reference/commandline/service_ps.md @@ -38,7 +38,7 @@ Lists the tasks that are running as part of the specified services. The following command shows all the tasks that are part of the `redis` service: -```bash +```console $ docker service ps redis ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS @@ -58,7 +58,7 @@ In addition to _running_ tasks, the output also shows the task history. For example, after updating the service to use the `redis:3.0.6` image, the output may look like this: -```bash +```console $ docker service ps redis ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS @@ -83,7 +83,7 @@ image, and pins the service to that digest. The digest is not shown by default, but is printed if `--no-trunc` is used. The `--no-trunc` option also shows the non-truncated task ID, and error-messages, as can be seen below; -```bash +```console $ docker service ps --no-trunc redis ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS @@ -112,7 +112,7 @@ The currently supported filters are: The `id` filter matches on all or a prefix of a task's ID. -```bash +```console $ docker service ps -f "id=8" redis ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS @@ -124,8 +124,9 @@ ID NAME IMAGE NODE DESIRED STATE CURRENT STATE The `name` filter matches on task names. -```bash +```console $ docker service ps -f "name=redis.1" redis + ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS qihejybwf1x5 redis.1 redis:3.0.6 manager1 Running Running 8 seconds ``` @@ -135,8 +136,9 @@ qihejybwf1x5 redis.1 redis:3.0.6 manager1 Running Running 8 seconds The `node` filter matches on a node name or a node ID. -```bash +```console $ docker service ps -f "node=manager1" redis + ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS 0qihejybwf1x redis.1 redis:3.0.6 manager1 Running Running 8 seconds 1x0v8yomsncd redis.5 redis:3.0.6 manager1 Running Running 8 seconds @@ -173,8 +175,9 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `Name` and `Image` entries separated by a colon (`:`) for all tasks: -```bash +```console $ docker service ps --format "{{.Name}}: {{.Image}}" top + top.1: busybox top.2: busybox top.3: busybox diff --git a/docs/reference/commandline/service_rm.md b/docs/reference/commandline/service_rm.md index ec8cddcb3cfb..015d43507611 100644 --- a/docs/reference/commandline/service_rm.md +++ b/docs/reference/commandline/service_rm.md @@ -33,7 +33,7 @@ Removes the specified services from the swarm. Remove the `redis` service: -```bash +```console $ docker service rm redis redis diff --git a/docs/reference/commandline/service_rollback.md b/docs/reference/commandline/service_rollback.md index 4d8745330b0e..2cd276fe1763 100644 --- a/docs/reference/commandline/service_rollback.md +++ b/docs/reference/commandline/service_rollback.md @@ -43,13 +43,13 @@ previous version, having one replica. Create a service with a single replica: -```bash +```console $ docker service create --name my-service -p 8080:80 nginx:alpine ``` Confirm that the service is running with a single replica: -```bash +```console $ docker service ls ID NAME MODE REPLICAS IMAGE PORTS @@ -58,7 +58,7 @@ xbw728mf6q0d my-service replicated 1/1 Update the service to use three replicas: -```bash +```console $ docker service update --replicas=3 my-service $ docker service ls @@ -70,7 +70,7 @@ xbw728mf6q0d my-service replicated 3/3 Now roll back the service to its previous version, and confirm it is running a single replica again: -```bash +```console $ docker service rollback my-service $ docker service ls diff --git a/docs/reference/commandline/service_scale.md b/docs/reference/commandline/service_scale.md index 866669ffa7d2..a61337d07b6c 100644 --- a/docs/reference/commandline/service_scale.md +++ b/docs/reference/commandline/service_scale.md @@ -37,7 +37,7 @@ service while keeping the service active in the swarm you can set the scale to 0 The following command scales the "frontend" service to 50 tasks. -```bash +```console $ docker service scale frontend=50 frontend scaled to 50 @@ -45,7 +45,7 @@ frontend scaled to 50 The following command tries to scale a global service to 10 tasks and returns an error. -```bash +```console $ docker service create --mode global --name backend backend:latest b4g08uwuairexjub6ome6usqh @@ -58,7 +58,7 @@ backend: scale can only be used with replicated or replicated-job mode Directly afterwards, run `docker service ls`, to see the actual number of replicas. -```bash +```console $ docker service ls --filter name=frontend ID NAME MODE REPLICAS IMAGE @@ -68,7 +68,7 @@ ID NAME MODE REPLICAS IMAGE You can also scale a service using the [`docker service update`](service_update.md) command. The following commands are equivalent: -```bash +```console $ docker service scale frontend=50 $ docker service update --replicas=50 frontend ``` @@ -79,7 +79,7 @@ The `docker service scale` command allows you to set the desired number of tasks for multiple services at once. The following example scales both the backend and frontend services: -```bash +```console $ docker service scale backend=3 frontend=5 backend scaled to 3 diff --git a/docs/reference/commandline/service_update.md b/docs/reference/commandline/service_update.md index 68626395b11d..a1545ae979ee 100644 --- a/docs/reference/commandline/service_update.md +++ b/docs/reference/commandline/service_update.md @@ -127,13 +127,13 @@ rolling restart without any changes to the service parameters. ### Update a service -```bash +```console $ docker service update --limit-cpu 2 redis ``` ### Perform a rolling restart with no parameter changes -```bash +```console $ docker service update --force --update-parallelism 1 --update-delay 30s redis ``` @@ -161,7 +161,7 @@ service name. - The `--mount-rm` flag takes the `target` path of the mount. -```bash +```console $ docker service create \ --name=myservice \ --mount type=volume,source=test-data,target=/somewhere \ @@ -189,7 +189,7 @@ reference. The following example adds a published service port to an existing service. -```bash +```console $ docker service update \ --publish-add published=8080,target=80 \ myservice @@ -204,7 +204,7 @@ reference. The following example adds a new alias name to an existing service already connected to network my-network: -```bash +```console $ docker service update \ --network-rm my-network \ --network-add name=my-network,alias=web1 \ @@ -219,7 +219,7 @@ This will revert the service to the configuration that was in place before the m The following example updates the number of replicas for the service from 4 to 5, and then rolls back to the previous configuration. -```bash +```console $ docker service update --replicas=5 web web @@ -230,9 +230,10 @@ ID NAME MODE REPLICAS IMAGE 80bvrzp6vxf3 web replicated 0/5 nginx:alpine ``` + Roll back the `web` service... -```bash +```console $ docker service update --rollback web web @@ -246,7 +247,7 @@ ID NAME MODE REPLICAS IMAGE Other options can be combined with `--rollback` as well, for example, `--update-delay 0s` to execute the rollback without a delay between tasks: -```bash +```console $ docker service update \ --rollback \ --update-delay 0s @@ -283,7 +284,7 @@ secrets. The following example adds a secret named `ssh-2` and removes `ssh-1`: -```bash +```console $ docker service update \ --secret-add source=ssh-2,target=ssh-2 \ --secret-rm ssh-1 \ diff --git a/docs/reference/commandline/stack_deploy.md b/docs/reference/commandline/stack_deploy.md index 0be6dc50c08c..858be7667657 100644 --- a/docs/reference/commandline/stack_deploy.md +++ b/docs/reference/commandline/stack_deploy.md @@ -43,7 +43,7 @@ Create and update a stack from a `compose` file on the swarm. The `deploy` command supports compose file version `3.0` and above. -```bash +```console $ docker stack deploy --compose-file docker-compose.yml vossibility Ignoring unsupported options: links @@ -60,7 +60,7 @@ Creating service vossibility_lookupd The Compose file can also be provided as standard input with `--compose-file -`: -```bash +```console $ cat docker-compose.yml | docker stack deploy --compose-file - vossibility Ignoring unsupported options: links @@ -79,7 +79,7 @@ If your configuration is split between multiple Compose files, e.g. a base configuration and environment-specific overrides, you can provide multiple `--compose-file` flags. -```bash +```console $ docker stack deploy --compose-file docker-compose.yml -c docker-compose.prod.yml vossibility Ignoring unsupported options: links @@ -96,7 +96,7 @@ Creating service vossibility_lookupd You can verify that the services were correctly created: -```bash +```console $ docker service ls ID NAME MODE REPLICAS IMAGE diff --git a/docs/reference/commandline/stack_ls.md b/docs/reference/commandline/stack_ls.md index 0d7517a33693..96a42e729873 100644 --- a/docs/reference/commandline/stack_ls.md +++ b/docs/reference/commandline/stack_ls.md @@ -37,7 +37,7 @@ Lists the stacks. The following command shows all stacks and some additional information: -```bash +```console $ docker stack ls ID SERVICES ORCHESTRATOR @@ -65,7 +65,7 @@ the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `Name` and `Services` entries separated by a colon (`:`) for all stacks: -```bash +```console $ docker stack ls --format "{{.Name}}: {{.Services}}" web-server: 1 web-cache: 4 diff --git a/docs/reference/commandline/stack_ps.md b/docs/reference/commandline/stack_ps.md index bc0f27efc5ff..a427eeb8a110 100644 --- a/docs/reference/commandline/stack_ps.md +++ b/docs/reference/commandline/stack_ps.md @@ -40,8 +40,9 @@ Lists the tasks that are running as part of the specified stack. The following command shows all the tasks that are part of the `voting` stack: -```bash +```console $ docker stack ps voting + ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS xim5bcqtgk1b voting_worker.1 dockersamples/examplevotingapp_worker:latest node2 Running Running 2 minutes ago q7yik0ks1in6 voting_result.1 dockersamples/examplevotingapp_result:before node1 Running Running 2 minutes ago @@ -71,8 +72,9 @@ The currently supported filters are: The `id` filter matches on all or a prefix of a task's ID. -```bash +```console $ docker stack ps -f "id=t" voting + ID NAME IMAGE NODE DESIRED STATE CURRENTSTATE ERROR PORTS tz6j82jnwrx7 voting_db.1 postgres:9.4 node1 Running Running 14 minutes ago t72q3z038jeh voting_redis.2 redis:alpine node3 Running Running 14 minutes ago @@ -82,8 +84,9 @@ t72q3z038jeh voting_redis.2 redis:alpine node3 Running The `name` filter matches on task names. -```bash +```console $ docker stack ps -f "name=voting_redis" voting + ID NAME IMAGE NODE DESIRED STATE CURRENTSTATE ERROR PORTS w48spazhbmxc voting_redis.1 redis:alpine node2 Running Running 17 minutes ago t72q3z038jeh voting_redis.2 redis:alpine node3 Running Running 17 minutes ago @@ -93,8 +96,9 @@ t72q3z038jeh voting_redis.2 redis:alpine node3 Running The `node` filter matches on a node name or a node ID. -```bash +```console $ docker stack ps -f "node=node1" voting + ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS q7yik0ks1in6 voting_result.1 dockersamples/examplevotingapp_result:before node1 Running Running 18 minutes ago tz6j82jnwrx7 voting_db.1 postgres:9.4 node1 Running Running 18 minutes ago @@ -105,8 +109,9 @@ tz6j82jnwrx7 voting_db.1 postgres:9.4 The `desired-state` filter can take the values `running`, `shutdown`, `ready` or `accepted`. -```bash +```console $ docker stack ps -f "desired-state=running" voting + ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS xim5bcqtgk1b voting_worker.1 dockersamples/examplevotingapp_worker:latest node2 Running Running 21 minutes ago q7yik0ks1in6 voting_result.1 dockersamples/examplevotingapp_result:before node1 Running Running 21 minutes ago @@ -142,8 +147,9 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `Name` and `Image` entries separated by a colon (`:`) for all tasks: -```bash +```console $ docker stack ps --format "{{.Name}}: {{.Image}}" voting + voting_worker.1: dockersamples/examplevotingapp_worker:latest voting_result.1: dockersamples/examplevotingapp_result:before voting_vote.1: dockersamples/examplevotingapp_vote:before @@ -158,8 +164,9 @@ voting_redis.2: redis:alpine The `--no-resolve` option shows IDs for task name, without mapping IDs to Names. -```bash +```console $ docker stack ps --no-resolve voting + ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS xim5bcqtgk1b 10z9fjfqzsxnezo4hb81p8mqg.1 dockersamples/examplevotingapp_worker:latest qaqt4nrzo775jrx6detglho01 Running Running 30 minutes ago q7yik0ks1in6 hbxltua1na7mgqjnidldv5m65.1 dockersamples/examplevotingapp_result:before mxpaef1tlh23s052erw88a4w5 Running Running 30 minutes ago @@ -178,8 +185,9 @@ image, and pins the service to that digest. The digest is not shown by default, but is printed if `--no-trunc` is used. The `--no-trunc` option also shows the non-truncated task IDs, and error-messages, as can be seen below: -```bash +```console $ docker stack ps --no-trunc voting + ID NAME IMAGE NODE DESIRED STATE CURREN STATE ERROR PORTS xim5bcqtgk1bxqz91jzo4a1s5 voting_worker.1 dockersamples/examplevotingapp_worker:latest@sha256:3e4ddf59c15f432280a2c0679c4fc5a2ee5a797023c8ef0d3baf7b1385e9fed node2 Running Runnin 32 minutes ago q7yik0ks1in6kv32gg6y6yjf7 voting_result.1 dockersamples/examplevotingapp_result:before@sha256:83b56996e930c292a6ae5187fda84dd6568a19d97cdb933720be15c757b7463 node1 Running Runnin 32 minutes ago @@ -196,7 +204,7 @@ t72q3z038jehe1wbh9gdum076 voting_redis.2 redis:alpine@sha256:9cd405cd1e The `-q ` or `--quiet` option only shows IDs of the tasks in the stack. This example outputs all task IDs of the "voting" stack; -```bash +```console $ docker stack ps -q voting xim5bcqtgk1b q7yik0ks1in6 @@ -212,14 +220,14 @@ This option can be used to perform batch operations. For example, you can use the task IDs as input for other commands, such as `docker inspect`. The following example inspects all tasks of the "voting" stack; -```bash +```console $ docker inspect $(docker stack ps -q voting) [ { "ID": "xim5bcqtgk1b1gk0krq1", "Version": { -(...) +<...> ``` ## Related commands diff --git a/docs/reference/commandline/stack_rm.md b/docs/reference/commandline/stack_rm.md index a6fb12eb4d4b..ff2a9019d842 100644 --- a/docs/reference/commandline/stack_rm.md +++ b/docs/reference/commandline/stack_rm.md @@ -38,7 +38,7 @@ Remove the stack from the swarm. This will remove the stack with the name `myapp`. Services, networks, and secrets associated with the stack will be removed. -```bash +```console $ docker stack rm myapp Removing service myapp_redis @@ -52,7 +52,7 @@ Removing network myapp_frontend This will remove all the specified stacks, `myapp` and `vossibility`. Services, networks, and secrets associated with all the specified stacks will be removed. -```bash +```console $ docker stack rm myapp vossibility Removing service myapp_redis diff --git a/docs/reference/commandline/stack_services.md b/docs/reference/commandline/stack_services.md index a3ee74335b30..d689e728cb50 100644 --- a/docs/reference/commandline/stack_services.md +++ b/docs/reference/commandline/stack_services.md @@ -36,7 +36,7 @@ Lists the services that are running as part of the specified stack. The following command shows all services in the `myapp` stack: -```bash +```console $ docker stack services myapp ID NAME REPLICAS IMAGE COMMAND @@ -52,7 +52,7 @@ Multiple filter flags are combined as an `OR` filter. The following command shows both the `web` and `db` services: -```bash +```console $ docker stack services --filter name=myapp_web --filter name=myapp_db myapp ID NAME REPLICAS IMAGE COMMAND @@ -103,7 +103,7 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `ID`, `Mode`, and `Replicas` entries separated by a colon (`:`) for all services: -```bash +```console $ docker stack services --format "{{.ID}}: {{.Mode}} {{.Replicas}}" 0zmvwuiu3vue: replicated 10/10 diff --git a/docs/reference/commandline/start.md b/docs/reference/commandline/start.md index 9c13505b1378..1a710048b984 100644 --- a/docs/reference/commandline/start.md +++ b/docs/reference/commandline/start.md @@ -20,6 +20,6 @@ Options: ## Examples -```bash +```console $ docker start my_container ``` diff --git a/docs/reference/commandline/stats.md b/docs/reference/commandline/stats.md index 5b5d3f6a1e5e..466b7ff12010 100644 --- a/docs/reference/commandline/stats.md +++ b/docs/reference/commandline/stats.md @@ -53,7 +53,7 @@ the `/containers/(id)/stats` API endpoint. Running `docker stats` on all running containers against a Linux daemon. -```bash +```console $ docker stats CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS @@ -77,7 +77,7 @@ following columns are shown. Running `docker stats` on multiple containers by name and id against a Linux daemon. -```bash +```console $ docker stats awesome_brattain 67b2525d8ad1 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS @@ -87,7 +87,7 @@ b95a83497c91 awesome_brattain 0.28% 5.629MiB / 1.952GiB Running `docker stats` with customized format on all (Running and Stopped) containers. -```bash +```console $ docker stats --all --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}" fervent_panini 5acfcb1b4fd1 drunk_visvesvaraya big_heisenberg CONTAINER CPU % MEM USAGE / LIMIT @@ -151,7 +151,7 @@ outputs the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `Container` and `CPUPerc` entries separated by a colon (`:`) for all images: -```bash +```console $ docker stats --format "{{.Container}}: {{.CPUPerc}}" 09d3bb5b1604: 6.61% @@ -162,7 +162,7 @@ $ docker stats --format "{{.Container}}: {{.CPUPerc}}" To list all containers statistics with their name, CPU percentage and memory usage in a table format you can use: -```bash +```console $ docker stats --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}" CONTAINER CPU % PRIV WORKING SET diff --git a/docs/reference/commandline/stop.md b/docs/reference/commandline/stop.md index 282a37858293..fdc7d0ae72c6 100644 --- a/docs/reference/commandline/stop.md +++ b/docs/reference/commandline/stop.md @@ -25,6 +25,6 @@ instruction in the container's Dockerfile, or the `--stop-signal` option to ## Examples -```bash +```console $ docker stop my_container ``` diff --git a/docs/reference/commandline/swarm_ca.md b/docs/reference/commandline/swarm_ca.md index e342ce5a6c4c..c51157ca8236 100644 --- a/docs/reference/commandline/swarm_ca.md +++ b/docs/reference/commandline/swarm_ca.md @@ -38,8 +38,9 @@ View or rotate the current swarm CA certificate. Run the `docker swarm ca` command without any options to view the current root CA certificate in PEM format. -```bash +```console $ docker swarm ca + -----BEGIN CERTIFICATE----- MIIBazCCARCgAwIBAgIUJPzo67QC7g8Ebg2ansjkZ8CbmaswCgYIKoZIzj0EAwIw EzERMA8GA1UEAxMIc3dhcm0tY2EwHhcNMTcwNTAzMTcxMDAwWhcNMzcwNDI4MTcx @@ -55,7 +56,7 @@ lIwQqLkJ48SQqCjG1DBTSBsHmMSRT+6mE2My+Z3GKA== Pass the `--rotate` flag (and optionally a `--ca-cert`, along with a `--ca-key` or `--external-ca` parameter flag), in order to rotate the current swarm root CA. -``` +```console $ docker swarm ca --rotate desired root digest: sha256:05da740cf2577a25224c53019e2cce99bcc5ba09664ad6bb2a9425d9ebd1b53e rotated TLS certificates: [=========================> ] 1/2 nodes @@ -65,7 +66,7 @@ desired root digest: sha256:05da740cf2577a25224c53019e2cce99bcc5ba09664ad6bb2a94 Once the rotation os finished (all the progress bars have completed) the now-current CA certificate will be printed: -``` +```console $ docker swarm ca --rotate desired root digest: sha256:05da740cf2577a25224c53019e2cce99bcc5ba09664ad6bb2a9425d9ebd1b53e rotated TLS certificates: [==================================================>] 2/2 nodes diff --git a/docs/reference/commandline/swarm_init.md b/docs/reference/commandline/swarm_init.md index 696aaa8dde57..310b8341dcc3 100644 --- a/docs/reference/commandline/swarm_init.md +++ b/docs/reference/commandline/swarm_init.md @@ -37,8 +37,9 @@ in the newly created single-node swarm. ## Examples -```bash +```console $ docker swarm init --advertise-addr 192.168.99.121 + Swarm initialized: current node (bvz81updecsj6wjz393c09vti) is now a manager. To add a worker to this swarm, run the following command: @@ -132,20 +133,21 @@ applies to all nodes that join the swarm. The following example initializes a new Swarm, and configures the data path port to UDP port 7777; -```bash -docker swarm init --data-path-port=7777 +```console +$ docker swarm init --data-path-port=7777 ``` + After the swarm is initialized, use the `docker info` command to verify that the port is configured: -```bash -docker info -... +```console +$ docker info +<...> ClusterID: 9vs5ygs0gguyyec4iqf2314c0 Managers: 1 Nodes: 1 Data Path Port: 7777 -... +<...> ``` ### `--default-addr-pool` diff --git a/docs/reference/commandline/swarm_join-token.md b/docs/reference/commandline/swarm_join-token.md index fd85af7e02a8..eab393d9c82d 100644 --- a/docs/reference/commandline/swarm_join-token.md +++ b/docs/reference/commandline/swarm_join-token.md @@ -40,7 +40,7 @@ As a convenience, you can pass `worker` or `manager` as an argument to `join-token` to print the full `docker swarm join` command to join a new node to the swarm: -```bash +```console $ docker swarm join-token worker To add a worker to this swarm, run the following command: @@ -60,7 +60,7 @@ To add a manager to this swarm, run the following command: Use the `--rotate` flag to generate a new join token for the specified role: -```bash +```console $ docker swarm join-token --rotate worker Successfully rotated worker join token. @@ -76,7 +76,7 @@ After using `--rotate`, only the new token will be valid for joining with the sp The `-q` (or `--quiet`) flag only prints the token: -```bash +```console $ docker swarm join-token -q worker SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-b30ljddcqhef9b9v4rs7mel7t diff --git a/docs/reference/commandline/swarm_join.md b/docs/reference/commandline/swarm_join.md index fd47a1076c28..9c2aa0dcf1d9 100644 --- a/docs/reference/commandline/swarm_join.md +++ b/docs/reference/commandline/swarm_join.md @@ -32,9 +32,10 @@ pass a worker token, the node joins as a worker. The example below demonstrates joining a manager node using a manager token. -```bash +```console $ docker swarm join --token SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2 192.168.99.121:2377 This node joined a swarm as a manager. + $ docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS dkp8vy1dq1kxleu9g4u78tlag * manager2 Ready Active Reachable @@ -49,9 +50,10 @@ should join as workers instead. Managers should be stable hosts that have static The example below demonstrates joining a worker node using a worker token. -```bash +```console $ docker swarm join --token SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-1awxwuwd3z9j1z3puu7rcgdbx 192.168.99.121:2377 This node joined a swarm as a worker. + $ docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS 7ln70fl22uw2dvjn2ft53m3q5 worker2 Ready Active diff --git a/docs/reference/commandline/swarm_leave.md b/docs/reference/commandline/swarm_leave.md index 0d1e8454783c..2ba2b758ee9d 100644 --- a/docs/reference/commandline/swarm_leave.md +++ b/docs/reference/commandline/swarm_leave.md @@ -31,7 +31,7 @@ no longer be used after the manager leaves, such as in a single-node swarm. Consider the following swarm, as seen from the manager: -```bash +```console $ docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS @@ -42,7 +42,7 @@ dvfxp4zseq4s0rih1selh0d20 * manager1 Ready Active Leader To remove `worker2`, issue the following command from `worker2` itself: -```bash +```console $ docker swarm leave Node left the default swarm. diff --git a/docs/reference/commandline/swarm_unlock-key.md b/docs/reference/commandline/swarm_unlock-key.md index 0d191dfb67dc..2f713bc193ff 100644 --- a/docs/reference/commandline/swarm_unlock-key.md +++ b/docs/reference/commandline/swarm_unlock-key.md @@ -35,7 +35,7 @@ run the `docker swarm unlock-key` command without any arguments: ## Examples -```bash +```console $ docker swarm unlock-key To unlock a swarm manager after it restarts, run the `docker swarm unlock` @@ -50,7 +50,7 @@ will not be able to restart the manager. Use the `--rotate` flag to rotate the unlock key to a new, randomly-generated key: -```bash +```console $ docker swarm unlock-key --rotate Successfully rotated manager unlock key. @@ -66,7 +66,7 @@ will not be able to restart the manager. The `-q` (or `--quiet`) flag only prints the key: -```bash +```console $ docker swarm unlock-key -q SWMKEY-1-7c37Cc8654o6p38HnroywCi19pllOnGtbdZEgtKxZu8 diff --git a/docs/reference/commandline/swarm_unlock.md b/docs/reference/commandline/swarm_unlock.md index dbcde50c7189..eb99300ab68d 100644 --- a/docs/reference/commandline/swarm_unlock.md +++ b/docs/reference/commandline/swarm_unlock.md @@ -31,7 +31,7 @@ enabled, and is also available from the `docker swarm unlock-key` command. ## Examples -```bash +```console $ docker swarm unlock Please enter unlock key: ``` diff --git a/docs/reference/commandline/swarm_update.md b/docs/reference/commandline/swarm_update.md index 0c190ef33145..e4a7f90ecb06 100644 --- a/docs/reference/commandline/swarm_update.md +++ b/docs/reference/commandline/swarm_update.md @@ -35,7 +35,7 @@ Updates a swarm with new parameter values. ## Examples -```bash +```console $ docker swarm update --cert-expiry 720h ``` diff --git a/docs/reference/commandline/system_df.md b/docs/reference/commandline/system_df.md index 015585ab9110..a5f1e6d23d1d 100644 --- a/docs/reference/commandline/system_df.md +++ b/docs/reference/commandline/system_df.md @@ -26,7 +26,7 @@ amount of disk space used by the docker daemon. By default the command will just show a summary of the data used: -```bash +```console $ docker system df TYPE TOTAL ACTIVE SIZE RECLAIMABLE @@ -37,7 +37,7 @@ Local Volumes 2 1 36 B A more detailed view can be requested using the `-v, --verbose` flag: -```bash +```console $ docker system df -v Images space usage: @@ -101,7 +101,7 @@ the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `Type` and `TotalCount` entries separated by a colon (`:`): -```bash +```console $ docker system df --format "{{.Type}}: {{.TotalCount}}" Images: 2 @@ -112,7 +112,7 @@ Local Volumes: 1 To list the disk usage with size and reclaimable size in a table format you can use: -```bash +```console $ docker system df --format "table {{.Type}}\t{{.Size}}\t{{.Reclaimable}}" TYPE SIZE RECLAIMABLE diff --git a/docs/reference/commandline/system_events.md b/docs/reference/commandline/system_events.md index 1f4a04ec2262..7b6c867ad994 100644 --- a/docs/reference/commandline/system_events.md +++ b/docs/reference/commandline/system_events.md @@ -161,13 +161,13 @@ You'll need two shells for this example. **Shell 1: Listening for events:** -```bash +```console $ docker system events ``` **Shell 2: Start and Stop containers:** -```bash +```console $ docker create --name test alpine:latest top $ docker start test $ docker stop test @@ -192,7 +192,7 @@ To exit the `docker system events` command, use `CTRL+C`. You can filter the output by an absolute timestamp or relative time on the host machine, using the following different time syntaxes: -```bash +```console $ docker system events --since 1483283804 2017-01-05T00:35:41.241772953+08:00 volume create testVol (driver=local) @@ -243,7 +243,7 @@ $ docker system events --since '10m' The following commands show several different ways to filter the `docker event` output. -```bash +```console $ docker system events --filter 'event=stop' 2017-01-05T00:40:22.880175420+08:00 container stop 0fdb...ff37 (image=alpine:latest, name=test) @@ -316,7 +316,7 @@ $ docker system events --filter 'type=plugin' ### Format the output -```bash +```console $ docker system events --filter 'type=container' --format 'Type={{.Type}} Status={{.Status}} ID={{.ID}}' Type=container Status=create ID=2ee349dac409e97974ce8d01b70d250b85e0ba8189299c126a87812311951e26 @@ -329,7 +329,7 @@ Type=container Status=destroy ID=2ee349dac409e97974ce8d01b70d250b85e0ba8189299 #### Format as JSON -```bash +```console $ docker system events --format '{{json .