me/guix
Archived
1
0
Fork 0
Code Activity
This repository has been archived on 2024-08-07. You can view files and clone it, but cannot push or open issues or pull requests.
guix/gnu/packages/patches/docker-use-fewer-modprobes.patch
Danny Milosavljevic e74a08f921
gnu: docker: Check for error on XFRM. 
* gnu/packages/patches/docker-use-fewer-modprobes.patch: Check for error on
XFRM.
2019-04-14 19:02:52 +02:00

137 lines
5.5 KiB
Diff
Raw Blame History

This patch makes docker find out whether a filesystem type is supported
by trying to mount a filesystem of that type rather than invoking "modprobe".
See <https://github.com/moby/moby/pull/38930>.
--- docker-18.09.0-checkout/daemon/graphdriver/overlay/overlay.go.orig 1970-01-01 01:00:00.000000000 +0100
+++ docker