}}' {"status":"create","id":"196016a57679bf42424484918746a9474cd905dd993c4d0f4.. diff --git a/docs/reference/commandline/system_prune.md b/docs/reference/commandline/system_prune.md index d2fa825070ec..19213bae0cdb 100644 --- a/docs/reference/commandline/system_prune.md +++ b/docs/reference/commandline/system_prune.md @@ -26,7 +26,7 @@ and optionally, volumes. ## Examples -```bash +```console $ docker system prune WARNING! This will remove: @@ -56,7 +56,7 @@ By default, volumes are not removed to prevent important data from being deleted if there is currently no container using the volume. Use the `--volumes` flag when running the command to prune volumes as well: -```bash +```console $ docker system prune -a --volumes WARNING! This will remove: diff --git a/docs/reference/commandline/tag.md b/docs/reference/commandline/tag.md index 8eb7715bb770..421560a39d30 100644 --- a/docs/reference/commandline/tag.md +++ b/docs/reference/commandline/tag.md @@ -40,7 +40,7 @@ to [*Share images on Docker Hub*](https://docs.docker.com/get-started/part3/). To tag a local image with ID "0e5574283393" into the "fedora" repository with "version1.0": -```bash +```console $ docker tag 0e5574283393 fedora/httpd:version1.0 ``` @@ -49,7 +49,7 @@ $ docker tag 0e5574283393 fedora/httpd:version1.0 To tag a local image with name "httpd" into the "fedora" repository with "version1.0": -```bash +```console $ docker tag httpd fedora/httpd:version1.0 ``` @@ -61,7 +61,7 @@ existing local version `httpd:latest`. To tag a local image with name "httpd" and tag "test" into the "fedora" repository with "version1.0.test": -```bash +```console $ docker tag httpd:test fedora/httpd:version1.0.test ``` @@ -70,6 +70,6 @@ $ docker tag httpd:test fedora/httpd:version1.0.test To push an image to a private registry and not the central Docker registry you must tag it with the registry hostname and port (if needed). -```bash +```console $ docker tag 0e5574283393 myregistryhost:5000/fedora/httpd:version1.0 ``` diff --git a/docs/reference/commandline/trust_inspect.md b/docs/reference/commandline/trust_inspect.md index 7d4bde5db22b..48103117a908 100644 --- a/docs/reference/commandline/trust_inspect.md +++ b/docs/reference/commandline/trust_inspect.md @@ -29,7 +29,7 @@ new tags. Use the `docker trust inspect` to get trust information about an image. The following example prints trust information for the `alpine:latest` image: -```bash +```console $ docker trust inspect alpine:latest ``` @@ -79,7 +79,7 @@ and the `Signers` responsible for the signature. If signers are set up for the repository via other `docker trust` commands, `docker trust inspect` includes a `Signers` key: -```bash +```console $ docker trust inspect my-image:purple ``` @@ -157,7 +157,7 @@ The output is in JSON format, for example: If the image tag is unsigned or unavailable, `docker trust inspect` does not display any signed tags. -```bash +```console $ docker trust inspect unsigned-img No signatures or cannot access unsigned-img @@ -166,7 +166,7 @@ No signatures or cannot access unsigned-img However, if other tags are signed in the same image repository, `docker trust inspect` reports relevant key information: -```bash +```console $ docker trust inspect alpine:unsigned ``` @@ -204,7 +204,7 @@ The output is in JSON format, for example: If no tag is specified, `docker trust inspect` will report details for all signed tags in the repository: -```bash +```console $ docker trust inspect alpine ``` @@ -273,7 +273,7 @@ The output is in JSON format, for example: `docker trust inspect` can take multiple repositories and images as arguments, and reports the results in an ordered list: -```bash +```console $ docker trust inspect alpine notary ``` @@ -388,7 +388,7 @@ JSON output, by using the `--pretty` option: ### Get details about signatures for a single image tag -```bash +```console $ docker trust inspect --pretty alpine:latest SIGNED TAG DIGEST SIGNERS @@ -410,7 +410,7 @@ If signers are set up for the repository via other `docker trust` commands, `docker trust inspect --pretty` displays them appropriately as a `SIGNER` and specify their `KEYS`: -```bash +```console $ docker trust inspect --pretty my-image:purple SIGNED TAG DIGEST SIGNERS @@ -431,7 +431,7 @@ Root Key: 40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f However, if other tags are signed in the same image repository, `docker trust inspect` reports relevant key information. -```bash +```console $ docker trust inspect --pretty alpine:unsigned No signatures for alpine:unsigned @@ -444,7 +444,7 @@ Root Key: a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce ### Get details about signatures for all image tags in a repository -```bash +```console $ docker trust inspect --pretty alpine SIGNED TAG DIGEST SIGNERS @@ -466,7 +466,7 @@ Root Key: a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce Here's an example with signers that are set up by `docker trust` commands: -```bash +```console $ docker trust inspect --pretty my-image SIGNED TAG DIGEST SIGNERS diff --git a/docs/reference/commandline/trust_key_generate.md b/docs/reference/commandline/trust_key_generate.md index 7baa2be7fe0b..71634b96ee36 100644 --- a/docs/reference/commandline/trust_key_generate.md +++ b/docs/reference/commandline/trust_key_generate.md @@ -25,7 +25,7 @@ Options: ### Generate a key-pair -```bash +```console $ docker trust key generate alice Generating key for alice... @@ -44,7 +44,7 @@ be used directly by `docker trust signer add`. Provide the `--dir` argument to specify a directory to generate the key in: -```bash +```console $ docker trust key generate alice --dir /foo Generating key for alice... diff --git a/docs/reference/commandline/trust_key_load.md b/docs/reference/commandline/trust_key_load.md index 2d5280a15893..d0553af1ddd4 100644 --- a/docs/reference/commandline/trust_key_load.md +++ b/docs/reference/commandline/trust_key_load.md @@ -28,7 +28,7 @@ To add a signer to a repository use `docker trust signer add`. For a private key `alice.pem` with permissions `-rw-------` -```bash +```console $ docker trust key load alice.pem Loading key from "alice.pem"... @@ -39,7 +39,7 @@ Successfully imported key from alice.pem To specify a name use the `--name` flag: -```bash +```console $ docker trust key load --name alice-key alice.pem Loading key from "alice.pem"... diff --git a/docs/reference/commandline/trust_revoke.md b/docs/reference/commandline/trust_revoke.md index 8423c33ad857..e373b936cc89 100644 --- a/docs/reference/commandline/trust_revoke.md +++ b/docs/reference/commandline/trust_revoke.md @@ -27,7 +27,7 @@ Options: Here's an example of a repo with two signed tags: -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS red 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943 alice @@ -46,7 +46,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 When `alice`, one of the signers, runs `docker trust revoke`: -```bash +```console $ docker trust revoke example/trust-demo:red Enter passphrase for delegation key with ID 27d42a8: Successfully deleted signature for example/trust-demo:red @@ -54,7 +54,7 @@ Successfully deleted signature for example/trust-demo:red After revocation, the tag is removed from the list of released tags: -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS blue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197 alice, bob @@ -74,7 +74,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 When no tag is specified, `docker trust` revokes all signatures that you have a signing key for. -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS red 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943 alice @@ -93,7 +93,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 When `alice`, one of the signers, runs `docker trust revoke`: -```bash +```console $ docker trust revoke example/trust-demo Please confirm you would like to delete all signature data for example/trust-demo? [y/N] y Enter passphrase for delegation key with ID 27d42a8: @@ -102,7 +102,7 @@ Successfully deleted signature for example/trust-demo All tags that have `alice`'s signature on them are removed from the list of released tags: -```bash +```console $ docker trust inspect --pretty example/trust-demo No signatures for example/trust-demo diff --git a/docs/reference/commandline/trust_sign.md b/docs/reference/commandline/trust_sign.md index c623dac7d17e..9166f6690841 100644 --- a/docs/reference/commandline/trust_sign.md +++ b/docs/reference/commandline/trust_sign.md @@ -27,7 +27,7 @@ Options: Given an image: -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS @@ -40,7 +40,7 @@ Root Key: 246d360f7c53a9021ee7d4259e3c5692f3f1f7ad4737b1ea8c7b8da741ad980b Sign a new tag with `docker trust sign`: -```bash +```console $ docker trust sign example/trust-demo:v2 Signing and pushing trust metadata for example/trust-demo:v2 @@ -60,7 +60,7 @@ Successfully signed docker.io/example/trust-demo:v2 Use `docker trust inspect --pretty` to list the new signature: -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS @@ -76,7 +76,7 @@ Root Key: 246d360f7c53a9021ee7d4259e3c5692f3f1f7ad4737b1ea8c7b8da741ad980b Given an image: -```bash +```console $ docker trust inspect --pretty example/trust-demo No signatures for example/trust-demo @@ -95,7 +95,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 Sign a new tag with `docker trust sign`: -```bash +```console $ docker trust sign example/trust-demo:v1 Signing and pushing trust metadata for example/trust-demo:v1 @@ -113,7 +113,7 @@ Successfully signed docker.io/example/trust-demo:v1 `docker trust inspect --pretty` lists the new signature: -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS @@ -134,13 +134,13 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 When signing an image on a repo for the first time, `docker trust sign` sets up new keys before signing the image. -```bash +```console $ docker trust inspect --pretty example/trust-demo No signatures or cannot access example/trust-demo ``` -```bash +```console $ docker trust sign example/trust-demo:v1 Signing and pushing trust metadata for example/trust-demo:v1 @@ -165,7 +165,7 @@ Enter passphrase for alice key with ID 6d52b29: Successfully signed docker.io/example/trust-demo:v1 ``` -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS diff --git a/docs/reference/commandline/trust_signer_add.md b/docs/reference/commandline/trust_signer_add.md index 71c7197cc022..9c594a55508a 100644 --- a/docs/reference/commandline/trust_signer_add.md +++ b/docs/reference/commandline/trust_signer_add.md @@ -26,7 +26,7 @@ Options: To add a new signer, `alice`, to this repository: -```bash +```console $ docker trust inspect --pretty example/trust-demo No signatures for example/trust-demo @@ -44,7 +44,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 Add `alice` with `docker trust signer add`: -```bash +```console $ docker trust signer add alice example/trust-demo --key alice.crt Adding signer "alice" to example/trust-demo... Enter passphrase for repository key with ID 642692c: @@ -53,7 +53,7 @@ Successfully added signer: alice to example/trust-demo `docker trust inspect --pretty` now lists `alice` as a valid signer: -```bash +```console $ docker trust inspect --pretty example/trust-demo No signatures for example/trust-demo @@ -74,13 +74,13 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 When adding a signer on a repo for the first time, `docker trust signer add` sets up a new repo if it doesn't exist. -```bash +```console $ docker trust inspect --pretty example/trust-demo No signatures or cannot access example/trust-demo ``` -```bash +```console $ docker trust signer add alice example/trust-demo --key alice.crt Initializing signed repository for example/trust-demo... @@ -93,7 +93,7 @@ Adding signer "alice" to example/trust-demo... Successfully added signer: alice to example/trust-demo ``` -```bash +```console $ docker trust inspect --pretty example/trust-demo No signatures for example/trust-demo @@ -113,7 +113,7 @@ Root Key: 748121c14bd1461f6c58cb3ef39087c8fdc7633bb11a98af844fd9a04e208103 ## Add a signer to multiple repos To add a signer, `alice`, to multiple repositories: -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS @@ -128,7 +128,8 @@ Administrative keys for example/trust-demo: Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 ``` -```bash + +```console $ docker trust inspect --pretty example/trust-demo2 SIGNED TAG DIGEST SIGNERS @@ -143,9 +144,10 @@ Administrative keys for example/trust-demo2: Repository Key: ece554f14c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4553d2ab20a8d9268 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 ``` + Add `alice` to both repositories with a single `docker trust signer add` command: -```bash +```console $ docker trust signer add alice example/trust-demo example/trust-demo2 --key alice.crt Adding signer "alice" to example/trust-demo... @@ -160,7 +162,7 @@ Successfully added signer: alice to example/trust-demo2 `docker trust inspect --pretty` now lists `alice` as a valid signer of both `example/trust-demo` and `example/trust-demo2`: -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS @@ -177,7 +179,7 @@ Repository Key: 95b9e5514c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 ``` -```bash +```console $ docker trust inspect --pretty example/trust-demo2 SIGNED TAG DIGEST SIGNERS @@ -197,7 +199,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 `docker trust signer add` adds signers to repositories on a best effort basis, so it will continue to add the signer to subsequent repositories if one attempt fails: -```bash +```console $ docker trust signer add alice example/unauthorized example/authorized --key alice.crt Adding signer "alice" to example/unauthorized... diff --git a/docs/reference/commandline/trust_signer_remove.md b/docs/reference/commandline/trust_signer_remove.md index 55a2c65a7e72..5882def68920 100644 --- a/docs/reference/commandline/trust_signer_remove.md +++ b/docs/reference/commandline/trust_signer_remove.md @@ -25,7 +25,8 @@ Options: ### Remove a signer from a repo To remove an existing signer, `alice`, from this repository: -```bash + +```console $ docker trust inspect --pretty example/trust-demo No signatures for example/trust-demo @@ -44,7 +45,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 Remove `alice` with `docker trust signer remove`: -```bash +```console $ docker trust signer remove alice example/trust-demo Removing signer "alice" from image example/trust-demo... @@ -54,7 +55,7 @@ Successfully removed alice from example/trust-demo `docker trust inspect --pretty` now does not list `alice` as a valid signer: -```bash +```console $ docker trust inspect --pretty example/trust-demo No signatures for example/trust-demo @@ -74,7 +75,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 To remove an existing signer, `alice`, from multiple repositories: -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS @@ -91,7 +92,7 @@ Repository Key: 95b9e5514c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 ``` -```bash +```console $ docker trust inspect --pretty example/trust-demo2 SIGNED TAG DIGEST SIGNERS @@ -110,7 +111,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 Remove `alice` from both images with a single `docker trust signer remove` command: -```bash +```console $ docker trust signer remove alice example/trust-demo example/trust-demo2 Removing signer "alice" from image example/trust-demo... @@ -125,7 +126,7 @@ Successfully removed alice from example/trust-demo2 Run `docker trust inspect --pretty` to confirm that `alice` is no longer listed as a valid signer of either `example/trust-demo` or `example/trust-demo2`: -```bash +```console $ docker trust inspect --pretty example/trust-demo SIGNED TAG DIGEST SIGNERS @@ -141,7 +142,7 @@ Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 ``` -```bash +```console $ docker trust inspect --pretty example/trust-demo2 SIGNED TAG DIGEST SIGNERS @@ -161,7 +162,7 @@ Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 basis, so it will continue to remove the signer from subsequent repositories if one attempt fails: -```bash +```console $ docker trust signer remove alice example/unauthorized example/authorized Removing signer "alice" from image example/unauthorized... diff --git a/docs/reference/commandline/unpause.md b/docs/reference/commandline/unpause.md index 0cced5fb60dd..9f47077093c8 100644 --- a/docs/reference/commandline/unpause.md +++ b/docs/reference/commandline/unpause.md @@ -26,7 +26,7 @@ for further details. ## Examples -```bash +```console $ docker unpause my_container my_container ``` diff --git a/docs/reference/commandline/update.md b/docs/reference/commandline/update.md index 43b650b7a26b..3264a4b468e7 100644 --- a/docs/reference/commandline/update.md +++ b/docs/reference/commandline/update.md @@ -59,7 +59,7 @@ To limit a container's cpu-shares to 512, first identify the container name or ID. You can use `docker ps` to find these values. You can also use the ID returned from the `docker run` command. Then, do the following: -```bash +```console $ docker update --cpu-shares 512 abebf7571666 ``` @@ -67,7 +67,7 @@ $ docker update --cpu-shares 512 abebf7571666 To update multiple resource configurations for multiple containers: -```bash +```console $ docker update --cpu-shares 512 -m 300M abebf7571666 hopeful_morse ``` @@ -85,19 +85,19 @@ the container before updating kernel memory. For example, if you started a container with this command: -```bash +```console $ docker run -dit --name test --kernel-memory 50M ubuntu bash ``` You can update kernel memory while the container is running: -```bash +```console $ docker update --kernel-memory 80M test ``` If you started a container *without* kernel memory initialized: -```bash +```console $ docker run -dit --name test2 --memory 300M ubuntu bash ``` @@ -116,7 +116,7 @@ container. To update restart policy for one or more containers: -```bash +```console $ docker update --restart=on-failure:3 abebf7571666 hopeful_morse ``` diff --git a/docs/reference/commandline/version.md b/docs/reference/commandline/version.md index fa02281b89b5..09bc5c8f923b 100644 --- a/docs/reference/commandline/version.md +++ b/docs/reference/commandline/version.md @@ -29,7 +29,7 @@ describes all the details of the format. ### Default output -```bash +```console $ docker version Client: @@ -64,7 +64,7 @@ Server: ### Get the server version -```bash +```console $ docker version --format '{{.Server.Version}}' 19.03.8 @@ -72,7 +72,7 @@ $ docker version --format '{{.Server.Version}}' ### Dump raw JSON data -```bash +```console $ docker version --format '{{json .}}' {"Client":{"Platform":{"Name":"Docker Engine - Community"},"Version":"19.03.8","ApiVersion":"1.40","DefaultAPIVersion":"1.40","GitCommit":"afacb8b","GoVersion":"go1.12.17","Os":"darwin","Arch":"amd64","BuildTime":"Wed Mar 11 01:21:11 2020","Experimental":true},"Server":{"Platform":{"Name":"Docker Engine - Community"},"Components":[{"Name":"Engine","Version":"19.03.8","Details":{"ApiVersion":"1.40","Arch":"amd64","BuildTime":"Wed Mar 11 01:29:16 2020","Experimental":"true","GitCommit":"afacb8b","GoVersion":"go1.12.17","KernelVersion":"4.19.76-linuxkit","MinAPIVersion":"1.12","Os":"linux"}},{"Name":"containerd","Version":"v1.2.13","Details":{"GitCommit":"7ad184331fa3e55e52b890ea95e65ba581ae3429"}},{"Name":"runc","Version":"1.0.0-rc10","Details":{"GitCommit":"dc9208a3303feef5b3839f4323d9beb36df0a9dd"}},{"Name":"docker-init","Version":"0.18.0","Details":{"GitCommit":"fec3683"}}],"Version":"19.03.8","ApiVersion":"1.40","MinAPIVersion":"1.12","GitCommit":"afacb8b","GoVersion":"go1.12.17","Os":"linux","Arch":"amd64","KernelVersion":"4.19.76-linuxkit","Experimental":true,"BuildTime":"2020-03-11T01:29:16.000000000+00:00"}} @@ -82,7 +82,7 @@ $ docker version --format '{{json .}}' The following example prints the currently used [`docker context`](context.md): -```bash +```console $ docker version --format='{{.Client.Context}}' default ``` @@ -94,7 +94,7 @@ could be used when using Bash as your shell. Declare a function to obtain the current context in your `~/.bashrc`, and set this command as your `PROMPT_COMMAND` -```bash +```console function docker_context_prompt() { PS1="context: $(docker version --format='{{.Client.Context}}')> " } @@ -105,7 +105,7 @@ PROMPT_COMMAND=docker_context_prompt After reloading the `~/.bashrc`, the prompt now shows the currently selected `docker context`: -```bash +```console $ source ~/.bashrc context: default> docker context create --docker host=unix:///var/run/docker.sock my-context my-context diff --git a/docs/reference/commandline/volume_create.md b/docs/reference/commandline/volume_create.md index 0b34d5929cf3..b64a8a30ea74 100644 --- a/docs/reference/commandline/volume_create.md +++ b/docs/reference/commandline/volume_create.md @@ -27,7 +27,7 @@ not specified, Docker generates a random name. Create a volume and then configure the container to use it: -```bash +```console $ docker volume create hello hello @@ -58,7 +58,7 @@ assumes you want to re-use the existing volume and does not return an error. Some volume drivers may take options to customize the volume creation. Use the `-o` or `--opt` flags to pass driver options: -```bash +```console $ docker volume create --driver fake \ --opt tardis=blue \ --opt timey=wimey \ @@ -79,7 +79,7 @@ found [here](http://man7.org/linux/man-pages/man8/mount.8.html). For example, the following creates a `tmpfs` volume called `foo` with a size of 100 megabyte and `uid` of 1000. -```bash +```console $ docker volume create --driver local \ --opt type=tmpfs \ --opt device=tmpfs \ @@ -89,7 +89,7 @@ $ docker volume create --driver local \ Another example that uses `btrfs`: -```bash +```console $ docker volume create --driver local \ --opt type=btrfs \ --opt device=/dev/sda2 \ @@ -99,7 +99,7 @@ $ docker volume create --driver local \ Another example that uses `nfs` to mount the `/path/to/dir` in `rw` mode from `192.168.1.1`: -```bash +```console $ docker volume create --driver local \ --opt type=nfs \ --opt o=addr=192.168.1.1,rw \ diff --git a/docs/reference/commandline/volume_inspect.md b/docs/reference/commandline/volume_inspect.md index d7c6aa2cdd56..7d3f2a3c941b 100644 --- a/docs/reference/commandline/volume_inspect.md +++ b/docs/reference/commandline/volume_inspect.md @@ -26,7 +26,7 @@ details of the format. ## Examples -```bash +```console $ docker volume create myvolume myvolume @@ -34,7 +34,7 @@ myvolume Use the `docker volume inspect` comment to inspect the configuration of the volume: -```bash +```console $ docker volume inspect myvolume ``` @@ -53,10 +53,11 @@ The output is in JSON format, for example: } ] ``` + Use the `--format` flag to format the output using a Go template, for example, to print the `Mountpoint` property: -```bash +```console $ docker volume inspect --format '{{ .Mountpoint }}' myvolume /var/lib/docker/volumes/myvolume/_data diff --git a/docs/reference/commandline/volume_ls.md b/docs/reference/commandline/volume_ls.md index c697ead13313..f010cfd60500 100644 --- a/docs/reference/commandline/volume_ls.md +++ b/docs/reference/commandline/volume_ls.md @@ -34,7 +34,8 @@ information about available filter options. ## Examples ### Create a volume -```bash + +```console $ docker volume create rosemary rosemary @@ -66,7 +67,7 @@ The currently supported filters are: The `dangling` filter matches on all volumes not referenced by any containers -```bash +```console $ docker run -d -v tyler:/tmpwork busybox f86a7dd02898067079c99ceacd810149060a70528eff3754d0b0f1a93bd0af18 @@ -81,7 +82,7 @@ The `driver` filter matches volumes based on their driver. The following example matches volumes that are created with the `local` driver: -```bash +```console $ docker volume ls -f driver=local DRIVER VOLUME NAME @@ -96,7 +97,7 @@ a `label` and a value. First, let's create some volumes to illustrate this; -```bash +```console $ docker volume create the-doctor --label is-timelord=yes the-doctor @@ -108,7 +109,7 @@ daleks The following example filter matches volumes with the `is-timelord` label regardless of its value. -```bash +```console $ docker volume ls --filter label=is-timelord DRIVER VOLUME NAME @@ -121,7 +122,7 @@ As the above example demonstrates, both volumes with `is-timelord=yes`, and Filtering on both `key` *and* `value` of the label, produces the expected result: -```bash +```console $ docker volume ls --filter label=is-timelord=yes DRIVER VOLUME NAME @@ -131,7 +132,7 @@ local the-doctor Specifying multiple label filter produces an "and" search; all conditions should be met; -```bash +```console $ docker volume ls --filter label=is-timelord=yes --filter label=is-timelord=no DRIVER VOLUME NAME @@ -143,7 +144,7 @@ The `name` filter matches on all or part of a volume's name. The following filter matches all volumes with a name containing the `rose` string. -```bash +```console $ docker volume ls -f name=rose DRIVER VOLUME NAME @@ -173,7 +174,7 @@ output the data exactly as the template declares or, when using the The following example uses a template without headers and outputs the `Name` and `Driver` entries separated by a colon (`:`) for all volumes: -```bash +```console $ docker volume ls --format "{{.Name}}: {{.Driver}}" vol1: local diff --git a/docs/reference/commandline/volume_prune.md b/docs/reference/commandline/volume_prune.md index 074f3d1c8036..00eeff33328f 100644 --- a/docs/reference/commandline/volume_prune.md +++ b/docs/reference/commandline/volume_prune.md @@ -23,7 +23,7 @@ Remove all unused local volumes. Unused local volumes are those which are not re ## Examples -```bash +```console $ docker volume prune WARNING! This will remove all local volumes not used by at least one container. diff --git a/docs/reference/commandline/volume_rm.md b/docs/reference/commandline/volume_rm.md index 8095c489a74b..f7b63ed0592a 100644 --- a/docs/reference/commandline/volume_rm.md +++ b/docs/reference/commandline/volume_rm.md @@ -25,7 +25,7 @@ Remove one or more volumes. You cannot remove a volume that is in use by a conta ## Examples -```bash +```console $ docker volume rm hello hello diff --git a/docs/reference/commandline/wait.md b/docs/reference/commandline/wait.md index 2a903b13ed66..85e485452e38 100644 --- a/docs/reference/commandline/wait.md +++ b/docs/reference/commandline/wait.md @@ -24,27 +24,27 @@ Options: Start a container in the background. -```bash +```console $ docker run -dit --name=my_container ubuntu bash ``` Run `docker wait`, which should block until the container exits. -```bash +```console $ docker wait my_container ``` In another terminal, stop the first container. The `docker wait` command above returns the exit code. -```bash +```console $ docker stop my_container ``` This is the same `docker wait` command from above, but it now exits, returning `0`. -```bash +```console $ docker wait my_container 0 diff --git a/docs/reference/run.md b/docs/reference/run.md index 3d836fb3bb8d..ceb52c7b2008 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -132,7 +132,7 @@ If you do not specify `-a` then Docker will [attach to both stdout and stderr You can specify to which of the three standard streams (`STDIN`, `STDOUT`, `STDERR`) you'd like to connect instead, as in: -```bash +```console $ docker run -a stdin -a stdout -i -t ubuntu /bin/bash ``` @@ -141,7 +141,7 @@ order to allocate a tty for the container process. `-i -t` is often written `-it as you'll see in later examples. Specifying `-t` is forbidden when the client is receiving its standard input from a pipe, as in: -```bash +```console $ echo test | docker run -i busybox cat ``` @@ -198,7 +198,7 @@ the digest value is predictable and referenceable. The following example runs a container from the `alpine` image with the `sha256:9cacb71397b640eca97488cf08582ae4e4068513101088e9f96c9814bfda95e0` digest: -```bash +```console $ docker run alpine@sha256:9cacb71397b640eca97488cf08582ae4e4068513101088e9f96c9814bfda95e0 date ``` @@ -232,13 +232,13 @@ CMD ["htop"] Build the Dockerfile and tag the image as `myhtop`: -```bash +```console $ docker build -t myhtop . ``` Use the following command to run `htop` inside a container: -```bash +```console $ docker run -it --rm --pid=host myhtop ``` @@ -248,13 +248,13 @@ Joining another container's pid namespace can be used for debugging that contain Start a container running a redis server: -```bash +```console $ docker run --name my-redis -d redis ``` Debug the redis container by running another container that has strace in it: -```bash +```console $ docker run -it --pid=container:my-redis my_strace_docker_image bash $ strace -p 1 ``` @@ -440,7 +440,7 @@ Example running a Redis container with Redis binding to `localhost` then running the `redis-cli` command and connecting to the Redis server over the `localhost` interface. -```bash +```console $ docker run -d --name redis example/redis --bind 127.0.0.1 $ # use the redis container's network stack to access localhost $ docker run --rm -it --network container:redis example/redis-cli -h 127.0.0.1 @@ -460,7 +460,7 @@ Engines can also communicate in this way. The following example creates a network using the built-in `bridge` network driver and running a container in the created network -```bash +```console $ docker network create -d bridge my-net $ docker run --network=my-net -itd --name=container3 busybox ``` @@ -471,7 +471,7 @@ Your container will have lines in `/etc/hosts` which define the hostname of the container itself as well as `localhost` and a few other common things. The `--add-host` flag can be used to add additional lines to `/etc/hosts`. -```bash +```console $ docker run -it --add-host db-static:86.75.30.9 ubuntu cat /etc/hosts 172.17.0.22 09d03f76bf2c @@ -569,7 +569,7 @@ will try forever to restart the container. The number of (attempted) restarts for a container can be obtained via [`docker inspect`](commandline/inspect.md). For example, to get the number of restarts for container "my-container"; -```bash +```console {% raw %} $ docker inspect -f "{{ .RestartCount }}" my-container # 2 @@ -578,7 +578,7 @@ $ docker inspect -f "{{ .RestartCount }}" my-container Or, to get the last time the container was (re)started; -```bash +```console {% raw %} $ docker inspect -f "{{ .State.StartedAt }}" my-container # 2015-03-04T23:47:07.691840179Z @@ -591,14 +591,14 @@ examples on using the [`--rm` (clean up)](#clean-up---rm) flag later in this pag ### Examples -```bash +```console $ docker run --restart=always redis ``` This will run the `redis` container with a restart policy of **always** so that if the container exits, Docker will restart it. -```bash +```console $ docker run --restart=on-failure:10 redis ``` @@ -616,7 +616,7 @@ the exit codes follow the `chroot` standard, see below: **_125_** if the error is with Docker daemon **_itself_** -```bash +```console $ docker run --foo busybox; echo $? flag provided but not defined: --foo @@ -626,7 +626,7 @@ See 'docker run --help'. **_126_** if the **_contained command_** cannot be invoked -```bash +```console $ docker run busybox /etc; echo $? docker: Error response from daemon: Container command '/etc' could not be invoked. @@ -635,7 +635,7 @@ docker: Error response from daemon: Container command '/etc' could not be invoke **_127_** if the **_contained command_** cannot be found -```bash +```console $ docker run busybox foo; echo $? docker: Error response from daemon: Container command 'foo' not found or does not exist. @@ -644,9 +644,9 @@ docker: Error response from daemon: Container command 'foo' not found or does no **_Exit code_** of **_contained command_** otherwise -```bash -$ docker run busybox /bin/sh -c 'exit 3'; echo $? - +```console +$ docker run busybox /bin/sh -c 'exit 3' +$ echo $? 3 ``` @@ -669,8 +669,8 @@ the container exits**, you can add the `--rm` flag: > to running `docker rm -v my-container`. Only volumes that are specified without > a name are removed. For example, when running: > -> ```bash -> docker run --rm -v /foo -v awesome:/bar busybox top +> ```console +> $ docker run --rm -v /foo -v awesome:/bar busybox top > ``` > > the volume for `/foo` will be removed, but the volume for `/bar` will not. @@ -696,7 +696,7 @@ You can override the default labeling scheme for each container by specifying the `--security-opt` flag. Specifying the level in the following command allows you to share the same content between containers. -```bash +```console $ docker run --security-opt label=level:s0:c100,c200 -it fedora bash ``` @@ -707,7 +707,7 @@ $ docker run --security-opt label=level:s0:c100,c200 -it fedora bash To disable the security labeling for this container versus running with the `--privileged` flag, use the following command: -```bash +```console $ docker run --security-opt label=disable -it fedora bash ``` @@ -716,7 +716,7 @@ you can specify an alternate type for the container. You could run a container that is only allowed to listen on Apache ports by executing the following command: -```bash +```console $ docker run --security-opt label=type:svirt_apache_t -it centos bash ``` @@ -727,7 +727,7 @@ $ docker run --security-opt label=type:svirt_apache_t -it centos bash If you want to prevent your container processes from gaining additional privileges, you can execute the following command: -```bash +```console $ docker run --security-opt no-new-privileges -it centos bash ``` @@ -836,14 +836,14 @@ We have four ways to set user memory usage: Examples: -```bash +```console $ docker run -it ubuntu:14.04 /bin/bash ``` We set nothing about memory, this means the processes in the container can use as much memory and swap memory as they need. -```bash +```console $ docker run -it -m 300M --memory-swap -1 ubuntu:14.04 /bin/bash ``` @@ -851,7 +851,7 @@ We set memory limit and disabled swap memory limit, this means the processes in the container can use 300M memory and as much swap memory as they need (if the host supports swap memory). -```bash +```console $ docker run -it -m 300M ubuntu:14.04 /bin/bash ``` @@ -860,7 +860,7 @@ We set memory limit only, this means the processes in the container can use (--memory-swap) will be set as double of memory, in this case, memory + swap would be 2*300M, so processes can use 300M swap memory as well. -```bash +```console $ docker run -it -m 300M --memory-swap 1G ubuntu:14.04 /bin/bash ``` @@ -886,7 +886,7 @@ heavily contended for, memory is allocated based on the reservation hints/setup. The following example limits the memory (`-m`) to 500M and sets the memory reservation to 200M. -```bash +```console $ docker run -it -m 500M --memory-reservation 200M ubuntu:14.04 /bin/bash ``` @@ -896,7 +896,7 @@ memory below 200M. The following example set memory reservation to 1G without a hard memory limit. -```bash +```console $ docker run -it --memory-reservation 1G ubuntu:14.04 /bin/bash ``` @@ -914,13 +914,13 @@ memory. The following example limits the memory to 100M and disables the OOM killer for this container: -```bash +```console $ docker run -it -m 100M --oom-kill-disable ubuntu:14.04 /bin/bash ``` The following example, illustrates a dangerous way to use the flag: -```bash +```console $ docker run -it --oom-kill-disable ubuntu:14.04 /bin/bash ``` @@ -990,14 +990,14 @@ limit and "K" the kernel limit. There are three possible ways to set limits: Examples: -```bash +```console $ docker run -it -m 500M --kernel-memory 50M ubuntu:14.04 /bin/bash ``` We set memory and kernel memory, so the processes in the container can use 500M memory in total, in this 500M memory, it can be 50M kernel memory tops. -```bash +```console $ docker run -it --kernel-memory 50M ubuntu:14.04 /bin/bash ``` @@ -1014,7 +1014,7 @@ between 0 and 100. A value of 0 turns off anonymous page swapping. A value of For example, you can set: -```bash +```console $ docker run -it --memory-swappiness=0 ubuntu:14.04 /bin/bash ``` @@ -1065,7 +1065,7 @@ And usually `--cpu-period` should work with `--cpu-quota`. Examples: -```bash +```console $ docker run -it --cpu-period=50000 --cpu-quota=25000 ubuntu:14.04 /bin/bash ``` @@ -1086,13 +1086,13 @@ We can set cpus in which to allow execution for containers. Examples: -```bash +```console $ docker run -it --cpuset-cpus="1,3" ubuntu:14.04 /bin/bash ``` This means processes in container can be executed on cpu 1 and cpu 3. -```bash +```console $ docker run -it --cpuset-cpus="0-2" ubuntu:14.04 /bin/bash ``` @@ -1103,14 +1103,14 @@ on NUMA systems. Examples: -```bash +```console $ docker run -it --cpuset-mems="1,3" ubuntu:14.04 /bin/bash ``` This example restricts the processes in the container to only use memory from memory nodes 1 and 3. -```bash +```console $ docker run -it --cpuset-mems="0-2" ubuntu:14.04 /bin/bash ``` @@ -1142,14 +1142,14 @@ The `--blkio-weight` flag can set the weighting to a value between 10 to 1000. For example, the commands below create two containers with different blkio weight: -```bash +```console $ docker run -it --name c1 --blkio-weight 300 ubuntu:14.04 /bin/bash $ docker run -it --name c2 --blkio-weight 600 ubuntu:14.04 /bin/bash ``` If you do block IO in the two containers at the same time, by, for example: -```bash +```console $ time dd if=/mnt/zerofile of=test.out bs=1M count=1024 oflag=direct ``` @@ -1160,7 +1160,7 @@ The `--blkio-weight-device="DEVICE_NAME:WEIGHT"` flag sets a specific device wei The `DEVICE_NAME:WEIGHT` is a string containing a colon-separated device name and weight. For example, to set `/dev/sda` device weight to `200`: -```bash +```console $ docker run -it \ --blkio-weight-device "/dev/sda:200" \ ubuntu @@ -1172,7 +1172,7 @@ to override this default with a new value on a specific device. The following example uses a default weight of `300` and overrides this default on `/dev/sda` setting that weight to `200`: -```bash +```console $ docker run -it \ --blkio-weight 300 \ --blkio-weight-device "/dev/sda:200" \ @@ -1183,7 +1183,7 @@ The `--device-read-bps` flag limits the read rate (bytes per second) from a devi For example, this command creates a container and limits the read rate to `1mb` per second from `/dev/sda`: -```bash +```console $ docker run -it --device-read-bps /dev/sda:1mb ubuntu ``` @@ -1191,7 +1191,7 @@ The `--device-write-bps` flag limits the write rate (bytes per second) to a devi For example, this command creates a container and limits the write rate to `1mb` per second for `/dev/sda`: -```bash +```console $ docker run -it --device-write-bps /dev/sda:1mb ubuntu ``` @@ -1203,7 +1203,7 @@ The `--device-read-iops` flag limits read rate (IO per second) from a device. For example, this command creates a container and limits the read rate to `1000` IO per second from `/dev/sda`: -```bash +```console $ docker run -ti --device-read-iops /dev/sda:1000 ubuntu ``` @@ -1211,7 +1211,7 @@ The `--device-write-iops` flag limits write rate (IO per second) to a device. For example, this command creates a container and limits the write rate to `1000` IO per second to `/dev/sda`: -```bash +```console $ docker run -ti --device-write-iops /dev/sda:1000 ubuntu ``` @@ -1220,7 +1220,7 @@ write rates must be a positive integer. ## Additional groups -```bash +```console --group-add: Add additional groups to run as ``` @@ -1228,11 +1228,12 @@ By default, the docker container process runs with the supplementary groups look up for the specified user. If one wants to add more to that list of groups, then one can use this flag: -```bash +```console $ docker run --rm --group-add audio --group-add nogroup --group-add 777 busybox id uid=0(root) gid=0(root) groups=10(wheel),29(audio),99(nogroup),777 ``` + ## Runtime privilege and Linux capabilities | Option | Description | @@ -1259,14 +1260,14 @@ If you want to limit access to a specific device or devices you can use the `--device` flag. It allows you to specify one or more devices that will be accessible within the container. -```bash +```console $ docker run --device=/dev/snd:/dev/snd ... ``` By default, the container will be able to `read`, `write`, and `mknod` these devices. This can be overridden using a third `:rwm` set of options to each `--device` flag: -```bash +```console $ docker run --device=/dev/sda:/dev/xvdc --rm -it ubuntu fdisk /dev/xvdc Command (m for help): q @@ -1342,14 +1343,14 @@ and in the [Linux kernel source code](https://github.com/torvalds/linux/blob/124 Both flags support the value `ALL`, so to allow a container to use all capabilities except for `MKNOD`: -```bash +```console $ docker run --cap-add=ALL --cap-drop=MKNOD ... ``` The `--cap-add` and `--cap-drop` flags accept capabilities to be specified with a `CAP_` prefix. The following examples are therefore equivalent: -```bash +```console $ docker run --cap-add=SYS_ADMIN ... $ docker run --cap-add=CAP_SYS_ADMIN ... ``` @@ -1357,7 +1358,7 @@ $ docker run --cap-add=CAP_SYS_ADMIN ... For interacting with the network stack, instead of using `--privileged` they should use `--cap-add=NET_ADMIN` to modify the network interfaces. -```bash +```console $ docker run -it --rm ubuntu:14.04 ip link add dummy0 type dummy RTNETLINK answers: Operation not permitted @@ -1368,7 +1369,7 @@ $ docker run -it --rm --cap-add=NET_ADMIN ubuntu:14.04 ip link add dummy0 type d To mount a FUSE based filesystem, you need to combine both `--cap-add` and `--device`: -```bash +```console $ docker run --rm -it --cap-add SYS_ADMIN sshfs sshfs sven@10.10.10.20:/home/sven /mnt fuse: failed to open /dev/fuse: Operation not permitted @@ -1448,7 +1449,7 @@ Dockerfile instruction and how the operator can override that setting. Recall the optional `COMMAND` in the Docker commandline: -```bash +```console $ docker run [OPTIONS] IMAGE[:TAG|@DIGEST] [COMMAND] [ARG...] ``` @@ -1463,7 +1464,7 @@ get appended as arguments to the `ENTRYPOINT`. ### ENTRYPOINT (default command to execute at runtime) -```bash +```console --entrypoint="": Overwrite the default entrypoint set by the image ``` @@ -1479,20 +1480,20 @@ runtime by using a string to specify the new `ENTRYPOINT`. Here is an example of how to run a shell in a container that has been set up to automatically run something else (like `/usr/bin/redis-server`): -```bash +```console $ docker run -it --entrypoint /bin/bash example/redis ``` or two examples of how to pass more parameters to that ENTRYPOINT: -```bash +```console $ docker run -it --entrypoint /bin/bash example/redis -c ls -l $ docker run -it --entrypoint /usr/bin/redis-cli example/redis --help ``` You can reset a containers entrypoint by passing an empty string, for example: -```bash +```console $ docker run -it --entrypoint="" mysql bash ``` @@ -1579,7 +1580,7 @@ above, or already defined by the developer with a Dockerfile `ENV`. If the operator names an environment variable without specifying a value, then the current value of the named variable is propagated into the container's environment: -```bash +```console $ export today=Wednesday $ docker run -e "deep=purple" -e today --rm alpine env @@ -1640,7 +1641,7 @@ Similarly the operator can set the **HOSTNAME** (Linux) or **COMPUTERNAME** (Win Example: -```bash +```console {% raw %} $ docker run --name=test -d \ --health-cmd='stat /etc/passwd || exit 1' \ @@ -1693,7 +1694,7 @@ The health status is also displayed in the `docker ps` output. ### TMPFS (mount tmpfs filesystems) -```bash +```console --tmpfs=[]: Create a tmpfs mount with: container-dir[:], where the options are identical to the Linux 'mount -t tmpfs -o' command. @@ -1702,7 +1703,7 @@ The health status is also displayed in the `docker ps` output. The example below mounts an empty tmpfs into the container with the `rw`, `noexec`, `nosuid`, and `size=65536k` options. -```bash +```console $ docker run -d --tmpfs /run:rw,noexec,nosuid,size=65536k my_image ``` From 292779add54a4dffa12a09029ddd8d70bfdf2f5a Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sun, 25 Jul 2021 20:27:32 +0200 Subject: [PATCH 097/127] Add doc for BUILDKIT_PROGRESS env var Signed-off-by: CrazyMax (cherry picked from commit ecaaa35be6985c1dc31311fa6e3c9d2ac6a398a6) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/cli.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/reference/commandline/cli.md b/docs/reference/commandline/cli.md index e189d0428952..152727fa2d17 100644 --- a/docs/reference/commandline/cli.md +++ b/docs/reference/commandline/cli.md @@ -78,6 +78,7 @@ line: | `DOCKER_HOST` | Daemon socket to connect to. | | `DOCKER_STACK_ORCHESTRATOR` | Configure the default orchestrator to use when using `docker stack` management commands. | | `DOCKER_TLS_VERIFY` | When set Docker uses TLS and verifies the remote. This variable is used both by the `docker` CLI and the [`dockerd` daemon](dockerd.md) | +| `BUILDKIT_PROGRESS` | Set type of progress output (`auto`, `plain`, `tty`) when [building](build.md) with [BuildKit backend](../builder.md#buildkit). Use plain to show container output (default `auto`). | Because Docker is developed using Go, you can also use any environment variables used by the Go runtime. In particular, you may find these useful: From 44064f51c8c1973bbb63d2ee97d3bb7679e1150b Mon Sep 17 00:00:00 2001 From: Ivan Grund Date: Wed, 14 Jul 2021 22:15:46 +0200 Subject: [PATCH 098/127] Fix typo in documentation - build.md Signed-off-by: Ivan Grund (cherry picked from commit d9f17025c40a8829b1a869d12fa78e8f88c93e8d) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/build.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/build.md b/docs/reference/commandline/build.md index 8f78c6618899..1a45bba73b4e 100644 --- a/docs/reference/commandline/build.md +++ b/docs/reference/commandline/build.md @@ -667,7 +667,7 @@ The `--squash` option has a number of known limitations: base image is still supported. - When using this option you may see significantly more space used due to storing two copies of the image, one for the build cache with all the cache - layers in tact, and one for the squashed version. + layers intact, and one for the squashed version. - While squashing layers may produce smaller images, it may have a negative impact on performance, as a single layer takes longer to extract, and downloading a single layer cannot be parallelized. From bce2e1f9539bb366757a87bb81fffece0b6c7025 Mon Sep 17 00:00:00 2001 From: Dmitriy Fishman Date: Mon, 4 Oct 2021 07:26:41 +0300 Subject: [PATCH 099/127] docs: create.md: typo fix Signed-off-by: Dmitriy Fishman (cherry picked from commit a3832808f33baf0e2ff2c9797b9b3cd5f81db96d) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/create.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/create.md b/docs/reference/commandline/create.md index 21fce0e8e667..5aa84eb2ae5a 100644 --- a/docs/reference/commandline/create.md +++ b/docs/reference/commandline/create.md @@ -240,7 +240,7 @@ assigned devices will both be added to the cgroup.allow file and created into the container once it is run. This poses a problem when a new device needs to be added to running container. -One of the solution is to add a more permissive rule to a container +One of the solutions is to add a more permissive rule to a container allowing it access to a wider range of devices. For example, supposing our container needs access to a character device with major `42` and any number of minor number (added as new devices appear), the From 8260476a062294ad997864d30953c70a6b44e075 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 7 Oct 2021 09:13:21 +0200 Subject: [PATCH 100/127] docs: remove trailing space to fix generated YAML format Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 795c9c96b3c7dd70e3b2a942f046986f47e33792) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/checkpoint.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/checkpoint.md b/docs/reference/commandline/checkpoint.md index 9d99a7a9c855..1c2f670724e5 100644 --- a/docs/reference/commandline/checkpoint.md +++ b/docs/reference/commandline/checkpoint.md @@ -89,7 +89,7 @@ resumes from the point it left off once you restore. seccomp is only supported by CRIU in very up to date kernels. External terminal (i.e. `docker run -t ..`) is not supported at the moment. -If you try to create a checkpoint for a container with an external terminal, +If you try to create a checkpoint for a container with an external terminal, it would fail: ```console From adb01ca79d4391027c1392b42cfaa54b0a3bb365 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 11 Oct 2021 16:18:14 +0200 Subject: [PATCH 101/127] docs: some minor touch-ups in checkpoint reference Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 8c73a93925993cf08f59c37f69ac1a7a06eb9088) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/checkpoint.md | 25 ++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/docs/reference/commandline/checkpoint.md b/docs/reference/commandline/checkpoint.md index 1c2f670724e5..22053982c2d7 100644 --- a/docs/reference/commandline/checkpoint.md +++ b/docs/reference/commandline/checkpoint.md @@ -18,14 +18,14 @@ checkpoint and restore in Docker is available in this ### Installing CRIU -If you use a Debian system, you can add the CRIU PPA and install with apt-get +If you use a Debian system, you can add the CRIU PPA and install with `apt-get` [from the criu launchpad](https://launchpad.net/~criu/+archive/ubuntu/ppa). Alternatively, you can [build CRIU from source](https://criu.org/Installation). -You need at least version 2.0 of CRIU to run checkpoint/restore in Docker. +You need at least version 2.0 of CRIU to run checkpoint and restore in Docker. -### Use cases for checkpoint & restore +### Use cases for checkpoint and restore This feature is currently focused on single-host use cases for checkpoint and restore. Here are a few: @@ -35,21 +35,22 @@ restore. Here are a few: - "Rewinding" processes to an earlier point in time - "Forensic debugging" of running processes -Another primary use case of checkpoint & restore outside of Docker is the live +Another primary use case of checkpoint and restore outside of Docker is the live migration of a server from one machine to another. This is possible with the current implementation, but not currently a priority (and so the workflow is not optimized for the task). -### Using checkpoint & restore +### Using checkpoint and restore A new top level command `docker checkpoint` is introduced, with three subcommands: -- `create` (creates a new checkpoint) -- `ls` (lists existing checkpoints) -- `rm` (deletes an existing checkpoint) -Additionally, a `--checkpoint` flag is added to the container start command. +- `docker checkpoint create` (creates a new checkpoint) +- `docker checkpoint ls` (lists existing checkpoints) +- `docker checkpoint rm` (deletes an existing checkpoint) -The options for checkpoint create: +Additionally, a `--checkpoint` flag is added to the `docker container start` command. + +The options for `docker checkpoint create`: ```console Usage: docker checkpoint create [OPTIONS] CONTAINER CHECKPOINT @@ -66,7 +67,7 @@ And to restore a container: Usage: docker start --checkpoint CHECKPOINT_ID [OTHER OPTIONS] CONTAINER ``` -Example of using checkpoint & restore on a container: +Example of using checkpoint and restore on a container: ```console $ docker run --security-opt=seccomp:unconfined --name cr -d busybox /bin/sh -c 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done' @@ -79,7 +80,7 @@ $ docker start --checkpoint checkpoint1 cr abc0123 ``` -This process just logs an incrementing counter to stdout. If you `docker logs` +This process just logs an incrementing counter to stdout. If you run `docker logs` in between running/checkpoint/restoring you should see that the counter increases while the process is running, stops while it's checkpointed, and resumes from the point it left off once you restore. From 82f9d5921bb31ad6065706985105c59a35883e82 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 3 Aug 2021 16:46:18 +0200 Subject: [PATCH 102/127] info: skip client-side warning about seccomp profile on API >= 1.42 This warning will be moved to the daemon-side, similar to how it returns other warnings. There's work in progress to change the name of the default profile, so we may need to backport this change to prevent existing clients from printing an incorrect warning if they're connecting to a newer daemon. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 8964595692766444fb84445931889677af5f55eb) Signed-off-by: Sebastiaan van Stijn --- cli/command/system/info.go | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/cli/command/system/info.go b/cli/command/system/info.go index c19946d09e45..6c4dc01d9c36 100644 --- a/cli/command/system/info.go +++ b/cli/command/system/info.go @@ -14,6 +14,7 @@ import ( "github.com/docker/cli/templates" "github.com/docker/docker/api/types" "github.com/docker/docker/api/types/swarm" + "github.com/docker/docker/api/types/versions" "github.com/docker/go-units" "github.com/spf13/cobra" ) @@ -211,9 +212,6 @@ func prettyPrintServerInfo(dockerCli command.Cli, info types.Info) []error { for _, o := range so.Options { switch o.Key { case "profile": - if o.Value != "default" { - fmt.Fprintln(dockerCli.Err(), " WARNING: You're not using the default seccomp profile") - } fmt.Fprintln(dockerCli.Out(), " Profile:", o.Value) } } @@ -378,6 +376,9 @@ func printSwarmInfo(dockerCli command.Cli, info types.Info) { } func printServerWarnings(dockerCli command.Cli, info types.Info) { + if versions.LessThan(dockerCli.Client().ClientVersion(), "1.42") { + printSecurityOptionsWarnings(dockerCli, info) + } if len(info.Warnings) > 0 { fmt.Fprintln(dockerCli.Err(), strings.Join(info.Warnings, "\n")) return @@ -387,6 +388,29 @@ func printServerWarnings(dockerCli command.Cli, info types.Info) { printServerWarningsLegacy(dockerCli, info) } +// printSecurityOptionsWarnings prints warnings based on the security options +// returned by the daemon. +// DEPRECATED: warnings are now generated by the daemon, and returned in +// info.Warnings. This function is used to provide backward compatibility with +// daemons that do not provide these warnings. No new warnings should be added +// here. +func printSecurityOptionsWarnings(dockerCli command.Cli, info types.Info) { + if info.OSType == "windows" { + return + } + kvs, _ := types.DecodeSecurityOptions(info.SecurityOptions) + for _, so := range kvs { + if so.Name != "seccomp" { + continue + } + for _, o := range so.Options { + if o.Key == "profile" && o.Value != "default" && o.Value != "builtin" { + _, _ = fmt.Fprintln(dockerCli.Err(), "WARNING: You're not using the default seccomp profile") + } + } + } +} + // printServerWarningsLegacy generates warnings based on information returned by the daemon. // DEPRECATED: warnings are now generated by the daemon, and returned in // info.Warnings. This function is used to provide backward compatibility with From 1c0927a0414d7eb1bfe7c39a6e5882c24a8570f1 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 15 Sep 2021 12:47:50 +0200 Subject: [PATCH 103/127] Dockerfile: update tonistiigi/xx to 1.0.0-rc.2, add XX_VERSION arg Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 47c7a096ff0180599e67a7aaffbd5941038525a3) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 1bcd4afdeda5..63e6ba8fafc2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,6 +2,7 @@ ARG BASE_VARIANT=alpine ARG GO_VERSION=1.16.8 +ARG XX_VERSION=1.0.0-rc.2 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable FROM --platform=$BUILDPLATFORM golang:1.17rc1-${BASE_VARIANT} AS golatest @@ -14,7 +15,7 @@ FROM gostable AS go-windows-arm FROM golatest AS go-windows-arm64 FROM go-windows-${TARGETARCH} AS go-windows -FROM --platform=$BUILDPLATFORM tonistiigi/xx@sha256:620d36a9d7f1e3b102a5c7e8eff12081ac363828b3a44390f24fa8da2d49383d AS xx +FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx FROM go-${TARGETOS} AS build-base-alpine COPY --from=xx / / From 0e20c1fd210e62e525e234d7eaa80cb6a7f3d266 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 8 Oct 2021 15:18:20 +0200 Subject: [PATCH 104/127] Update Go to 1.16.9 go1.16.9 (released 2021-10-07) includes a security fix to the linker and misc/wasm directory, as well as bug fixes to the runtime and to the text/template package. See the Go 1.16.9 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.9+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn (cherry picked from commit bf310f863bb30a914779169cc7b2e84d31c07352) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- appveyor.yml | 2 +- dockerfiles/Dockerfile.binary-native | 2 +- dockerfiles/Dockerfile.dev | 2 +- dockerfiles/Dockerfile.e2e | 2 +- dockerfiles/Dockerfile.lint | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 63e6ba8fafc2..f91f7bd417a6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.16.8 +ARG GO_VERSION=1.16.9 ARG XX_VERSION=1.0.0-rc.2 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable diff --git a/appveyor.yml b/appveyor.yml index 6b7667676aa2..e2237c6caf57 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.16.8 + GOVERSION: 1.16.9 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.binary-native b/dockerfiles/Dockerfile.binary-native index ee9093b859e2..f52379981da3 100644 --- a/dockerfiles/Dockerfile.binary-native +++ b/dockerfiles/Dockerfile.binary-native @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.8 +ARG GO_VERSION=1.16.9 FROM golang:${GO_VERSION}-alpine diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index eefb81e069dc..073c0611076e 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.8 +ARG GO_VERSION=1.16.9 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 diff --git a/dockerfiles/Dockerfile.e2e b/dockerfiles/Dockerfile.e2e index 3ed650133868..cb29095979d7 100644 --- a/dockerfiles/Dockerfile.e2e +++ b/dockerfiles/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.8 +ARG GO_VERSION=1.16.9 # Use Debian based image as docker-compose requires glibc. FROM golang:${GO_VERSION}-buster diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 1aaa2e111d42..bf0cd69336fb 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.8 +ARG GO_VERSION=1.16.9 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build From 9989fdbc4000cde7d00624ee8ae40e450ff8c23a Mon Sep 17 00:00:00 2001 From: Peter Dave Hello Date: Fri, 15 Oct 2021 06:04:36 +0800 Subject: [PATCH 105/127] Update most links in docs to use https by default cc @thaJeztah docker/docker.github.io#13680 Signed-off-by: Peter Dave Hello (cherry picked from commit 417f97605f547a44d721225c26a9bdbf2600a991) Signed-off-by: Sebastiaan van Stijn --- docs/extend/legacy_plugins.md | 4 ++-- docs/extend/plugin_api.md | 2 +- docs/reference/builder.md | 8 ++++---- docs/reference/commandline/checkpoint.md | 2 +- docs/reference/commandline/cli.md | 2 +- docs/reference/commandline/config_inspect.md | 2 +- docs/reference/commandline/dockerd.md | 6 +++--- docs/reference/commandline/events.md | 4 ++-- docs/reference/commandline/info.md | 2 +- docs/reference/commandline/inspect.md | 2 +- docs/reference/commandline/kill.md | 2 +- docs/reference/commandline/network_inspect.md | 2 +- docs/reference/commandline/node_inspect.md | 2 +- docs/reference/commandline/secret_inspect.md | 2 +- docs/reference/commandline/service_create.md | 2 +- docs/reference/commandline/service_inspect.md | 2 +- docs/reference/commandline/system_events.md | 4 ++-- docs/reference/commandline/version.md | 2 +- docs/reference/commandline/volume_create.md | 2 +- docs/reference/commandline/volume_inspect.md | 2 +- docs/reference/glossary.md | 8 ++++---- docs/reference/run.md | 4 ++-- 22 files changed, 34 insertions(+), 34 deletions(-) diff --git a/docs/extend/legacy_plugins.md b/docs/extend/legacy_plugins.md index 0fd6d11655d8..586c4d6082a3 100644 --- a/docs/extend/legacy_plugins.md +++ b/docs/extend/legacy_plugins.md @@ -72,7 +72,7 @@ The sections below provide an inexhaustive overview of available plugins. | [Horcrux Volume Plugin](https://github.com/muthu-r/horcrux) | A volume plugin that allows on-demand, version controlled access to your data. Horcrux is an open-source plugin, written in Go, and supports SCP, [Minio](https://www.minio.io) and Amazon S3. | | [HPE 3Par Volume Plugin](https://github.com/hpe-storage/python-hpedockerplugin/) | A volume plugin that supports HPE 3Par and StoreVirtual iSCSI storage arrays. | | [Infinit volume plugin](https://infinit.sh/documentation/docker/volume-plugin) | A volume plugin that makes it easy to mount and manage Infinit volumes using Docker. | -| [IPFS Volume Plugin](http://github.com/vdemeester/docker-volume-ipfs) | An open source volume plugin that allows using an [ipfs](https://ipfs.io/) filesystem as a volume. | +| [IPFS Volume Plugin](https://github.com/vdemeester/docker-volume-ipfs) | An open source volume plugin that allows using an [ipfs](https://ipfs.io/) filesystem as a volume. | | [Keywhiz plugin](https://github.com/calavera/docker-volume-keywhiz) | A plugin that provides credentials and secret management using Keywhiz as a central repository. | | [Local Persist Plugin](https://github.com/CWSpear/local-persist) | A volume plugin that extends the default `local` driver's functionality by allowing you specify a mountpoint anywhere on the host, which enables the files to *always persist*, even if the volume is removed via `docker volume rm`. | | [NetApp Plugin](https://github.com/NetApp/netappdvp) (nDVP) | A volume plugin that provides direct integration with the Docker ecosystem for the NetApp storage portfolio. The nDVP package supports the provisioning and management of storage resources from the storage platform to Docker hosts, with a robust framework for adding additional platforms in the future. | @@ -80,7 +80,7 @@ The sections below provide an inexhaustive overview of available plugins. | [Nimble Storage Volume Plugin](https://connect.nimblestorage.com/community/app-integration/docker) | A volume plug-in that integrates with Nimble Storage Unified Flash Fabric arrays. The plug-in abstracts array volume capabilities to the Docker administrator to allow self-provisioning of secure multi-tenant volumes and clones. | | [OpenStorage Plugin](https://github.com/libopenstorage/openstorage) | A cluster-aware volume plugin that provides volume management for file and block storage solutions. It implements a vendor neutral specification for implementing extensions such as CoS, encryption, and snapshots. It has example drivers based on FUSE, NFS, NBD and EBS to name a few. | | [Portworx Volume Plugin](https://github.com/portworx/px-dev) | A volume plugin that turns any server into a scale-out converged compute/storage node, providing container granular storage and highly available volumes across any node, using a shared-nothing storage backend that works with any docker scheduler. | -| [Quobyte Volume Plugin](https://github.com/quobyte/docker-volume) | A volume plugin that connects Docker to [Quobyte](http://www.quobyte.com/containers)'s data center file system, a general-purpose scalable and fault-tolerant storage platform. | +| [Quobyte Volume Plugin](https://github.com/quobyte/docker-volume) | A volume plugin that connects Docker to [Quobyte](https://www.quobyte.com/containers)'s data center file system, a general-purpose scalable and fault-tolerant storage platform. | | [REX-Ray plugin](https://github.com/emccode/rexray) | A volume plugin which is written in Go and provides advanced storage functionality for many platforms including VirtualBox, EC2, Google Compute Engine, OpenStack, and EMC. | | [Virtuozzo Storage and Ploop plugin](https://github.com/virtuozzo/docker-volume-ploop) | A volume plugin with support for Virtuozzo Storage distributed cloud file system as well as ploop devices. | | [VMware vSphere Storage Plugin](https://github.com/vmware/docker-volume-vsphere) | Docker Volume Driver for vSphere enables customers to address persistent storage requirements for Docker containers in vSphere environments. | diff --git a/docs/extend/plugin_api.md b/docs/extend/plugin_api.md index d1c415af9c1b..812b465085bf 100644 --- a/docs/extend/plugin_api.md +++ b/docs/extend/plugin_api.md @@ -90,7 +90,7 @@ The `TLSConfig` field is optional and TLS will only be verified if this configur Plugins should be started before Docker, and stopped after Docker. For example, when packaging a plugin for a platform which supports `systemd`, you might use [`systemd` dependencies]( -http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Before=) to +https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Before=) to manage startup and shutdown order. When upgrading a plugin, you should first stop the Docker daemon, upgrade the diff --git a/docs/reference/builder.md b/docs/reference/builder.md index f86601a6bfd1..1b214f65d4e8 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -599,10 +599,10 @@ This file causes the following build behavior: Matching is done using Go's -[filepath.Match](http://golang.org/pkg/path/filepath#Match) rules. A +[filepath.Match](https://golang.org/pkg/path/filepath#Match) rules. A preprocessing step removes leading and trailing whitespace and eliminates `.` and `..` elements using Go's -[filepath.Clean](http://golang.org/pkg/path/filepath/#Clean). Lines +[filepath.Clean](https://golang.org/pkg/path/filepath/#Clean). Lines that are blank after preprocessing are ignored. Beyond Go's filepath.Match rules, Docker also supports a special @@ -1117,7 +1117,7 @@ directories, their paths are interpreted as relative to the source of the context of the build. Each `` may contain wildcards and matching will be done using Go's -[filepath.Match](http://golang.org/pkg/path/filepath#Match) rules. For example: +[filepath.Match](https://golang.org/pkg/path/filepath#Match) rules. For example: To add all files starting with "hom": @@ -1293,7 +1293,7 @@ directories will be interpreted as relative to the source of the context of the build. Each `` may contain wildcards and matching will be done using Go's -[filepath.Match](http://golang.org/pkg/path/filepath#Match) rules. For example: +[filepath.Match](https://golang.org/pkg/path/filepath#Match) rules. For example: To add all files starting with "hom": diff --git a/docs/reference/commandline/checkpoint.md b/docs/reference/commandline/checkpoint.md index 22053982c2d7..56b0a5978b63 100644 --- a/docs/reference/commandline/checkpoint.md +++ b/docs/reference/commandline/checkpoint.md @@ -11,7 +11,7 @@ Checkpoint and Restore is an experimental feature that allows you to freeze a ru container by checkpointing it, which turns its state into a collection of files on disk. Later, the container can be restored from the point it was frozen. -This is accomplished using a tool called [CRIU](http://criu.org), which is an +This is accomplished using a tool called [CRIU](https://criu.org), which is an external dependency of this feature. A good overview of the history of checkpoint and restore in Docker is available in this [Kubernetes blog post](https://kubernetes.io/blog/2015/07/how-did-quake-demo-from-dockercon-work/). diff --git a/docs/reference/commandline/cli.md b/docs/reference/commandline/cli.md index 9b886357f938..9a7566547b3b 100644 --- a/docs/reference/commandline/cli.md +++ b/docs/reference/commandline/cli.md @@ -88,7 +88,7 @@ variables used by the Go runtime. In particular, you may find these useful: * `NO_PROXY` These Go environment variables are case-insensitive. See the -[Go specification](http://golang.org/pkg/net/http/) for details on these +[Go specification](https://golang.org/pkg/net/http/) for details on these variables. ## Configuration files diff --git a/docs/reference/commandline/config_inspect.md b/docs/reference/commandline/config_inspect.md index d0d92a018493..a2cf767ec5a3 100644 --- a/docs/reference/commandline/config_inspect.md +++ b/docs/reference/commandline/config_inspect.md @@ -23,7 +23,7 @@ Inspects the specified config. By default, this renders all results in a JSON array. If a format is specified, the given template will be executed for each result. -Go's [text/template](http://golang.org/pkg/text/template/) package +Go's [text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. For detailed information about using configs, refer to [store configuration data using Docker Configs](https://docs.docker.com/engine/swarm/configs/). diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index ee1c31ad8c85..5f7a8d66d39c 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -164,7 +164,7 @@ communication with the daemon. > supported anymore for security reasons. On Systemd based systems, you can communicate with the daemon via -[Systemd socket activation](http://0pointer.de/blog/projects/socket-activation.html), +[Systemd socket activation](https://0pointer.de/blog/projects/socket-activation.html), use `dockerd -H fd://`. Using `fd://` will work perfectly for most setups but you can also specify individual sockets: `dockerd -H fd://3`. If the specified socket activated files aren't found, then Docker will exit. You can @@ -307,7 +307,7 @@ devices, one for data and one for metadata. By default, these block devices are created automatically by using loopback mounts of automatically created sparse files. Refer to [Devicemapper options](#devicemapper-options) below for a way how to customize this setup. -[~jpetazzo/Resizing Docker containers with the Device Mapper plugin](http://jpetazzo.github.io/2014/01/29/docker-device-mapper-resize/) +[~jpetazzo/Resizing Docker containers with the Device Mapper plugin](https://jpetazzo.github.io/2014/01/29/docker-device-mapper-resize/) article explains how to tune your existing setup without the use of options. The `btrfs` driver is very fast for `docker build` - but like `devicemapper` @@ -1210,7 +1210,7 @@ For information about how to create an authorization plugin, refer to the ### Daemon user namespace options The Linux kernel -[user namespace support](http://man7.org/linux/man-pages/man7/user_namespaces.7.html) +[user namespace support](https://man7.org/linux/man-pages/man7/user_namespaces.7.html) provides additional security by enabling a process, and therefore a container, to have a unique range of user and group IDs which are outside the traditional user and group range utilized by the host system. Potentially the most important diff --git a/docs/reference/commandline/events.md b/docs/reference/commandline/events.md index 4b626858cc4f..5f88ba72307d 100644 --- a/docs/reference/commandline/events.md +++ b/docs/reference/commandline/events.md @@ -194,11 +194,11 @@ The currently supported filters are: If a format (`--format`) is specified, the given template will be executed instead of the default -format. Go's [text/template](http://golang.org/pkg/text/template/) package +format. Go's [text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. If a format is set to `{{json .}}`, the events are streamed as valid JSON -Lines. For information about JSON Lines, please refer to http://jsonlines.org/. +Lines. For information about JSON Lines, please refer to https://jsonlines.org/. ## Examples diff --git a/docs/reference/commandline/info.md b/docs/reference/commandline/info.md index f84455db31d1..0071edd8623a 100644 --- a/docs/reference/commandline/info.md +++ b/docs/reference/commandline/info.md @@ -24,7 +24,7 @@ The number of images shown is the number of unique images. The same image tagged under different names is counted only once. If a format is specified, the given template will be executed instead of the -default format. Go's [text/template](http://golang.org/pkg/text/template/) package +default format. Go's [text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. Depending on the storage driver in use, additional information can be shown, such diff --git a/docs/reference/commandline/inspect.md b/docs/reference/commandline/inspect.md index cceb0835a07a..d6174340d59d 100644 --- a/docs/reference/commandline/inspect.md +++ b/docs/reference/commandline/inspect.md @@ -29,7 +29,7 @@ By default, `docker inspect` will render results in a JSON array. If a format is specified, the given template will be executed for each result. -Go's [text/template](http://golang.org/pkg/text/template/) package +Go's [text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. ## Specify target type (--type) diff --git a/docs/reference/commandline/kill.md b/docs/reference/commandline/kill.md index b828d3433ed3..4c6935bc9c74 100644 --- a/docs/reference/commandline/kill.md +++ b/docs/reference/commandline/kill.md @@ -70,5 +70,5 @@ $ docker kill --signal=HUP my_container $ docker kill --signal=1 my_container ``` -Refer to the [`signal(7)`](http://man7.org/linux/man-pages/man7/signal.7.html) +Refer to the [`signal(7)`](https://man7.org/linux/man-pages/man7/signal.7.html) man-page for a list of standard Linux signals. diff --git a/docs/reference/commandline/network_inspect.md b/docs/reference/commandline/network_inspect.md index bbc087f1b9d5..365ad13430f7 100644 --- a/docs/reference/commandline/network_inspect.md +++ b/docs/reference/commandline/network_inspect.md @@ -44,7 +44,7 @@ node are shown. You can specify an alternate format to execute a given template for each result. Go's -[text/template](http://golang.org/pkg/text/template/) package describes all the +[text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. ```console diff --git a/docs/reference/commandline/node_inspect.md b/docs/reference/commandline/node_inspect.md index c2345433abcd..7f479046a4b6 100644 --- a/docs/reference/commandline/node_inspect.md +++ b/docs/reference/commandline/node_inspect.md @@ -22,7 +22,7 @@ Options: Returns information about a node. By default, this command renders all results in a JSON array. You can specify an alternate format to execute a given template for each result. Go's -[text/template](http://golang.org/pkg/text/template/) package describes all the +[text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. > **Note** diff --git a/docs/reference/commandline/secret_inspect.md b/docs/reference/commandline/secret_inspect.md index e02550aed189..41c4724e4e83 100644 --- a/docs/reference/commandline/secret_inspect.md +++ b/docs/reference/commandline/secret_inspect.md @@ -23,7 +23,7 @@ Inspects the specified secret. By default, this renders all results in a JSON array. If a format is specified, the given template will be executed for each result. -Go's [text/template](http://golang.org/pkg/text/template/) package +Go's [text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. For detailed information about using secrets, refer to [manage sensitive data with Docker secrets](https://docs.docker.com/engine/swarm/secrets/). diff --git a/docs/reference/commandline/service_create.md b/docs/reference/commandline/service_create.md index 340193891180..77f8caf4bdec 100644 --- a/docs/reference/commandline/service_create.md +++ b/docs/reference/commandline/service_create.md @@ -1018,7 +1018,7 @@ registry value must be located in: ### Create services using templates You can use templates for some flags of `service create`, using the syntax -provided by the Go's [text/template](http://golang.org/pkg/text/template/) package. +provided by the Go's [text/template](https://golang.org/pkg/text/template/) package. The supported flags are the following : diff --git a/docs/reference/commandline/service_inspect.md b/docs/reference/commandline/service_inspect.md index 8427eabfdc02..1c204ee0f3c4 100644 --- a/docs/reference/commandline/service_inspect.md +++ b/docs/reference/commandline/service_inspect.md @@ -24,7 +24,7 @@ Inspects the specified service. By default, this renders all results in a JSON array. If a format is specified, the given template will be executed for each result. -Go's [text/template](http://golang.org/pkg/text/template/) package +Go's [text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. > **Note** diff --git a/docs/reference/commandline/system_events.md b/docs/reference/commandline/system_events.md index 7b6c867ad994..f9d7fe73650c 100644 --- a/docs/reference/commandline/system_events.md +++ b/docs/reference/commandline/system_events.md @@ -147,11 +147,11 @@ The currently supported filters are: If a format (`--format`) is specified, the given template will be executed instead of the default -format. Go's [text/template](http://golang.org/pkg/text/template/) package +format. Go's [text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. If a format is set to `{{json .}}`, the events are streamed as valid JSON -Lines. For information about JSON Lines, please refer to http://jsonlines.org/ . +Lines. For information about JSON Lines, please refer to https://jsonlines.org/ . ## Examples diff --git a/docs/reference/commandline/version.md b/docs/reference/commandline/version.md index 09bc5c8f923b..0ca8e19e7e22 100644 --- a/docs/reference/commandline/version.md +++ b/docs/reference/commandline/version.md @@ -22,7 +22,7 @@ Options: By default, this will render all version information in an easy to read layout. If a format is specified, the given template will be executed instead. -Go's [text/template](http://golang.org/pkg/text/template/) package +Go's [text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. ## Examples diff --git a/docs/reference/commandline/volume_create.md b/docs/reference/commandline/volume_create.md index b64a8a30ea74..c2054d189946 100644 --- a/docs/reference/commandline/volume_create.md +++ b/docs/reference/commandline/volume_create.md @@ -74,7 +74,7 @@ The built-in `local` driver on Linux accepts options similar to the linux `mount` command. You can provide multiple options by passing the `--opt` flag multiple times. Some `mount` options (such as the `o` option) can take a comma-separated list of options. Complete list of available mount options can be -found [here](http://man7.org/linux/man-pages/man8/mount.8.html). +found [here](https://man7.org/linux/man-pages/man8/mount.8.html). For example, the following creates a `tmpfs` volume called `foo` with a size of 100 megabyte and `uid` of 1000. diff --git a/docs/reference/commandline/volume_inspect.md b/docs/reference/commandline/volume_inspect.md index 7d3f2a3c941b..5204310ac754 100644 --- a/docs/reference/commandline/volume_inspect.md +++ b/docs/reference/commandline/volume_inspect.md @@ -21,7 +21,7 @@ Options: Returns information about a volume. By default, this command renders all results in a JSON array. You can specify an alternate format to execute a given template for each result. Go's -[text/template](http://golang.org/pkg/text/template/) package describes all the +[text/template](https://golang.org/pkg/text/template/) package describes all the details of the format. ## Examples diff --git a/docs/reference/glossary.md b/docs/reference/glossary.md index 84963f38be1a..533b78185cf4 100644 --- a/docs/reference/glossary.md +++ b/docs/reference/glossary.md @@ -20,7 +20,7 @@ A list of terms used around the Docker project. aufs (advanced multi layered unification filesystem) is a Linux [filesystem](#filesystem) that Docker supports as a storage backend. It implements the -[union mount](http://en.wikipedia.org/wiki/Union_mount) for Linux file systems. +[union mount](https://en.wikipedia.org/wiki/Union_mount) for Linux file systems. ## base image @@ -28,7 +28,7 @@ An image that has no parent is a **base image**. ## boot2docker -[boot2docker](http://boot2docker.io/) is a lightweight Linux distribution made +[boot2docker](https://boot2docker.io/) is a lightweight Linux distribution made specifically to run Docker containers. The boot2docker management tool for Mac and Windows was deprecated and replaced by [`docker-machine`](#machine) which you can install with the Docker Toolbox. ## bridge @@ -56,7 +56,7 @@ For more information about Docker networking, see ## btrfs btrfs (B-tree file system) is a Linux [filesystem](#filesystem) that Docker -supports as a storage backend. It is a [copy-on-write](http://en.wikipedia.org/wiki/Copy-on-write) +supports as a storage backend. It is a [copy-on-write](https://en.wikipedia.org/wiki/Copy-on-write) filesystem. ## build @@ -241,7 +241,7 @@ for docker containers in a cluster. ## overlay storage driver OverlayFS is a [filesystem](#filesystem) service for Linux which implements a -[union mount](http://en.wikipedia.org/wiki/Union_mount) for other file systems. +[union mount](https://en.wikipedia.org/wiki/Union_mount) for other file systems. It is supported by the Docker daemon as a storage driver. ## registry diff --git a/docs/reference/run.md b/docs/reference/run.md index ceb52c7b2008..197af741abb7 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -1254,7 +1254,7 @@ access to all devices on the host as well as set some configuration in AppArmor or SELinux to allow the container nearly all the same access to the host as processes running outside containers on the host. Additional information about running with `--privileged` is available on the -[Docker Blog](http://blog.docker.com/2013/09/docker-can-now-run-within-docker/). +[Docker Blog](https://blog.docker.com/2013/09/docker-can-now-run-within-docker/). If you want to limit access to a specific device or devices you can use the `--device` flag. It allows you to specify one or more devices that @@ -1337,7 +1337,7 @@ The next table shows the capabilities which are not granted by default and may b | SYSLOG | Perform privileged syslog(2) operations. | | WAKE_ALARM | Trigger something that will wake up the system. | -Further reference information is available on the [capabilities(7) - Linux man page](http://man7.org/linux/man-pages/man7/capabilities.7.html), +Further reference information is available on the [capabilities(7) - Linux man page](https://man7.org/linux/man-pages/man7/capabilities.7.html), and in the [Linux kernel source code](https://github.com/torvalds/linux/blob/124ea650d3072b005457faed69909221c2905a1f/include/uapi/linux/capability.h). Both flags support the value `ALL`, so to allow a container to use all capabilities From 03fa8f92c8b7dab0a7b3d01acf7654adffbbd8cb Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 5 Nov 2021 11:12:54 +0100 Subject: [PATCH 106/127] Update Go to 1.16.10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit go1.16.10 (released 2021-11-04) includes security fixes to the archive/zip and debug/macho packages, as well as bug fixes to the compiler, linker, runtime, the misc/wasm directory, and to the net/http package. See the Go 1.16.10 milestone for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.10+label%3ACherryPickApproved From the announcement e-mail: [security] Go 1.17.3 and Go 1.16.10 are released We have just released Go versions 1.17.3 and 1.16.10, minor point releases. These minor releases include two security fixes following the security policy: - archive/zip: don't panic on (*Reader).Open Reader.Open (the API implementing io/fs.FS introduced in Go 1.16) can be made to panic by an attacker providing either a crafted ZIP archive containing completely invalid names or an empty filename argument. Thank you to Colin Arnott, SiteHost and Noah Santschi-Cooney, Sourcegraph Code Intelligence Team for reporting this issue. This is CVE-2021-41772 and Go issue golang.org/issue/48085. - debug/macho: invalid dynamic symbol table command can cause panic Malformed binaries parsed using Open or OpenFat can cause a panic when calling ImportedSymbols, due to an out-of-bounds slice operation. Thanks to Burak Çarıkçı - Yunus Yıldırım (CT-Zer0 Crypttech) for reporting this issue. This is CVE-2021-41771 and Go issue golang.org/issue/48990. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit e285f15009489fed0e89d510a2522f58e97b2602) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- appveyor.yml | 2 +- dockerfiles/Dockerfile.binary-native | 2 +- dockerfiles/Dockerfile.dev | 2 +- dockerfiles/Dockerfile.e2e | 2 +- dockerfiles/Dockerfile.lint | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index f91f7bd417a6..4a94b32346f5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.16.9 +ARG GO_VERSION=1.16.10 ARG XX_VERSION=1.0.0-rc.2 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable diff --git a/appveyor.yml b/appveyor.yml index e2237c6caf57..ec201052bcbe 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.16.9 + GOVERSION: 1.16.10 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.binary-native b/dockerfiles/Dockerfile.binary-native index f52379981da3..9d47a9110276 100644 --- a/dockerfiles/Dockerfile.binary-native +++ b/dockerfiles/Dockerfile.binary-native @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.9 +ARG GO_VERSION=1.16.10 FROM golang:${GO_VERSION}-alpine diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index 073c0611076e..600095b050e1 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.9 +ARG GO_VERSION=1.16.10 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 diff --git a/dockerfiles/Dockerfile.e2e b/dockerfiles/Dockerfile.e2e index cb29095979d7..b9a7b3624b86 100644 --- a/dockerfiles/Dockerfile.e2e +++ b/dockerfiles/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.9 +ARG GO_VERSION=1.16.10 # Use Debian based image as docker-compose requires glibc. FROM golang:${GO_VERSION}-buster diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index bf0cd69336fb..807b713d451b 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.9 +ARG GO_VERSION=1.16.10 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build From 4de40a825e90934d9015f2cb211f6f5ecb917fd5 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 6 Dec 2021 10:57:30 +0100 Subject: [PATCH 107/127] Update Go to 1.16.11 go1.16.11 (released 2021-12-02) includes fixes to the compiler, runtime, and the net/http, net/http/httptest, and time packages. See the Go 1.16.11 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.11+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn (cherry picked from commit dedd4b79ca4165573757e53aa036233508c5f478) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- appveyor.yml | 2 +- dockerfiles/Dockerfile.dev | 2 +- dockerfiles/Dockerfile.lint | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4a94b32346f5..9d93ded7c36c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.16.10 +ARG GO_VERSION=1.16.11 ARG XX_VERSION=1.0.0-rc.2 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable diff --git a/appveyor.yml b/appveyor.yml index ec201052bcbe..2313e0d074e5 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.16.10 + GOVERSION: 1.16.11 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index 600095b050e1..48df12eb7370 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.10 +ARG GO_VERSION=1.16.11 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 807b713d451b..359c8c1e3600 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.10 +ARG GO_VERSION=1.16.11 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build From 38dd744a113f705fba857ff1f3d43a58da1b30f0 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sun, 12 Dec 2021 01:16:34 +0100 Subject: [PATCH 108/127] [20.10] Update Go to 1.16.12 go1.16.12 (released 2021-12-09) includes security fixes to the syscall and net/http packages. See the Go 1.16.12 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.12+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- appveyor.yml | 2 +- dockerfiles/Dockerfile.dev | 2 +- dockerfiles/Dockerfile.lint | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9d93ded7c36c..c94d8d94075d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.16.11 +ARG GO_VERSION=1.16.12 ARG XX_VERSION=1.0.0-rc.2 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable diff --git a/appveyor.yml b/appveyor.yml index 2313e0d074e5..3634dbd1d9be 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.16.11 + GOVERSION: 1.16.12 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index 48df12eb7370..536d6a2fcba2 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.11 +ARG GO_VERSION=1.16.12 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 359c8c1e3600..2b54d8162e7d 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.11 +ARG GO_VERSION=1.16.12 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build From ee1ac1b319de62f706730ec41df2621fe9660975 Mon Sep 17 00:00:00 2001 From: coryb Date: Sat, 21 Aug 2021 13:14:11 -0700 Subject: [PATCH 109/127] fix innocuous data-race when config.Load called in parallel Locking was removed in https://github.com/docker/cli/pull/3025 which allows for parallel calls to config.Load to modify global state. The consequence in this case is innocuous, but it does trigger a `DATA RACE` exception when tests run with `-race` option. Signed-off-by: coryb (cherry picked from commit b5f4a6e45f3313b38b8efe401f63549f722a9bfd) Signed-off-by: Sebastiaan van Stijn --- cli/config/config.go | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/cli/config/config.go b/cli/config/config.go index 93275f3d9858..31ad117d4159 100644 --- a/cli/config/config.go +++ b/cli/config/config.go @@ -104,14 +104,18 @@ func LoadFromReader(configData io.Reader) (*configfile.ConfigFile, error) { return &configFile, err } -// TODO remove this temporary hack, which is used to warn about the deprecated ~/.dockercfg file -var printLegacyFileWarning bool - // Load reads the configuration files in the given directory, and sets up // the auth config information and returns values. // FIXME: use the internal golang config parser func Load(configDir string) (*configfile.ConfigFile, error) { - printLegacyFileWarning = false + cfg, _, err := load(configDir) + return cfg, err +} + +// TODO remove this temporary hack, which is used to warn about the deprecated ~/.dockercfg file +// so we can remove the bool return value and collapse this back into `Load` +func load(configDir string) (*configfile.ConfigFile, bool, error) { + printLegacyFileWarning := false if configDir == "" { configDir = Dir() @@ -127,11 +131,11 @@ func Load(configDir string) (*configfile.ConfigFile, error) { if err != nil { err = errors.Wrap(err, filename) } - return configFile, err + return configFile, printLegacyFileWarning, err } else if !os.IsNotExist(err) { // if file is there but we can't stat it for any reason other // than it doesn't exist then stop - return configFile, errors.Wrap(err, filename) + return configFile, printLegacyFileWarning, errors.Wrap(err, filename) } // Can't find latest config file so check for the old one @@ -140,16 +144,16 @@ func Load(configDir string) (*configfile.ConfigFile, error) { printLegacyFileWarning = true defer file.Close() if err := configFile.LegacyLoadFromReader(file); err != nil { - return configFile, errors.Wrap(err, filename) + return configFile, printLegacyFileWarning, errors.Wrap(err, filename) } } - return configFile, nil + return configFile, printLegacyFileWarning, nil } // LoadDefaultConfigFile attempts to load the default config file and returns // an initialized ConfigFile struct if none is found. func LoadDefaultConfigFile(stderr io.Writer) *configfile.ConfigFile { - configFile, err := Load(Dir()) + configFile, printLegacyFileWarning, err := load(Dir()) if err != nil { fmt.Fprintf(stderr, "WARNING: Error loading config file: %v\n", err) } From f3ff8e6ad61976e76553d22ff922e21f5880c1eb Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 3 Feb 2022 12:19:39 +0100 Subject: [PATCH 110/127] [20.10] vendor: compose-on-kubernetes v0.5.0 to remove github.com/golang/glog glog has the same issue as k8s.io/klog, and is calling `user.Current()` inside an `init()`; see https://github.com/kubernetes/klog/commit/466fbb6507dbc90eba32172bb1c662640e78e0c3 Calling `user.Current()` on Windows can result in remove connections being made to get the user's information, which can be a heavy call. See #2420 glog was only used in a single location in compose-on-kubernetes, so we may as well remove it. Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 3 +- .../docker/compose-on-kubernetes/README.md | 24 +- .../api/client/clientset/clientset.go | 2 - vendor/github.com/golang/glog/LICENSE | 191 --- vendor/github.com/golang/glog/README | 44 - vendor/github.com/golang/glog/glog.go | 1180 ----------------- vendor/github.com/golang/glog/glog_file.go | 124 -- 7 files changed, 22 insertions(+), 1546 deletions(-) delete mode 100644 vendor/github.com/golang/glog/LICENSE delete mode 100644 vendor/github.com/golang/glog/README delete mode 100644 vendor/github.com/golang/glog/glog.go delete mode 100644 vendor/github.com/golang/glog/glog_file.go diff --git a/vendor.conf b/vendor.conf index 3f1bfe550e15..fed92be68354 100755 --- a/vendor.conf +++ b/vendor.conf @@ -11,7 +11,7 @@ github.com/coreos/etcd d57e8b8d97adfc4a6c224fe11671 github.com/cpuguy83/go-md2man/v2 b1ec32e02fe539480dc03e3bf381c20066e7c6cc # v2.0.1 github.com/creack/pty 2a38352e8b4d7ab6c336eef107e42a55e72e7fbc # v1.1.11 github.com/davecgh/go-spew 8991bc29aa16c548c550c7ff78260e27b9ab7c73 # v1.1.1 -github.com/docker/compose-on-kubernetes 78e6a00beda64ac8ccb9fec787e601fe2ce0d5bb # v0.5.0-alpha1 +github.com/docker/compose-on-kubernetes 1f9b5b8cb6aca13deee947511801cf89447c1bfe # v0.5.0 github.com/docker/distribution 0d3efadf0154c2b8a4e7b6621fff9809655cc580 github.com/docker/docker b0f5bc36fea9dfb9672e1e9b1278ebab797b9ee0 # v20.10.7 github.com/docker/docker-credential-helpers fc9290adbcf1594e78910e2f0334090eaee0e1ee # v0.6.4 @@ -26,7 +26,6 @@ github.com/fvbommel/sortorder 26fad50c6b32a3064c09ed089865 github.com/gofrs/flock 6caa7350c26b838538005fae7dbee4e69d9398db # v0.7.3 github.com/gogo/googleapis 01e0f9cca9b92166042241267ee2a5cdf5cff46c # v1.3.2 github.com/gogo/protobuf 5628607bb4c51c3157aacc3a50f0ab707582b805 # v1.3.1 -github.com/golang/glog 23def4e6c14b4da8ac2ed8007337bc5eb5007998 github.com/golang/groupcache 869f871628b6baa9cfbc11732cdf6546b17c1298 github.com/golang/protobuf 84668698ea25b64748563aa20726db66a6b8d299 # v1.3.5 github.com/google/go-cmp 3af367b6b30c263d47e8895973edcca9a49cf029 # v0.2.0 diff --git a/vendor/github.com/docker/compose-on-kubernetes/README.md b/vendor/github.com/docker/compose-on-kubernetes/README.md index 81f473f89f9c..d5832c4e2dc5 100644 --- a/vendor/github.com/docker/compose-on-kubernetes/README.md +++ b/vendor/github.com/docker/compose-on-kubernetes/README.md @@ -1,3 +1,5 @@ +> :warning: **This project is no longer maintained** :warning: + # Compose on Kubernetes [![CircleCI](https://circleci.com/gh/docker/compose-on-kubernetes/tree/master.svg?style=svg)](https://circleci.com/gh/docker/compose-on-kubernetes/tree/master) @@ -17,13 +19,29 @@ More documentation can be found in the [docs/](./docs) directory. This includes: # Get started -Compose on Kubernetes comes installed on -[Docker Desktop](https://www.docker.com/products/docker-desktop) and -[Docker Enterprise](https://www.docker.com/products/docker-enterprise). +## Install Compose on Kubernetes on Docker Desktop + +### Pre-requisites + +- [Docker Desktop](https://www.docker.com/products/docker-desktop). +- To install etcd using these instructions, you must have [Helm](https://helm.sh) in your client environment. +- [Download the Compose on Kubernetes installer](https://github.com/docker/compose-on-kubernetes/releases). On Docker Desktop you will need to activate Kubernetes in the settings to use Compose on Kubernetes. +### Create compose namespace + +- Create a compose namespace by running `kubectl create namespace compose` + +### Deploy etcd + +Compose on Kubernetes requires an etcd instance (in addition to the kube-system etcd instance). Please follow [How to deploy etcd](./docs/deploy-etcd.md). + +### Deploy Compose on Kubernetes + +Run `installer-[darwin|linux|windows.exe] -namespace=compose -etcd-servers=http://compose-etcd-client:2379`. + ## Check that Compose on Kubernetes is installed You can check that Compose on Kubernetes is installed by checking for the diff --git a/vendor/github.com/docker/compose-on-kubernetes/api/client/clientset/clientset.go b/vendor/github.com/docker/compose-on-kubernetes/api/client/clientset/clientset.go index 80bccc010473..48bae495d3bd 100644 --- a/vendor/github.com/docker/compose-on-kubernetes/api/client/clientset/clientset.go +++ b/vendor/github.com/docker/compose-on-kubernetes/api/client/clientset/clientset.go @@ -4,7 +4,6 @@ import ( composev1alpha3 "github.com/docker/compose-on-kubernetes/api/client/clientset/typed/compose/v1alpha3" composev1beta1 "github.com/docker/compose-on-kubernetes/api/client/clientset/typed/compose/v1beta1" composev1beta2 "github.com/docker/compose-on-kubernetes/api/client/clientset/typed/compose/v1beta2" - glog "github.com/golang/glog" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -100,7 +99,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) if err != nil { - glog.Errorf("failed to create the DiscoveryClient: %v", err) return nil, err } return &cs, nil diff --git a/vendor/github.com/golang/glog/LICENSE b/vendor/github.com/golang/glog/LICENSE deleted file mode 100644 index 37ec93a14fdc..000000000000 --- a/vendor/github.com/golang/glog/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ -Apache License -Version 2.0, January 2004 -http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - -"License" shall mean the terms and conditions for use, reproduction, and -distribution as defined by Sections 1 through 9 of this document. - -"Licensor" shall mean the copyright owner or entity authorized by the copyright -owner that is granting the License. - -"Legal Entity" shall mean the union of the acting entity and all other entities -that control, are controlled by, or are under common control with that entity. -For the purposes of this definition, "control" means (i) the power, direct or -indirect, to cause the direction or management of such entity, whether by -contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the -outstanding shares, or (iii) beneficial ownership of such entity. - -"You" (or "Your") shall mean an individual or Legal Entity exercising -permissions granted by this License. - -"Source" form shall mean the preferred form for making modifications, including -but not limited to software source code, documentation source, and configuration -files. - -"Object" form shall mean any form resulting from mechanical transformation or -translation of a Source form, including but not limited to compiled object code, -generated documentation, and conversions to other media types. - -"Work" shall mean the work of authorship, whether in Source or Object form, made -available under the License, as indicated by a copyright notice that is included -in or attached to the work (an example is provided in the Appendix below). - -"Derivative Works" shall mean any work, whether in Source or Object form, that -is based on (or derived from) the Work and for which the editorial revisions, -annotations, elaborations, or other modifications represent, as a whole, an -original work of authorship. For the purposes of this License, Derivative Works -shall not include works that remain separable from, or merely link (or bind by -name) to the interfaces of, the Work and Derivative Works thereof. - -"Contribution" shall mean any work of authorship, including the original version -of the Work and any modifications or additions to that Work or Derivative Works -thereof, that is intentionally submitted to Licensor for inclusion in the Work -by the copyright owner or by an individual or Legal Entity authorized to submit -on behalf of the copyright owner. For the purposes of this definition, -"submitted" means any form of electronic, verbal, or written communication sent -to the Licensor or its representatives, including but not limited to -communication on electronic mailing lists, source code control systems, and -issue tracking systems that are managed by, or on behalf of, the Licensor for -the purpose of discussing and improving the Work, but excluding communication -that is conspicuously marked or otherwise designated in writing by the copyright -owner as "Not a Contribution." - -"Contributor" shall mean Licensor and any individual or Legal Entity on behalf -of whom a Contribution has been received by Licensor and subsequently -incorporated within the Work. - -2. Grant of Copyright License. - -Subject to the terms and conditions of this License, each Contributor hereby -grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, -irrevocable copyright license to reproduce, prepare Derivative Works of, -publicly display, publicly perform, sublicense, and distribute the Work and such -Derivative Works in Source or Object form. - -3. Grant of Patent License. - -Subject to the terms and conditions of this License, each Contributor hereby -grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, -irrevocable (except as stated in this section) patent license to make, have -made, use, offer to sell, sell, import, and otherwise transfer the Work, where -such license applies only to those patent claims licensable by such Contributor -that are necessarily infringed by their Contribution(s) alone or by combination -of their Contribution(s) with the Work to which such Contribution(s) was -submitted. If You institute patent litigation against any entity (including a -cross-claim or counterclaim in a lawsuit) alleging that the Work or a -Contribution incorporated within the Work constitutes direct or contributory -patent infringement, then any patent licenses granted to You under this License -for that Work shall terminate as of the date such litigation is filed. - -4. Redistribution. - -You may reproduce and distribute copies of the Work or Derivative Works thereof -in any medium, with or without modifications, and in Source or Object form, -provided that You meet the following conditions: - -You must give any other recipients of the Work or Derivative Works a copy of -this License; and -You must cause any modified files to carry prominent notices stating that You -changed the files; and -You must retain, in the Source form of any Derivative Works that You distribute, -all copyright, patent, trademark, and attribution notices from the Source form -of the Work, excluding those notices that do not pertain to any part of the -Derivative Works; and -If the Work includes a "NOTICE" text file as part of its distribution, then any -Derivative Works that You distribute must include a readable copy of the -attribution notices contained within such NOTICE file, excluding those notices -that do not pertain to any part of the Derivative Works, in at least one of the -following places: within a NOTICE text file distributed as part of the -Derivative Works; within the Source form or documentation, if provided along -with the Derivative Works; or, within a display generated by the Derivative -Works, if and wherever such third-party notices normally appear. The contents of -the NOTICE file are for informational purposes only and do not modify the -License. You may add Your own attribution notices within Derivative Works that -You distribute, alongside or as an addendum to the NOTICE text from the Work, -provided that such additional attribution notices cannot be construed as -modifying the License. -You may add Your own copyright statement to Your modifications and may provide -additional or different license terms and conditions for use, reproduction, or -distribution of Your modifications, or for any such Derivative Works as a whole, -provided Your use, reproduction, and distribution of the Work otherwise complies -with the conditions stated in this License. - -5. Submission of Contributions. - -Unless You explicitly state otherwise, any Contribution intentionally submitted -for inclusion in the Work by You to the Licensor shall be under the terms and -conditions of this License, without any additional terms or conditions. -Notwithstanding the above, nothing herein shall supersede or modify the terms of -any separate license agreement you may have executed with Licensor regarding -such Contributions. - -6. Trademarks. - -This License does not grant permission to use the trade names, trademarks, -service marks, or product names of the Licensor, except as required for -reasonable and customary use in describing the origin of the Work and -reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. - -Unless required by applicable law or agreed to in writing, Licensor provides the -Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, -including, without limitation, any warranties or conditions of TITLE, -NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are -solely responsible for determining the appropriateness of using or -redistributing the Work and assume any risks associated with Your exercise of -permissions under this License. - -8. Limitation of Liability. - -In no event and under no legal theory, whether in tort (including negligence), -contract, or otherwise, unless required by applicable law (such as deliberate -and grossly negligent acts) or agreed to in writing, shall any Contributor be -liable to You for damages, including any direct, indirect, special, incidental, -or consequential damages of any character arising as a result of this License or -out of the use or inability to use the Work (including but not limited to -damages for loss of goodwill, work stoppage, computer failure or malfunction, or -any and all other commercial damages or losses), even if such Contributor has -been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. - -While redistributing the Work or Derivative Works thereof, You may choose to -offer, and charge a fee for, acceptance of support, warranty, indemnity, or -other liability obligations and/or rights consistent with this License. However, -in accepting such obligations, You may act only on Your own behalf and on Your -sole responsibility, not on behalf of any other Contributor, and only if You -agree to indemnify, defend, and hold each Contributor harmless for any liability -incurred by, or claims asserted against, such Contributor by reason of your -accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work - -To apply the Apache License to your work, attach the following boilerplate -notice, with the fields enclosed by brackets "[]" replaced with your own -identifying information. (Don't include the brackets!) The text should be -enclosed in the appropriate comment syntax for the file format. We also -recommend that a file or class name and description of purpose be included on -the same "printed page" as the copyright notice for easier identification within -third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/golang/glog/README b/vendor/github.com/golang/glog/README deleted file mode 100644 index 387b4eb68909..000000000000 --- a/vendor/github.com/golang/glog/README +++ /dev/null @@ -1,44 +0,0 @@ -glog -==== - -Leveled execution logs for Go. - -This is an efficient pure Go implementation of leveled logs in the -manner of the open source C++ package - https://github.com/google/glog - -By binding methods to booleans it is possible to use the log package -without paying the expense of evaluating the arguments to the log. -Through the -vmodule flag, the package also provides fine-grained -control over logging at the file level. - -The comment from glog.go introduces the ideas: - - Package glog implements logging analogous to the Google-internal - C++ INFO/ERROR/V setup. It provides functions Info, Warning, - Error, Fatal, plus formatting variants such as Infof. It - also provides V-style logging controlled by the -v and - -vmodule=file=2 flags. - - Basic examples: - - glog.Info("Prepare to repel boarders") - - glog.Fatalf("Initialization failed: %s", err) - - See the documentation for the V function for an explanation - of these examples: - - if glog.V(2) { - glog.Info("Starting transaction...") - } - - glog.V(2).Infoln("Processed", nItems, "elements") - - -The repository contains an open source version of the log package -used inside Google. The master copy of the source lives inside -Google, not here. The code in this repo is for export only and is not itself -under development. Feature requests will be ignored. - -Send bug reports to golang-nuts@googlegroups.com. diff --git a/vendor/github.com/golang/glog/glog.go b/vendor/github.com/golang/glog/glog.go deleted file mode 100644 index 54bd7afdcabe..000000000000 --- a/vendor/github.com/golang/glog/glog.go +++ /dev/null @@ -1,1180 +0,0 @@ -// Go support for leveled logs, analogous to https://code.google.com/p/google-glog/ -// -// Copyright 2013 Google Inc. All Rights Reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package glog implements logging analogous to the Google-internal C++ INFO/ERROR/V setup. -// It provides functions Info, Warning, Error, Fatal, plus formatting variants such as -// Infof. It also provides V-style logging controlled by the -v and -vmodule=file=2 flags. -// -// Basic examples: -// -// glog.Info("Prepare to repel boarders") -// -// glog.Fatalf("Initialization failed: %s", err) -// -// See the documentation for the V function for an explanation of these examples: -// -// if glog.V(2) { -// glog.Info("Starting transaction...") -// } -// -// glog.V(2).Infoln("Processed", nItems, "elements") -// -// Log output is buffered and written periodically using Flush. Programs -// should call Flush before exiting to guarantee all log output is written. -// -// By default, all log statements write to files in a temporary directory. -// This package provides several flags that modify this behavior. -// As a result, flag.Parse must be called before any logging is done. -// -// -logtostderr=false -// Logs are written to standard error instead of to files. -// -alsologtostderr=false -// Logs are written to standard error as well as to files. -// -stderrthreshold=ERROR -// Log events at or above this severity are logged to standard -// error as well as to files. -// -log_dir="" -// Log files will be written to this directory instead of the -// default temporary directory. -// -// Other flags provide aids to debugging. -// -// -log_backtrace_at="" -// When set to a file and line number holding a logging statement, -// such as -// -log_backtrace_at=gopherflakes.go:234 -// a stack trace will be written to the Info log whenever execution -// hits that statement. (Unlike with -vmodule, the ".go" must be -// present.) -// -v=0 -// Enable V-leveled logging at the specified level. -// -vmodule="" -// The syntax of the argument is a comma-separated list of pattern=N, -// where pattern is a literal file name (minus the ".go" suffix) or -// "glob" pattern and N is a V level. For instance, -// -vmodule=gopher*=3 -// sets the V level to 3 in all Go files whose names begin "gopher". -// -package glog - -import ( - "bufio" - "bytes" - "errors" - "flag" - "fmt" - "io" - stdLog "log" - "os" - "path/filepath" - "runtime" - "strconv" - "strings" - "sync" - "sync/atomic" - "time" -) - -// severity identifies the sort of log: info, warning etc. It also implements -// the flag.Value interface. The -stderrthreshold flag is of type severity and -// should be modified only through the flag.Value interface. The values match -// the corresponding constants in C++. -type severity int32 // sync/atomic int32 - -// These constants identify the log levels in order of increasing severity. -// A message written to a high-severity log file is also written to each -// lower-severity log file. -const ( - infoLog severity = iota - warningLog - errorLog - fatalLog - numSeverity = 4 -) - -const severityChar = "IWEF" - -var severityName = []string{ - infoLog: "INFO", - warningLog: "WARNING", - errorLog: "ERROR", - fatalLog: "FATAL", -} - -// get returns the value of the severity. -func (s *severity) get() severity { - return severity(atomic.LoadInt32((*int32)(s))) -} - -// set sets the value of the severity. -func (s *severity) set(val severity) { - atomic.StoreInt32((*int32)(s), int32(val)) -} - -// String is part of the flag.Value interface. -func (s *severity) String() string { - return strconv.FormatInt(int64(*s), 10) -} - -// Get is part of the flag.Value interface. -func (s *severity) Get() interface{} { - return *s -} - -// Set is part of the flag.Value interface. -func (s *severity) Set(value string) error { - var threshold severity - // Is it a known name? - if v, ok := severityByName(value); ok { - threshold = v - } else { - v, err := strconv.Atoi(value) - if err != nil { - return err - } - threshold = severity(v) - } - logging.stderrThreshold.set(threshold) - return nil -} - -func severityByName(s string) (severity, bool) { - s = strings.ToUpper(s) - for i, name := range severityName { - if name == s { - return severity(i), true - } - } - return 0, false -} - -// OutputStats tracks the number of output lines and bytes written. -type OutputStats struct { - lines int64 - bytes int64 -} - -// Lines returns the number of lines written. -func (s *OutputStats) Lines() int64 { - return atomic.LoadInt64(&s.lines) -} - -// Bytes returns the number of bytes written. -func (s *OutputStats) Bytes() int64 { - return atomic.LoadInt64(&s.bytes) -} - -// Stats tracks the number of lines of output and number of bytes -// per severity level. Values must be read with atomic.LoadInt64. -var Stats struct { - Info, Warning, Error OutputStats -} - -var severityStats = [numSeverity]*OutputStats{ - infoLog: &Stats.Info, - warningLog: &Stats.Warning, - errorLog: &Stats.Error, -} - -// Level is exported because it appears in the arguments to V and is -// the type of the v flag, which can be set programmatically. -// It's a distinct type because we want to discriminate it from logType. -// Variables of type level are only changed under logging.mu. -// The -v flag is read only with atomic ops, so the state of the logging -// module is consistent. - -// Level is treated as a sync/atomic int32. - -// Level specifies a level of verbosity for V logs. *Level implements -// flag.Value; the -v flag is of type Level and should be modified -// only through the flag.Value interface. -type Level int32 - -// get returns the value of the Level. -func (l *Level) get() Level { - return Level(atomic.LoadInt32((*int32)(l))) -} - -// set sets the value of the Level. -func (l *Level) set(val Level) { - atomic.StoreInt32((*int32)(l), int32(val)) -} - -// String is part of the flag.Value interface. -func (l *Level) String() string { - return strconv.FormatInt(int64(*l), 10) -} - -// Get is part of the flag.Value interface. -func (l *Level) Get() interface{} { - return *l -} - -// Set is part of the flag.Value interface. -func (l *Level) Set(value string) error { - v, err := strconv.Atoi(value) - if err != nil { - return err - } - logging.mu.Lock() - defer logging.mu.Unlock() - logging.setVState(Level(v), logging.vmodule.filter, false) - return nil -} - -// moduleSpec represents the setting of the -vmodule flag. -type moduleSpec struct { - filter []modulePat -} - -// modulePat contains a filter for the -vmodule flag. -// It holds a verbosity level and a file pattern to match. -type modulePat struct { - pattern string - literal bool // The pattern is a literal string - level Level -} - -// match reports whether the file matches the pattern. It uses a string -// comparison if the pattern contains no metacharacters. -func (m *modulePat) match(file string) bool { - if m.literal { - return file == m.pattern - } - match, _ := filepath.Match(m.pattern, file) - return match -} - -func (m *moduleSpec) String() string { - // Lock because the type is not atomic. TODO: clean this up. - logging.mu.Lock() - defer logging.mu.Unlock() - var b bytes.Buffer - for i, f := range m.filter { - if i > 0 { - b.WriteRune(',') - } - fmt.Fprintf(&b, "%s=%d", f.pattern, f.level) - } - return b.String() -} - -// Get is part of the (Go 1.2) flag.Getter interface. It always returns nil for this flag type since the -// struct is not exported. -func (m *moduleSpec) Get() interface{} { - return nil -} - -var errVmoduleSyntax = errors.New("syntax error: expect comma-separated list of filename=N") - -// Syntax: -vmodule=recordio=2,file=1,gfs*=3 -func (m *moduleSpec) Set(value string) error { - var filter []modulePat - for _, pat := range strings.Split(value, ",") { - if len(pat) == 0 { - // Empty strings such as from a trailing comma can be ignored. - continue - } - patLev := strings.Split(pat, "=") - if len(patLev) != 2 || len(patLev[0]) == 0 || len(patLev[1]) == 0 { - return errVmoduleSyntax - } - pattern := patLev[0] - v, err := strconv.Atoi(patLev[1]) - if err != nil { - return errors.New("syntax error: expect comma-separated list of filename=N") - } - if v < 0 { - return errors.New("negative value for vmodule level") - } - if v == 0 { - continue // Ignore. It's harmless but no point in paying the overhead. - } - // TODO: check syntax of filter? - filter = append(filter, modulePat{pattern, isLiteral(pattern), Level(v)}) - } - logging.mu.Lock() - defer logging.mu.Unlock() - logging.setVState(logging.verbosity, filter, true) - return nil -} - -// isLiteral reports whether the pattern is a literal string, that is, has no metacharacters -// that require filepath.Match to be called to match the pattern. -func isLiteral(pattern string) bool { - return !strings.ContainsAny(pattern, `\*?[]`) -} - -// traceLocation represents the setting of the -log_backtrace_at flag. -type traceLocation struct { - file string - line int -} - -// isSet reports whether the trace location has been specified. -// logging.mu is held. -func (t *traceLocation) isSet() bool { - return t.line > 0 -} - -// match reports whether the specified file and line matches the trace location. -// The argument file name is the full path, not the basename specified in the flag. -// logging.mu is held. -func (t *traceLocation) match(file string, line int) bool { - if t.line != line { - return false - } - if i := strings.LastIndex(file, "/"); i >= 0 { - file = file[i+1:] - } - return t.file == file -} - -func (t *traceLocation) String() string { - // Lock because the type is not atomic. TODO: clean this up. - logging.mu.Lock() - defer logging.mu.Unlock() - return fmt.Sprintf("%s:%d", t.file, t.line) -} - -// Get is part of the (Go 1.2) flag.Getter interface. It always returns nil for this flag type since the -// struct is not exported -func (t *traceLocation) Get() interface{} { - return nil -} - -var errTraceSyntax = errors.New("syntax error: expect file.go:234") - -// Syntax: -log_backtrace_at=gopherflakes.go:234 -// Note that unlike vmodule the file extension is included here. -func (t *traceLocation) Set(value string) error { - if value == "" { - // Unset. - t.line = 0 - t.file = "" - } - fields := strings.Split(value, ":") - if len(fields) != 2 { - return errTraceSyntax - } - file, line := fields[0], fields[1] - if !strings.Contains(file, ".") { - return errTraceSyntax - } - v, err := strconv.Atoi(line) - if err != nil { - return errTraceSyntax - } - if v <= 0 { - return errors.New("negative or zero value for level") - } - logging.mu.Lock() - defer logging.mu.Unlock() - t.line = v - t.file = file - return nil -} - -// flushSyncWriter is the interface satisfied by logging destinations. -type flushSyncWriter interface { - Flush() error - Sync() error - io.Writer -} - -func init() { - flag.BoolVar(&logging.toStderr, "logtostderr", false, "log to standard error instead of files") - flag.BoolVar(&logging.alsoToStderr, "alsologtostderr", false, "log to standard error as well as files") - flag.Var(&logging.verbosity, "v", "log level for V logs") - flag.Var(&logging.stderrThreshold, "stderrthreshold", "logs at or above this threshold go to stderr") - flag.Var(&logging.vmodule, "vmodule", "comma-separated list of pattern=N settings for file-filtered logging") - flag.Var(&logging.traceLocation, "log_backtrace_at", "when logging hits line file:N, emit a stack trace") - - // Default stderrThreshold is ERROR. - logging.stderrThreshold = errorLog - - logging.setVState(0, nil, false) - go logging.flushDaemon() -} - -// Flush flushes all pending log I/O. -func Flush() { - logging.lockAndFlushAll() -} - -// loggingT collects all the global state of the logging setup. -type loggingT struct { - // Boolean flags. Not handled atomically because the flag.Value interface - // does not let us avoid the =true, and that shorthand is necessary for - // compatibility. TODO: does this matter enough to fix? Seems unlikely. - toStderr bool // The -logtostderr flag. - alsoToStderr bool // The -alsologtostderr flag. - - // Level flag. Handled atomically. - stderrThreshold severity // The -stderrthreshold flag. - - // freeList is a list of byte buffers, maintained under freeListMu. - freeList *buffer - // freeListMu maintains the free list. It is separate from the main mutex - // so buffers can be grabbed and printed to without holding the main lock, - // for better parallelization. - freeListMu sync.Mutex - - // mu protects the remaining elements of this structure and is - // used to synchronize logging. - mu sync.Mutex - // file holds writer for each of the log types. - file [numSeverity]flushSyncWriter - // pcs is used in V to avoid an allocation when computing the caller's PC. - pcs [1]uintptr - // vmap is a cache of the V Level for each V() call site, identified by PC. - // It is wiped whenever the vmodule flag changes state. - vmap map[uintptr]Level - // filterLength stores the length of the vmodule filter chain. If greater - // than zero, it means vmodule is enabled. It may be read safely - // using sync.LoadInt32, but is only modified under mu. - filterLength int32 - // traceLocation is the state of the -log_backtrace_at flag. - traceLocation traceLocation - // These flags are modified only under lock, although verbosity may be fetched - // safely using atomic.LoadInt32. - vmodule moduleSpec // The state of the -vmodule flag. - verbosity Level // V logging level, the value of the -v flag/ -} - -// buffer holds a byte Buffer for reuse. The zero value is ready for use. -type buffer struct { - bytes.Buffer - tmp [64]byte // temporary byte array for creating headers. - next *buffer -} - -var logging loggingT - -// setVState sets a consistent state for V logging. -// l.mu is held. -func (l *loggingT) setVState(verbosity Level, filter []modulePat, setFilter bool) { - // Turn verbosity off so V will not fire while we are in transition. - logging.verbosity.set(0) - // Ditto for filter length. - atomic.StoreInt32(&logging.filterLength, 0) - - // Set the new filters and wipe the pc->Level map if the filter has changed. - if setFilter { - logging.vmodule.filter = filter - logging.vmap = make(map[uintptr]Level) - } - - // Things are consistent now, so enable filtering and verbosity. - // They are enabled in order opposite to that in V. - atomic.StoreInt32(&logging.filterLength, int32(len(filter))) - logging.verbosity.set(verbosity) -} - -// getBuffer returns a new, ready-to-use buffer. -func (l *loggingT) getBuffer() *buffer { - l.freeListMu.Lock() - b := l.freeList - if b != nil { - l.freeList = b.next - } - l.freeListMu.Unlock() - if b == nil { - b = new(buffer) - } else { - b.next = nil - b.Reset() - } - return b -} - -// putBuffer returns a buffer to the free list. -func (l *loggingT) putBuffer(b *buffer) { - if b.Len() >= 256 { - // Let big buffers die a natural death. - return - } - l.freeListMu.Lock() - b.next = l.freeList - l.freeList = b - l.freeListMu.Unlock() -} - -var timeNow = time.Now // Stubbed out for testing. - -/* -header formats a log header as defined by the C++ implementation. -It returns a buffer containing the formatted header and the user's file and line number. -The depth specifies how many stack frames above lives the source line to be identified in the log message. - -Log lines have this form: - Lmmdd hh:mm:ss.uuuuuu threadid file:line] msg... -where the fields are defined as follows: - L A single character, representing the log level (eg 'I' for INFO) - mm The month (zero padded; ie May is '05') - dd The day (zero padded) - hh:mm:ss.uuuuuu Time in hours, minutes and fractional seconds - threadid The space-padded thread ID as returned by GetTID() - file The file name - line The line number - msg The user-supplied message -*/ -func (l *loggingT) header(s severity, depth int) (*buffer, string, int) { - _, file, line, ok := runtime.Caller(3 + depth) - if !ok { - file = "???" - line = 1 - } else { - slash := strings.LastIndex(file, "/") - if slash >= 0 { - file = file[slash+1:] - } - } - return l.formatHeader(s, file, line), file, line -} - -// formatHeader formats a log header using the provided file name and line number. -func (l *loggingT) formatHeader(s severity, file string, line int) *buffer { - now := timeNow() - if line < 0 { - line = 0 // not a real line number, but acceptable to someDigits - } - if s > fatalLog { - s = infoLog // for safety. - } - buf := l.getBuffer() - - // Avoid Fprintf, for speed. The format is so simple that we can do it quickly by hand. - // It's worth about 3X. Fprintf is hard. - _, month, day := now.Date() - hour, minute, second := now.Clock() - // Lmmdd hh:mm:ss.uuuuuu threadid file:line] - buf.tmp[0] = severityChar[s] - buf.twoDigits(1, int(month)) - buf.twoDigits(3, day) - buf.tmp[5] = ' ' - buf.twoDigits(6, hour) - buf.tmp[8] = ':' - buf.twoDigits(9, minute) - buf.tmp[11] = ':' - buf.twoDigits(12, second) - buf.tmp[14] = '.' - buf.nDigits(6, 15, now.Nanosecond()/1000, '0') - buf.tmp[21] = ' ' - buf.nDigits(7, 22, pid, ' ') // TODO: should be TID - buf.tmp[29] = ' ' - buf.Write(buf.tmp[:30]) - buf.WriteString(file) - buf.tmp[0] = ':' - n := buf.someDigits(1, line) - buf.tmp[n+1] = ']' - buf.tmp[n+2] = ' ' - buf.Write(buf.tmp[:n+3]) - return buf -} - -// Some custom tiny helper functions to print the log header efficiently. - -const digits = "0123456789" - -// twoDigits formats a zero-prefixed two-digit integer at buf.tmp[i]. -func (buf *buffer) twoDigits(i, d int) { - buf.tmp[i+1] = digits[d%10] - d /= 10 - buf.tmp[i] = digits[d%10] -} - -// nDigits formats an n-digit integer at buf.tmp[i], -// padding with pad on the left. -// It assumes d >= 0. -func (buf *buffer) nDigits(n, i, d int, pad byte) { - j := n - 1 - for ; j >= 0 && d > 0; j-- { - buf.tmp[i+j] = digits[d%10] - d /= 10 - } - for ; j >= 0; j-- { - buf.tmp[i+j] = pad - } -} - -// someDigits formats a zero-prefixed variable-width integer at buf.tmp[i]. -func (buf *buffer) someDigits(i, d int) int { - // Print into the top, then copy down. We know there's space for at least - // a 10-digit number. - j := len(buf.tmp) - for { - j-- - buf.tmp[j] = digits[d%10] - d /= 10 - if d == 0 { - break - } - } - return copy(buf.tmp[i:], buf.tmp[j:]) -} - -func (l *loggingT) println(s severity, args ...interface{}) { - buf, file, line := l.header(s, 0) - fmt.Fprintln(buf, args...) - l.output(s, buf, file, line, false) -} - -func (l *loggingT) print(s severity, args ...interface{}) { - l.printDepth(s, 1, args...) -} - -func (l *loggingT) printDepth(s severity, depth int, args ...interface{}) { - buf, file, line := l.header(s, depth) - fmt.Fprint(buf, args...) - if buf.Bytes()[buf.Len()-1] != '\n' { - buf.WriteByte('\n') - } - l.output(s, buf, file, line, false) -} - -func (l *loggingT) printf(s severity, format string, args ...interface{}) { - buf, file, line := l.header(s, 0) - fmt.Fprintf(buf, format, args...) - if buf.Bytes()[buf.Len()-1] != '\n' { - buf.WriteByte('\n') - } - l.output(s, buf, file, line, false) -} - -// printWithFileLine behaves like print but uses the provided file and line number. If -// alsoLogToStderr is true, the log message always appears on standard error; it -// will also appear in the log file unless --logtostderr is set. -func (l *loggingT) printWithFileLine(s severity, file string, line int, alsoToStderr bool, args ...interface{}) { - buf := l.formatHeader(s, file, line) - fmt.Fprint(buf, args...) - if buf.Bytes()[buf.Len()-1] != '\n' { - buf.WriteByte('\n') - } - l.output(s, buf, file, line, alsoToStderr) -} - -// output writes the data to the log files and releases the buffer. -func (l *loggingT) output(s severity, buf *buffer, file string, line int, alsoToStderr bool) { - l.mu.Lock() - if l.traceLocation.isSet() { - if l.traceLocation.match(file, line) { - buf.Write(stacks(false)) - } - } - data := buf.Bytes() - if !flag.Parsed() { - os.Stderr.Write([]byte("ERROR: logging before flag.Parse: ")) - os.Stderr.Write(data) - } else if l.toStderr { - os.Stderr.Write(data) - } else { - if alsoToStderr || l.alsoToStderr || s >= l.stderrThreshold.get() { - os.Stderr.Write(data) - } - if l.file[s] == nil { - if err := l.createFiles(s); err != nil { - os.Stderr.Write(data) // Make sure the message appears somewhere. - l.exit(err) - } - } - switch s { - case fatalLog: - l.file[fatalLog].Write(data) - fallthrough - case errorLog: - l.file[errorLog].Write(data) - fallthrough - case warningLog: - l.file[warningLog].Write(data) - fallthrough - case infoLog: - l.file[infoLog].Write(data) - } - } - if s == fatalLog { - // If we got here via Exit rather than Fatal, print no stacks. - if atomic.LoadUint32(&fatalNoStacks) > 0 { - l.mu.Unlock() - timeoutFlush(10 * time.Second) - os.Exit(1) - } - // Dump all goroutine stacks before exiting. - // First, make sure we see the trace for the current goroutine on standard error. - // If -logtostderr has been specified, the loop below will do that anyway - // as the first stack in the full dump. - if !l.toStderr { - os.Stderr.Write(stacks(false)) - } - // Write the stack trace for all goroutines to the files. - trace := stacks(true) - logExitFunc = func(error) {} // If we get a write error, we'll still exit below. - for log := fatalLog; log >= infoLog; log-- { - if f := l.file[log]; f != nil { // Can be nil if -logtostderr is set. - f.Write(trace) - } - } - l.mu.Unlock() - timeoutFlush(10 * time.Second) - os.Exit(255) // C++ uses -1, which is silly because it's anded with 255 anyway. - } - l.putBuffer(buf) - l.mu.Unlock() - if stats := severityStats[s]; stats != nil { - atomic.AddInt64(&stats.lines, 1) - atomic.AddInt64(&stats.bytes, int64(len(data))) - } -} - -// timeoutFlush calls Flush and returns when it completes or after timeout -// elapses, whichever happens first. This is needed because the hooks invoked -// by Flush may deadlock when glog.Fatal is called from a hook that holds -// a lock. -func timeoutFlush(timeout time.Duration) { - done := make(chan bool, 1) - go func() { - Flush() // calls logging.lockAndFlushAll() - done <- true - }() - select { - case <-done: - case <-time.After(timeout): - fmt.Fprintln(os.Stderr, "glog: Flush took longer than", timeout) - } -} - -// stacks is a wrapper for runtime.Stack that attempts to recover the data for all goroutines. -func stacks(all bool) []byte { - // We don't know how big the traces are, so grow a few times if they don't fit. Start large, though. - n := 10000 - if all { - n = 100000 - } - var trace []byte - for i := 0; i < 5; i++ { - trace = make([]byte, n) - nbytes := runtime.Stack(trace, all) - if nbytes < len(trace) { - return trace[:nbytes] - } - n *= 2 - } - return trace -} - -// logExitFunc provides a simple mechanism to override the default behavior -// of exiting on error. Used in testing and to guarantee we reach a required exit -// for fatal logs. Instead, exit could be a function rather than a method but that -// would make its use clumsier. -var logExitFunc func(error) - -// exit is called if there is trouble creating or writing log files. -// It flushes the logs and exits the program; there's no point in hanging around. -// l.mu is held. -func (l *loggingT) exit(err error) { - fmt.Fprintf(os.Stderr, "log: exiting because of error: %s\n", err) - // If logExitFunc is set, we do that instead of exiting. - if logExitFunc != nil { - logExitFunc(err) - return - } - l.flushAll() - os.Exit(2) -} - -// syncBuffer joins a bufio.Writer to its underlying file, providing access to the -// file's Sync method and providing a wrapper for the Write method that provides log -// file rotation. There are conflicting methods, so the file cannot be embedded. -// l.mu is held for all its methods. -type syncBuffer struct { - logger *loggingT - *bufio.Writer - file *os.File - sev severity - nbytes uint64 // The number of bytes written to this file -} - -func (sb *syncBuffer) Sync() error { - return sb.file.Sync() -} - -func (sb *syncBuffer) Write(p []byte) (n int, err error) { - if sb.nbytes+uint64(len(p)) >= MaxSize { - if err := sb.rotateFile(time.Now()); err != nil { - sb.logger.exit(err) - } - } - n, err = sb.Writer.Write(p) - sb.nbytes += uint64(n) - if err != nil { - sb.logger.exit(err) - } - return -} - -// rotateFile closes the syncBuffer's file and starts a new one. -func (sb *syncBuffer) rotateFile(now time.Time) error { - if sb.file != nil { - sb.Flush() - sb.file.Close() - } - var err error - sb.file, _, err = create(severityName[sb.sev], now) - sb.nbytes = 0 - if err != nil { - return err - } - - sb.Writer = bufio.NewWriterSize(sb.file, bufferSize) - - // Write header. - var buf bytes.Buffer - fmt.Fprintf(&buf, "Log file created at: %s\n", now.Format("2006/01/02 15:04:05")) - fmt.Fprintf(&buf, "Running on machine: %s\n", host) - fmt.Fprintf(&buf, "Binary: Built with %s %s for %s/%s\n", runtime.Compiler, runtime.Version(), runtime.GOOS, runtime.GOARCH) - fmt.Fprintf(&buf, "Log line format: [IWEF]mmdd hh:mm:ss.uuuuuu threadid file:line] msg\n") - n, err := sb.file.Write(buf.Bytes()) - sb.nbytes += uint64(n) - return err -} - -// bufferSize sizes the buffer associated with each log file. It's large -// so that log records can accumulate without the logging thread blocking -// on disk I/O. The flushDaemon will block instead. -const bufferSize = 256 * 1024 - -// createFiles creates all the log files for severity from sev down to infoLog. -// l.mu is held. -func (l *loggingT) createFiles(sev severity) error { - now := time.Now() - // Files are created in decreasing severity order, so as soon as we find one - // has already been created, we can stop. - for s := sev; s >= infoLog && l.file[s] == nil; s-- { - sb := &syncBuffer{ - logger: l, - sev: s, - } - if err := sb.rotateFile(now); err != nil { - return err - } - l.file[s] = sb - } - return nil -} - -const flushInterval = 30 * time.Second - -// flushDaemon periodically flushes the log file buffers. -func (l *loggingT) flushDaemon() { - for _ = range time.NewTicker(flushInterval).C { - l.lockAndFlushAll() - } -} - -// lockAndFlushAll is like flushAll but locks l.mu first. -func (l *loggingT) lockAndFlushAll() { - l.mu.Lock() - l.flushAll() - l.mu.Unlock() -} - -// flushAll flushes all the logs and attempts to "sync" their data to disk. -// l.mu is held. -func (l *loggingT) flushAll() { - // Flush from fatal down, in case there's trouble flushing. - for s := fatalLog; s >= infoLog; s-- { - file := l.file[s] - if file != nil { - file.Flush() // ignore error - file.Sync() // ignore error - } - } -} - -// CopyStandardLogTo arranges for messages written to the Go "log" package's -// default logs to also appear in the Google logs for the named and lower -// severities. Subsequent changes to the standard log's default output location -// or format may break this behavior. -// -// Valid names are "INFO", "WARNING", "ERROR", and "FATAL". If the name is not -// recognized, CopyStandardLogTo panics. -func CopyStandardLogTo(name string) { - sev, ok := severityByName(name) - if !ok { - panic(fmt.Sprintf("log.CopyStandardLogTo(%q): unrecognized severity name", name)) - } - // Set a log format that captures the user's file and line: - // d.go:23: message - stdLog.SetFlags(stdLog.Lshortfile) - stdLog.SetOutput(logBridge(sev)) -} - -// logBridge provides the Write method that enables CopyStandardLogTo to connect -// Go's standard logs to the logs provided by this package. -type logBridge severity - -// Write parses the standard logging line and passes its components to the -// logger for severity(lb). -func (lb logBridge) Write(b []byte) (n int, err error) { - var ( - file = "???" - line = 1 - text string - ) - // Split "d.go:23: message" into "d.go", "23", and "message". - if parts := bytes.SplitN(b, []byte{':'}, 3); len(parts) != 3 || len(parts[0]) < 1 || len(parts[2]) < 1 { - text = fmt.Sprintf("bad log format: %s", b) - } else { - file = string(parts[0]) - text = string(parts[2][1:]) // skip leading space - line, err = strconv.Atoi(string(parts[1])) - if err != nil { - text = fmt.Sprintf("bad line number: %s", b) - line = 1 - } - } - // printWithFileLine with alsoToStderr=true, so standard log messages - // always appear on standard error. - logging.printWithFileLine(severity(lb), file, line, true, text) - return len(b), nil -} - -// setV computes and remembers the V level for a given PC -// when vmodule is enabled. -// File pattern matching takes the basename of the file, stripped -// of its .go suffix, and uses filepath.Match, which is a little more -// general than the *? matching used in C++. -// l.mu is held. -func (l *loggingT) setV(pc uintptr) Level { - fn := runtime.FuncForPC(pc) - file, _ := fn.FileLine(pc) - // The file is something like /a/b/c/d.go. We want just the d. - if strings.HasSuffix(file, ".go") { - file = file[:len(file)-3] - } - if slash := strings.LastIndex(file, "/"); slash >= 0 { - file = file[slash+1:] - } - for _, filter := range l.vmodule.filter { - if filter.match(file) { - l.vmap[pc] = filter.level - return filter.level - } - } - l.vmap[pc] = 0 - return 0 -} - -// Verbose is a boolean type that implements Infof (like Printf) etc. -// See the documentation of V for more information. -type Verbose bool - -// V reports whether verbosity at the call site is at least the requested level. -// The returned value is a boolean of type Verbose, which implements Info, Infoln -// and Infof. These methods will write to the Info log if called. -// Thus, one may write either -// if glog.V(2) { glog.Info("log this") } -// or -// glog.V(2).Info("log this") -// The second form is shorter but the first is cheaper if logging is off because it does -// not evaluate its arguments. -// -// Whether an individual call to V generates a log record depends on the setting of -// the -v and --vmodule flags; both are off by default. If the level in the call to -// V is at least the value of -v, or of -vmodule for the source file containing the -// call, the V call will log. -func V(level Level) Verbose { - // This function tries hard to be cheap unless there's work to do. - // The fast path is two atomic loads and compares. - - // Here is a cheap but safe test to see if V logging is enabled globally. - if logging.verbosity.get() >= level { - return Verbose(true) - } - - // It's off globally but it vmodule may still be set. - // Here is another cheap but safe test to see if vmodule is enabled. - if atomic.LoadInt32(&logging.filterLength) > 0 { - // Now we need a proper lock to use the logging structure. The pcs field - // is shared so we must lock before accessing it. This is fairly expensive, - // but if V logging is enabled we're slow anyway. - logging.mu.Lock() - defer logging.mu.Unlock() - if runtime.Callers(2, logging.pcs[:]) == 0 { - return Verbose(false) - } - v, ok := logging.vmap[logging.pcs[0]] - if !ok { - v = logging.setV(logging.pcs[0]) - } - return Verbose(v >= level) - } - return Verbose(false) -} - -// Info is equivalent to the global Info function, guarded by the value of v. -// See the documentation of V for usage. -func (v Verbose) Info(args ...interface{}) { - if v { - logging.print(infoLog, args...) - } -} - -// Infoln is equivalent to the global Infoln function, guarded by the value of v. -// See the documentation of V for usage. -func (v Verbose) Infoln(args ...interface{}) { - if v { - logging.println(infoLog, args...) - } -} - -// Infof is equivalent to the global Infof function, guarded by the value of v. -// See the documentation of V for usage. -func (v Verbose) Infof(format string, args ...interface{}) { - if v { - logging.printf(infoLog, format, args...) - } -} - -// Info logs to the INFO log. -// Arguments are handled in the manner of fmt.Print; a newline is appended if missing. -func Info(args ...interface{}) { - logging.print(infoLog, args...) -} - -// InfoDepth acts as Info but uses depth to determine which call frame to log. -// InfoDepth(0, "msg") is the same as Info("msg"). -func InfoDepth(depth int, args ...interface{}) { - logging.printDepth(infoLog, depth, args...) -} - -// Infoln logs to the INFO log. -// Arguments are handled in the manner of fmt.Println; a newline is appended if missing. -func Infoln(args ...interface{}) { - logging.println(infoLog, args...) -} - -// Infof logs to the INFO log. -// Arguments are handled in the manner of fmt.Printf; a newline is appended if missing. -func Infof(format string, args ...interface{}) { - logging.printf(infoLog, format, args...) -} - -// Warning logs to the WARNING and INFO logs. -// Arguments are handled in the manner of fmt.Print; a newline is appended if missing. -func Warning(args ...interface{}) { - logging.print(warningLog, args...) -} - -// WarningDepth acts as Warning but uses depth to determine which call frame to log. -// WarningDepth(0, "msg") is the same as Warning("msg"). -func WarningDepth(depth int, args ...interface{}) { - logging.printDepth(warningLog, depth, args...) -} - -// Warningln logs to the WARNING and INFO logs. -// Arguments are handled in the manner of fmt.Println; a newline is appended if missing. -func Warningln(args ...interface{}) { - logging.println(warningLog, args...) -} - -// Warningf logs to the WARNING and INFO logs. -// Arguments are handled in the manner of fmt.Printf; a newline is appended if missing. -func Warningf(format string, args ...interface{}) { - logging.printf(warningLog, format, args...) -} - -// Error logs to the ERROR, WARNING, and INFO logs. -// Arguments are handled in the manner of fmt.Print; a newline is appended if missing. -func Error(args ...interface{}) { - logging.print(errorLog, args...) -} - -// ErrorDepth acts as Error but uses depth to determine which call frame to log. -// ErrorDepth(0, "msg") is the same as Error("msg"). -func ErrorDepth(depth int, args ...interface{}) { - logging.printDepth(errorLog, depth, args...) -} - -// Errorln logs to the ERROR, WARNING, and INFO logs. -// Arguments are handled in the manner of fmt.Println; a newline is appended if missing. -func Errorln(args ...interface{}) { - logging.println(errorLog, args...) -} - -// Errorf logs to the ERROR, WARNING, and INFO logs. -// Arguments are handled in the manner of fmt.Printf; a newline is appended if missing. -func Errorf(format string, args ...interface{}) { - logging.printf(errorLog, format, args...) -} - -// Fatal logs to the FATAL, ERROR, WARNING, and INFO logs, -// including a stack trace of all running goroutines, then calls os.Exit(255). -// Arguments are handled in the manner of fmt.Print; a newline is appended if missing. -func Fatal(args ...interface{}) { - logging.print(fatalLog, args...) -} - -// FatalDepth acts as Fatal but uses depth to determine which call frame to log. -// FatalDepth(0, "msg") is the same as Fatal("msg"). -func FatalDepth(depth int, args ...interface{}) { - logging.printDepth(fatalLog, depth, args...) -} - -// Fatalln logs to the FATAL, ERROR, WARNING, and INFO logs, -// including a stack trace of all running goroutines, then calls os.Exit(255). -// Arguments are handled in the manner of fmt.Println; a newline is appended if missing. -func Fatalln(args ...interface{}) { - logging.println(fatalLog, args...) -} - -// Fatalf logs to the FATAL, ERROR, WARNING, and INFO logs, -// including a stack trace of all running goroutines, then calls os.Exit(255). -// Arguments are handled in the manner of fmt.Printf; a newline is appended if missing. -func Fatalf(format string, args ...interface{}) { - logging.printf(fatalLog, format, args...) -} - -// fatalNoStacks is non-zero if we are to exit without dumping goroutine stacks. -// It allows Exit and relatives to use the Fatal logs. -var fatalNoStacks uint32 - -// Exit logs to the FATAL, ERROR, WARNING, and INFO logs, then calls os.Exit(1). -// Arguments are handled in the manner of fmt.Print; a newline is appended if missing. -func Exit(args ...interface{}) { - atomic.StoreUint32(&fatalNoStacks, 1) - logging.print(fatalLog, args...) -} - -// ExitDepth acts as Exit but uses depth to determine which call frame to log. -// ExitDepth(0, "msg") is the same as Exit("msg"). -func ExitDepth(depth int, args ...interface{}) { - atomic.StoreUint32(&fatalNoStacks, 1) - logging.printDepth(fatalLog, depth, args...) -} - -// Exitln logs to the FATAL, ERROR, WARNING, and INFO logs, then calls os.Exit(1). -func Exitln(args ...interface{}) { - atomic.StoreUint32(&fatalNoStacks, 1) - logging.println(fatalLog, args...) -} - -// Exitf logs to the FATAL, ERROR, WARNING, and INFO logs, then calls os.Exit(1). -// Arguments are handled in the manner of fmt.Printf; a newline is appended if missing. -func Exitf(format string, args ...interface{}) { - atomic.StoreUint32(&fatalNoStacks, 1) - logging.printf(fatalLog, format, args...) -} diff --git a/vendor/github.com/golang/glog/glog_file.go b/vendor/github.com/golang/glog/glog_file.go deleted file mode 100644 index 65075d281110..000000000000 --- a/vendor/github.com/golang/glog/glog_file.go +++ /dev/null @@ -1,124 +0,0 @@ -// Go support for leveled logs, analogous to https://code.google.com/p/google-glog/ -// -// Copyright 2013 Google Inc. All Rights Reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// File I/O for logs. - -package glog - -import ( - "errors" - "flag" - "fmt" - "os" - "os/user" - "path/filepath" - "strings" - "sync" - "time" -) - -// MaxSize is the maximum size of a log file in bytes. -var MaxSize uint64 = 1024 * 1024 * 1800 - -// logDirs lists the candidate directories for new log files. -var logDirs []string - -// If non-empty, overrides the choice of directory in which to write logs. -// See createLogDirs for the full list of possible destinations. -var logDir = flag.String("log_dir", "", "If non-empty, write log files in this directory") - -func createLogDirs() { - if *logDir != "" { - logDirs = append(logDirs, *logDir) - } - logDirs = append(logDirs, os.TempDir()) -} - -var ( - pid = os.Getpid() - program = filepath.Base(os.Args[0]) - host = "unknownhost" - userName = "unknownuser" -) - -func init() { - h, err := os.Hostname() - if err == nil { - host = shortHostname(h) - } - - current, err := user.Current() - if err == nil { - userName = current.Username - } - - // Sanitize userName since it may contain filepath separators on Windows. - userName = strings.Replace(userName, `\`, "_", -1) -} - -// shortHostname returns its argument, truncating at the first period. -// For instance, given "www.google.com" it returns "www". -func shortHostname(hostname string) string { - if i := strings.Index(hostname, "."); i >= 0 { - return hostname[:i] - } - return hostname -} - -// logName returns a new log file name containing tag, with start time t, and -// the name for the symlink for tag. -func logName(tag string, t time.Time) (name, link string) { - name = fmt.Sprintf("%s.%s.%s.log.%s.%04d%02d%02d-%02d%02d%02d.%d", - program, - host, - userName, - tag, - t.Year(), - t.Month(), - t.Day(), - t.Hour(), - t.Minute(), - t.Second(), - pid) - return name, program + "." + tag -} - -var onceLogDirs sync.Once - -// create creates a new log file and returns the file and its filename, which -// contains tag ("INFO", "FATAL", etc.) and t. If the file is created -// successfully, create also attempts to update the symlink for that tag, ignoring -// errors. -func create(tag string, t time.Time) (f *os.File, filename string, err error) { - onceLogDirs.Do(createLogDirs) - if len(logDirs) == 0 { - return nil, "", errors.New("log: no log dirs") - } - name, link := logName(tag, t) - var lastErr error - for _, dir := range logDirs { - fname := filepath.Join(dir, name) - f, err := os.Create(fname) - if err == nil { - symlink := filepath.Join(dir, link) - os.Remove(symlink) // ignore err - os.Symlink(name, symlink) // ignore err - return f, fname, nil - } - lastErr = err - } - return nil, "", fmt.Errorf("log: cannot create log: %v", lastErr) -} From 3624019d83460b3bfd66d1062538cd62b1463d86 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 15 Feb 2022 16:37:07 +0100 Subject: [PATCH 111/127] [20.10] update Go to 1.16.13 go1.16.13 (released 2022-01-06) includes fixes to the compiler, linker, runtime, and the net/http package. See the Go 1.16.13 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.13+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- appveyor.yml | 2 +- dockerfiles/Dockerfile.dev | 2 +- dockerfiles/Dockerfile.lint | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index c94d8d94075d..829d9eb3147e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.16.12 +ARG GO_VERSION=1.16.13 ARG XX_VERSION=1.0.0-rc.2 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable diff --git a/appveyor.yml b/appveyor.yml index 3634dbd1d9be..69c5c4792d15 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.16.12 + GOVERSION: 1.16.13 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index 536d6a2fcba2..6b1ec5efb553 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.12 +ARG GO_VERSION=1.16.13 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 2b54d8162e7d..4166fcf31e54 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.12 +ARG GO_VERSION=1.16.13 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build From fd5fc61ecd6da944c7b12c4e99922b29fe3148d4 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 15 Feb 2022 16:37:47 +0100 Subject: [PATCH 112/127] [20.10] Update Go to 1.16.14 Includes security fixes for crypto/elliptic (CVE-2022-23806), math/big (CVE-2022-23772), and cmd/go (CVE-2022-23773). go1.16.14 (released 2022-02-10) includes security fixes to the crypto/elliptic, math/big packages and to the go command, as well as bug fixes to the compiler, linker, runtime, the go command, and the debug/macho, debug/pe, net/http/httptest, and testing packages. See the Go 1.16.14 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.14+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.16.13...go1.16.14 Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- appveyor.yml | 2 +- dockerfiles/Dockerfile.dev | 2 +- dockerfiles/Dockerfile.lint | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 829d9eb3147e..4873c4199742 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.16.13 +ARG GO_VERSION=1.16.14 ARG XX_VERSION=1.0.0-rc.2 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable diff --git a/appveyor.yml b/appveyor.yml index 69c5c4792d15..1eb859867311 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.16.13 + GOVERSION: 1.16.14 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index 6b1ec5efb553..3e93340225ed 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.13 +ARG GO_VERSION=1.16.14 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 4166fcf31e54..95e572d47560 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.13 +ARG GO_VERSION=1.16.14 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build From 5c6723d080bcb0f1e8f9d9994ab2ea11a88cc955 Mon Sep 17 00:00:00 2001 From: Zeel B Patel Date: Sun, 30 Jan 2022 13:53:43 +0530 Subject: [PATCH 113/127] Correct device syntax to --gpus Signed-off-by: Zeel B Patel (cherry picked from commit 2d6ebd1e3e8d9788a36423f7af6b90a57d074067) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/run.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index eb6906a01516..85e7b1521dfd 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -634,7 +634,7 @@ $ docker run -it --rm --gpus device=GPU-3a23c669-1f69-c64e-cf85-44e9b07e7a2a ubu The example below exposes the first and third GPUs. ```console -$ docker run -it --rm --gpus device=0,2 nvidia-smi +$ docker run -it --rm --gpus '"device=0,2"' nvidia-smi ``` ### Restart policies (--restart) From c9737e1c3792e0f4bdf059459d9077fd6edf18c3 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 11 Jan 2022 12:21:11 +0100 Subject: [PATCH 114/127] docs/daemon: replace deprecated '-g' option for '--data-root' Signed-off-by: Sebastiaan van Stijn (cherry picked from commit ae3a61439bac0c309066e9196e4c7413b317b0da) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/dockerd.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index 5f7a8d66d39c..c70be133c3d5 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -115,8 +115,8 @@ Options with [] may be specified multiple times. uses different binaries for the daemon and client. To run the daemon you type `dockerd`. -To run the daemon with debug output, use `dockerd -D` or add `"debug": true` to -the `daemon.json` file. +To run the daemon with debug output, use `dockerd --debug` or add `"debug": true` +to [the `daemon.json` file](#daemon-configuration-file). > **Enabling experimental features** > @@ -312,7 +312,7 @@ article explains how to tune your existing setup without the use of options. The `btrfs` driver is very fast for `docker build` - but like `devicemapper` does not share executable memory between devices. Use -`dockerd -s btrfs -g /mnt/btrfs_partition`. +`dockerd --storage-driver btrfs --data-root /mnt/btrfs_partition`. The `zfs` driver is probably not as fast as `btrfs` but has a longer track record on stability. Thanks to `Single Copy ARC` shared blocks between clones will be @@ -1233,14 +1233,14 @@ for `/var/lib/docker/tmp`. The `DOCKER_TMPDIR` and the data directory can be set like this: ```console -$ DOCKER_TMPDIR=/mnt/disk2/tmp /usr/local/bin/dockerd -D -g /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1 +$ DOCKER_TMPDIR=/mnt/disk2/tmp /usr/local/bin/dockerd --data-root /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1 ``` or ```console $ export DOCKER_TMPDIR=/mnt/disk2/tmp -$ /usr/local/bin/dockerd -D -g /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1 +$ /usr/local/bin/dockerd --data-root /var/lib/docker -H unix:// > /var/lib/docker-machine/docker.log 2>&1 ```` #### Default cgroup parent From 40fe0573aaa27f12f62ba8d9acf2e1788c9cbede Mon Sep 17 00:00:00 2001 From: Mike Dalton <19153140+mikedalton@users.noreply.github.com> Date: Wed, 8 Dec 2021 16:48:38 +0900 Subject: [PATCH 115/127] Update Ubuntu version number references in push.md Ubuntu version references were a mixture of 14.04 (in descriptions) and 20.04 (in example code). Updated description references to 20.04 to match example code. Signed-off-by: Mike Dalton (cherry picked from commit 6ad2ceba3c9732e7e039f182f1761951bc7f837a) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/pull.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/reference/commandline/pull.md b/docs/reference/commandline/pull.md index cb65b32a2883..faa90ab681de 100644 --- a/docs/reference/commandline/pull.md +++ b/docs/reference/commandline/pull.md @@ -109,8 +109,8 @@ refer to [understand images, containers, and storage drivers](https://docs.docke So far, you've pulled images by their name (and "tag"). Using names and tags is a convenient way to work with images. When using tags, you can `docker pull` an image again to make sure you have the most up-to-date version of that image. -For example, `docker pull ubuntu:14.04` pulls the latest version of the Ubuntu -14.04 image. +For example, `docker pull ubuntu:20.04` pulls the latest version of the Ubuntu +20.04 image. In some cases you don't want images to be updated to newer versions, but prefer to use a fixed version of an image. Docker enables you to pull an image by its @@ -119,7 +119,7 @@ of an image to pull. Doing so, allows you to "pin" an image to that version, and guarantee that the image you're using is always the same. To know the digest of an image, pull the image first. Let's pull the latest -`ubuntu:14.04` image from Docker Hub: +`ubuntu:20.04` image from Docker Hub: ```console $ docker pull ubuntu:20.04 From aa78937634612f4f5f58e6ef6d8aed35d32c5571 Mon Sep 17 00:00:00 2001 From: Pieter E Smit Date: Mon, 13 Dec 2021 11:39:33 +1300 Subject: [PATCH 116/127] Update stats.md add example json output Signed-off-by: Pieter E Smit (cherry picked from commit a1204a50b79dab091600e4e624aba7ce3b09a354) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/stats.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/reference/commandline/stats.md b/docs/reference/commandline/stats.md index 466b7ff12010..754a2f2316ff 100644 --- a/docs/reference/commandline/stats.md +++ b/docs/reference/commandline/stats.md @@ -85,6 +85,13 @@ b95a83497c91 awesome_brattain 0.28% 5.629MiB / 1.952GiB 67b2525d8ad1 foobar 0.00% 1.727MiB / 1.952GiB 0.09% 2.48kB / 0B 4.11MB / 0B 2 ``` +Running `docker stats` on container with name nginx and getting output in `json` format. + +```console +$ docker stats nginx --no-stream --format "{{ json . }}" +{"BlockIO":"0B / 13.3kB","CPUPerc":"0.03%","Container":"nginx","ID":"ed37317fbf42","MemPerc":"0.24%","MemUsage":"2.352MiB / 982.5MiB","Name":"nginx","NetIO":"539kB / 606kB","PIDs":"2"} +``` + Running `docker stats` with customized format on all (Running and Stopped) containers. ```console From e97c7b240ebe08fa6084db4957254c86333d704b Mon Sep 17 00:00:00 2001 From: jlecordier Date: Wed, 8 Dec 2021 18:02:45 +0100 Subject: [PATCH 117/127] added missing closing parenthese Signed-off-by: jlecordier (cherry picked from commit a185143707f4f159bc96709ad8a718450b9f7c8b) Signed-off-by: Sebastiaan van Stijn --- docs/reference/builder.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index 1b214f65d4e8..526542938f42 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -112,7 +112,7 @@ instructions. Whenever possible, Docker uses a build-cache to accelerate the `docker build` process significantly. This is indicated by the `CACHED` message in the console -output. (For more information, see the [`Dockerfile` best practices guide](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/): +output. (For more information, see the [`Dockerfile` best practices guide](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/)): ```console $ docker build -t svendowideit/ambassador . From f1002eb9fbb381af4214f95f58a185c07543a929 Mon Sep 17 00:00:00 2001 From: Sandro Date: Mon, 18 Oct 2021 14:49:18 +0200 Subject: [PATCH 118/127] Fix typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sandro Jäckel (cherry picked from commit 2725f09873812976c58bf7026d7f877f30fc41ff) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/run.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index 85e7b1521dfd..f8d8074010cc 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -719,7 +719,7 @@ $ docker run --ulimit nofile=1024:1024 --rm debian sh -c "ulimit -n" > In other words, the following script is not supported: > > ```console -> $ docker run -it --ulimit as=1024 fedora /bin/bash` +> $ docker run -it --ulimit as=1024 fedora /bin/bash > ``` The values are sent to the appropriate `syscall` as they are set. From 4065e1246e96d246ba1a28143e35a7aefcabf53b Mon Sep 17 00:00:00 2001 From: Gsealy Date: Thu, 2 Sep 2021 10:30:57 +0800 Subject: [PATCH 119/127] format create.md table Signed-off-by: Gsealy (cherry picked from commit b0ec87afd72e53dd7457a98d319bbfc375db2fc4) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/create.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/docs/reference/commandline/create.md b/docs/reference/commandline/create.md index 5aa84eb2ae5a..d24caf7b721c 100644 --- a/docs/reference/commandline/create.md +++ b/docs/reference/commandline/create.md @@ -224,12 +224,11 @@ technology. On Linux, the only supported is the `default` option which uses Linux namespaces. On Microsoft Windows, you can specify these values: -| Value | Description | -|-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `default` | Use the value specified by the Docker daemon's `--exec-opt` . If the `daemon` does not specify an isolation technology, Microsoft Windows uses `process` as its default value if the -daemon is running on Windows server, or `hyperv` if running on Windows client. | -| `process` | Namespace isolation only. | -| `hyperv` | Hyper-V hypervisor partition-based isolation. | +| Value | Description | +| --------- | ------------------------------------------------------------ | +| `default` | Use the value specified by the Docker daemon's `--exec-opt` . If the `daemon` does not specify an isolation technology, Microsoft Windows uses `process` as its default value if the daemon is running on Windows server, or `hyperv` if running on Windows client. | +| `process` | Namespace isolation only. | +| `hyperv` | Hyper-V hypervisor partition-based isolation. | Specifying the `--isolation` flag without a value is the same as setting `--isolation="default"`. From b721998b7b88311828829fa74a3713206f7e690f Mon Sep 17 00:00:00 2001 From: Brad Baker <88946291+brdbkr@users.noreply.github.com> Date: Thu, 26 Aug 2021 02:36:25 -0400 Subject: [PATCH 120/127] Fixing typo (his --> its) Signed-off-by: Brad Baker (cherry picked from commit 172b2dc37e21bfe37a169cfb7ac6ba1ce8ed9f56) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/run.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index f8d8074010cc..2878ddbdfcdc 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -348,7 +348,7 @@ explains in detail how to manipulate ports in Docker. Note that ports which are not bound to the host (i.e., `-p 80:80` instead of `-p 127.0.0.1:80:80`) will be accessible from the outside. This also applies if -you configured UFW to block this specific port, as Docker manages his +you configured UFW to block this specific port, as Docker manages its own iptables rules. [Read more](https://docs.docker.com/network/iptables/) ```console From 04104a04d35805e8670de2abb605c4cb4f5d72c6 Mon Sep 17 00:00:00 2001 From: Leonid Skorospelov Date: Thu, 29 Jul 2021 13:55:41 +0000 Subject: [PATCH 121/127] Update dockerd.md Simple typo Signed-off-by: Leonid Skorospelov (cherry picked from commit 0ca2d25ba84366b141db44bccce8c39b9104af72) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/dockerd.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index c70be133c3d5..c016da6081e7 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -1554,7 +1554,7 @@ The list of currently supported options that can be reconfigured is this: be used to run containers. - `authorization-plugin`: it specifies the authorization plugins to use. - `allow-nondistributable-artifacts`: Replaces the set of registries to which the daemon will push nondistributable artifacts with a new set of registries. -- `insecure-registries`: it replaces the daemon insecure registries with a new set of insecure registries. If some existing insecure registries in daemon's configuration are not in newly reloaded insecure resgitries, these existing ones will be removed from daemon's config. +- `insecure-registries`: it replaces the daemon insecure registries with a new set of insecure registries. If some existing insecure registries in daemon's configuration are not in newly reloaded insecure registries, these existing ones will be removed from daemon's config. - `registry-mirrors`: it replaces the daemon registry mirrors with a new set of registry mirrors. If some existing registry mirrors in daemon's configuration are not in newly reloaded registry mirrors, these existing ones will be removed from daemon's config. - `shutdown-timeout`: it replaces the daemon's existing configuration timeout with a new timeout for shutting down all containers. - `features`: it explicitly enables or disables specific features. From c0e952cf0427b8c2daf1f78b7615c537cb97348d Mon Sep 17 00:00:00 2001 From: Takuya Noguchi Date: Mon, 28 Jun 2021 06:03:28 +0000 Subject: [PATCH 122/127] Fix the (dead) link for docs for Dockerfile syntax reference This change will update the docs at https://docs.docker.com/engine/reference/builder/#buildkit This change is required by https://github.com/moby/buildkit/pull/1884 Signed-off-by: Takuya Noguchi (cherry picked from commit 0c723fd68ae75a69090fad4a858d32e014b79b0a) Signed-off-by: Sebastiaan van Stijn --- docs/reference/builder.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index 526542938f42..ce14b741c3f3 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -159,8 +159,8 @@ implementation. For example, BuildKit can: To use the BuildKit backend, you need to set an environment variable `DOCKER_BUILDKIT=1` on the CLI before invoking `docker build`. -To learn about the experimental Dockerfile syntax available to BuildKit-based -builds [refer to the documentation in the BuildKit repository](https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/experimental.md). +To learn about the Dockerfile syntax available to BuildKit-based +builds [refer to the documentation in the BuildKit repository](https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/syntax.md). ## Format From 62d27c32ffd5042e79b0e3acebb134e384754b65 Mon Sep 17 00:00:00 2001 From: Govind Rai Date: Wed, 16 Jun 2021 16:47:28 -0700 Subject: [PATCH 123/127] Update WORKDIR command information Signed-off-by: Govind Rai (cherry picked from commit e12aade59585f360e3f87def2c67699c7feaf95d) Signed-off-by: Sebastiaan van Stijn --- docs/reference/builder.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index ce14b741c3f3..7e73282a7c00 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -1824,6 +1824,11 @@ RUN pwd The output of the final `pwd` command in this `Dockerfile` would be `/path/$DIRNAME` +If not specified, the default working directory is `/`. In practice, if you aren't building a Dockerfile from scratch (`FROM scratch`), +the `WORKDIR` may likely be set by the base image you're using. + +Therefore, to avoid unintended operations in unknown directories, it is best practice to set your `WORKDIR` explicitly. + ## ARG ```dockerfile From 700364e3045be6eef86f8d2e7645e2f6df92f709 Mon Sep 17 00:00:00 2001 From: Jon Zeolla Date: Mon, 22 Feb 2021 16:00:43 -0500 Subject: [PATCH 124/127] Fix mistake with env var example in docker run docs Signed-off-by: Jon Zeolla (cherry picked from commit cb1bb72fd9956ab572fc202305e975c76dc666f4) Signed-off-by: Sebastiaan van Stijn --- docs/reference/commandline/run.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index 2878ddbdfcdc..efead707352c 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -403,10 +403,10 @@ VAR1=value1 VAR2=value2 USER -$ docker run --env-file env.list ubuntu env | grep VAR +$ docker run --env-file env.list ubuntu env | grep -E 'VAR|USER' VAR1=value1 VAR2=value2 -USER=denis +USER=jonzeolla ``` ### Set metadata on container (-l, --label, --label-file) From a282e0c5d20c770870402079c335dac42b97bf01 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 4 Mar 2022 16:45:28 +0100 Subject: [PATCH 125/127] [20.10] update to go 1.16.15 to address CVE-2022-24921 Addresses [CVE-2022-24921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24921) go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax package, as well as bug fixes to the compiler, runtime, the go command, and to the net package. See the Go 1.16.15 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.15+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.16.14...go1.16.15 Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- appveyor.yml | 2 +- dockerfiles/Dockerfile.dev | 2 +- dockerfiles/Dockerfile.lint | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4873c4199742..955c280e9d6a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.3 ARG BASE_VARIANT=alpine -ARG GO_VERSION=1.16.14 +ARG GO_VERSION=1.16.15 ARG XX_VERSION=1.0.0-rc.2 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} AS gostable diff --git a/appveyor.yml b/appveyor.yml index 1eb859867311..af219dc3587e 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli environment: GOPATH: c:\gopath - GOVERSION: 1.16.14 + GOVERSION: 1.16.15 DEPVERSION: v0.4.1 install: diff --git a/dockerfiles/Dockerfile.dev b/dockerfiles/Dockerfile.dev index 3e93340225ed..cf8ab33c4864 100644 --- a/dockerfiles/Dockerfile.dev +++ b/dockerfiles/Dockerfile.dev @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.14 +ARG GO_VERSION=1.16.15 FROM golang:${GO_VERSION}-alpine AS golang ENV CGO_ENABLED=0 diff --git a/dockerfiles/Dockerfile.lint b/dockerfiles/Dockerfile.lint index 95e572d47560..e48fd23d788f 100644 --- a/dockerfiles/Dockerfile.lint +++ b/dockerfiles/Dockerfile.lint @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1.3 -ARG GO_VERSION=1.16.14 +ARG GO_VERSION=1.16.15 ARG GOLANGCI_LINTER_SHA="v1.21.0" FROM golang:${GO_VERSION}-alpine AS build From 0a0527953cdac466ea356ce950bb95e671bc47cc Mon Sep 17 00:00:00 2001 From: "O. El Hosami" Date: Thu, 23 Sep 2021 20:05:08 +0200 Subject: [PATCH 126/127] Add main CI workflow --- .github/workflows/ci.yml | 120 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 120 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 000000000000..5374f05e535c --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,120 @@ +name: CI + +on: + push: + branches: + - master + - 'release/**' + pull_request: + branches: + - master + - 'release/**' + +env: + PLATFORM: Docker Engine - WAGO (Community) + DEFAULT_PRODUCT_LICENSE: Community Engine + DOCKER_GITCOMMIT: ${{ github.sha }} + DOCKER_EXPERIMENTAL: 1 + DOCKER_GRAPHDRIVER: overlay2 + BUILDKIT_PROGRESS: plain + BASE_DEBIAN_DISTRO: buster + GO_VERSION: 1.16.7 + APT_MIRROR: cdn-fastly.deb.debian.org + CHECK_CONFIG_COMMIT: 78405559cfe5987174aa2cb6463b9b2c1b917255 + TESTDEBUG: 0 + TIMEOUT: 120m + BUILD_OUTPUT: build + VERSION: '20.10-dev' + +jobs: + build-static-binary: + + strategy: + fail-fast: false + matrix: + include: + - arch: amd64 + platform: linux/amd64 + - arch: arm32v7 + platform: linux/arm/v7 + + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up node for Docker make + id: setup-docker-make + uses: WAGO/docker-actions/setup-docker-make@release/v1.0 + with: + golang-version: ${{ env.GO_VERSION }} + base-debian-distro: ${{ env.BASE_DEBIAN_DISTRO }} + host-arch: ${{ matrix.arch }} + target-platform: ${{ matrix.platform }} + check-config-commit: ${{ env.CHECK_CONFIG_COMMIT }} + project-version: ${{ env.VERSION }} + + - name: Set bundle meta information + id: set-bundle-info + run: | + input_path="${BUILD_OUTPUT}/docker-cli" + echo "::set-output name=input-path::${input_path}" + + - name: Build binary + uses: docker/build-push-action@v2 + with: + target: binary + context: . + push: false + outputs: | + type=local,dest=${{ steps.set-bundle-info.outputs.input-path }} + cache-from: type=local,src=${{ steps.setup-docker-make.outputs.buildx-cache }} + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + platforms: | + ${{ matrix.platform }} + build-args: | + APT_MIRROR + PLATFORM + DEFAULT_PRODUCT_LICENSE + DOCKER_GITCOMMIT + VERSION=${{ steps.setup-docker-make.outputs.version }} + CGO_ENABLED=1 + BASE_VARIANT=${{ env.BASE_DEBIAN_DISTRO }} + GO_VERSION=${{ env.GO_VERSION }} + load: false + + # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + - name: Move cache + env: + BUILDX_CACHE: ${{ steps.setup-docker-make.outputs.buildx-cache }} + run: | + rm -rf "${BUILDX_CACHE}" + mv /tmp/.buildx-cache-new "${BUILDX_CACHE}" + + - name: Create bundle + id: create-bundle + env: + BUNDLE_PLATFORM: ${{ steps.setup-docker-make.outputs.target-platform-id }} + BUNDLE_INPUT_PATH: ${{ steps.set-bundle-info.outputs.input-path }} + run: | + bundle_archive_name="docker-cli-${BUNDLE_PLATFORM}.tar" + bundle_archive="${BUILD_OUTPUT}/${bundle_archive_name}" + tar -C "${BUNDLE_INPUT_PATH}" -cvf "${bundle_archive}" . + echo "::set-output name=archive::${bundle_archive}" + echo "::set-output name=archive-name::${bundle_archive_name}" + + - name: Upload bundle + uses: actions/upload-artifact@v2 + with: + name: ${{ steps.create-bundle.outputs.archive-name }} + path: ${{ steps.create-bundle.outputs.archive }} + retention-days: 7 + + - name: Print artifact version informations + env: + BUNDLE_INPUT_PATH: ${{ steps.set-bundle-info.outputs.input-path }} + run: | + "${BUNDLE_INPUT_PATH}/docker" version From f0df2417b0916cbb03bc4c95dc9816f03f5fe63f Mon Sep 17 00:00:00 2001 From: "O. El Hosami" Date: Tue, 28 Sep 2021 16:10:47 +0200 Subject: [PATCH 127/127] Add release workflow --- .github/workflows/ci.yml | 2 +- .github/workflows/release.yml | 266 ++++++++++++++++++++++++++++++++++ 2 files changed, 267 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5374f05e535c..74c506971ebe 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -100,7 +100,7 @@ jobs: BUNDLE_PLATFORM: ${{ steps.setup-docker-make.outputs.target-platform-id }} BUNDLE_INPUT_PATH: ${{ steps.set-bundle-info.outputs.input-path }} run: | - bundle_archive_name="docker-cli-${BUNDLE_PLATFORM}.tar" + bundle_archive_name="docker-cli-static-${BUNDLE_PLATFORM}.tar" bundle_archive="${BUILD_OUTPUT}/${bundle_archive_name}" tar -C "${BUNDLE_INPUT_PATH}" -cvf "${bundle_archive}" . echo "::set-output name=archive::${bundle_archive}" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 000000000000..b61c3e053eff --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,266 @@ +name: Release + +on: + push: + tags: + - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10 + +env: + PLATFORM: Docker Engine - WAGO (Community) + DEFAULT_PRODUCT_LICENSE: Community Engine + DOCKER_GITCOMMIT: ${{ github.sha }} + DOCKER_EXPERIMENTAL: 1 + DOCKER_GRAPHDRIVER: overlay2 + BUILDKIT_PROGRESS: plain + BASE_DEBIAN_DISTRO: buster + GO_VERSION: 1.16.7 + APT_MIRROR: cdn-fastly.deb.debian.org + CHECK_CONFIG_COMMIT: 78405559cfe5987174aa2cb6463b9b2c1b917255 + TESTDEBUG: 0 + TIMEOUT: 120m + BUILD_OUTPUT: build + VERSION: '20.10-dev' + +jobs: + check: + runs-on: ubuntu-18.04 + + outputs: + stringver: ${{ steps.contentrel.outputs.stringver }} + + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + ref: ${{ github.ref }} + + - name: Check signature + run: | + releasever=${{ github.ref }} + releasever="${releasever#refs/tags/}" + tagcheck=$(git tag -v ${releasever} 2>&1 >/dev/null) || + echo "${tagcheck}" | grep -q "error" && { + echo "::error::tag ${releasever} is not a signed tag. Failing release process." + exit 1 + } || { + echo "Tag ${releasever} is signed." + exit 0 + } + + - name: Release content + id: contentrel + run: | + releasever=${{ github.ref }} + echo "::set-output name=stringver::${releasever#refs/tags/v}" + + file_path="${BUILD_OUTPUT}"/release-notes.md + echo "::set-output name=path::${file_path}" + + mkdir -p "${BUILD_OUTPUT}" + git tag -l ${releasever#refs/tags/} -n20000 | tail -n +3 | cut -c 5- > "${file_path}" + + - name: Save release notes + uses: actions/upload-artifact@v2 + with: + name: docker-cli-release-notes + path: ${{ steps.contentrel.outputs.path }} + + build-static-binary: + + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + - arch: arm32v7 + platform: linux/arm/v7 + + runs-on: ubuntu-18.04 + needs: + - check + + env: + VERSION: ${{ needs.check.outputs.stringver }} + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up node for Docker make + id: setup-docker-make + uses: WAGO/docker-actions/setup-docker-make@release/v1.0 + with: + golang-version: ${{ env.GO_VERSION }} + base-debian-distro: ${{ env.BASE_DEBIAN_DISTRO }} + host-arch: ${{ matrix.arch }} + target-platform: ${{ matrix.platform }} + check-config-commit: ${{ env.CHECK_CONFIG_COMMIT }} + project-version: ${{ env.VERSION }} + + - name: Set bundle meta information + id: set-bundle-info + run: | + input_path="${BUILD_OUTPUT}/docker-cli" + echo "::set-output name=input-path::${input_path}" + + - name: Build binary + uses: docker/build-push-action@v2 + with: + target: binary + context: . + push: false + outputs: | + type=local,dest=${{ steps.set-bundle-info.outputs.input-path }} + cache-from: type=local,src=${{ steps.setup-docker-make.outputs.buildx-cache }} + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + platforms: | + ${{ matrix.platform }} + build-args: | + SOURCE_DATE_EPOCH + BUILDTIME + APT_MIRROR + PLATFORM + DEFAULT_PRODUCT_LICENSE + DOCKER_GITCOMMIT + VERSION=${{ steps.setup-docker-make.outputs.version }} + CGO_ENABLED=1 + BASE_VARIANT=${{ env.BASE_DEBIAN_DISTRO }} + GO_VERSION=${{ env.GO_VERSION }} + load: false + + # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + - name: Move cache + env: + BUILDX_CACHE: ${{ steps.setup-docker-make.outputs.buildx-cache }} + run: | + rm -rf "${BUILDX_CACHE}" + mv /tmp/.buildx-cache-new "${BUILDX_CACHE}" + + - name: Create bundle + id: create-bundle + env: + BUNDLE_PLATFORM: ${{ steps.setup-docker-make.outputs.target-platform-id }} + BUNDLE_INPUT_PATH: ${{ steps.set-bundle-info.outputs.input-path }} + VERSION: ${{ steps.setup-docker-make.outputs.version }} + run: | + bundle_archive_name="docker-cli-${VERSION//\./_}_static-${BUNDLE_PLATFORM}.tar" + bundle_archive_base="${BUILD_OUTPUT}/${bundle_archive_name}" + bundle_archive="${bundle_archive_base}.gz" + tar -C "${BUNDLE_INPUT_PATH}" -czvf "${bundle_archive}" . + (cd "$(dirname "${bundle_archive}")"; sha256sum "$(basename "${bundle_archive}")") > "${bundle_archive}".sha256sum + echo "::set-output name=archive-base::${bundle_archive_base}" + + - name: Upload bundle + uses: actions/upload-artifact@v2 + with: + name: docker-cli-bundles + path: ${{ steps.create-bundle.outputs.archive-base }}.* + retention-days: 7 + + - name: Print artifact version informations + env: + BUNDLE_INPUT_PATH: ${{ steps.set-bundle-info.outputs.input-path }} + run: | + "${BUNDLE_INPUT_PATH}/docker" version + + release: + runs-on: ubuntu-18.04 + + needs: + - build-static-binary + - check + + outputs: + upload_url: ${{ steps.create-release.outputs.upload_url }} + + steps: + - name: Release notes + uses: actions/download-artifact@v2 + with: + name: docker-cli-release-notes + path: ${{ env.BUILD_OUTPUT }} + + - name: Create Release + id: create-release + uses: actions/create-release@v1.1.2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ github.ref }} + release_name: docker cli ${{ needs.check.outputs.stringver }} + body_path: ${{ env.BUILD_OUTPUT }}/release-notes.md + draft: false + prerelease: ${{ contains(github.ref, 'beta') || contains(github.ref, 'rc') }} + + release-upload: + runs-on: ubuntu-18.04 + + needs: + - release + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set artifact information + id: set-artifact-info + uses: WAGO/docker-actions/artifact-info@release/v1.0 + with: + version: ${{ env.VERSION }} + platform: ${{ matrix.platform }} + + - name: Download bundles + uses: actions/download-artifact@v2 + with: + name: docker-cli-bundles + path: ${{ env.BUILD_OUTPUT }} + + - name: Create catalog + id: catalog + run: | + _filenum=1 + for f in $(ls "docker-cli-"*); do + echo "::set-output name=file${_filenum}::${f}" + let _filenum+=1 + done + working-directory: ${{ env.BUILD_OUTPUT }} + + - name: 1st Upload tarball + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.release.outputs.upload_url }} + asset_path: ${{ env.BUILD_OUTPUT }}/${{ steps.catalog.outputs.file1 }} + asset_name: ${{ steps.catalog.outputs.file1 }} + asset_content_type: application/gzip + - name: 1st Upload sha256 sum + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.release.outputs.upload_url }} + asset_path: ${{ env.BUILD_OUTPUT }}/${{ steps.catalog.outputs.file2 }} + asset_name: ${{ steps.catalog.outputs.file2 }} + asset_content_type: text/plain + + - name: 2nd Upload tarball + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.release.outputs.upload_url }} + asset_path: ${{ env.BUILD_OUTPUT }}/${{ steps.catalog.outputs.file3 }} + asset_name: ${{ steps.catalog.outputs.file3 }} + asset_content_type: application/gzip + - name: 2nd Upload sha256 sum + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.release.outputs.upload_url }} + asset_path: ${{ env.BUILD_OUTPUT }}/${{ steps.catalog.outputs.file4 }} + asset_name: ${{ steps.catalog.outputs.file4 }} + asset_content_type: text/plain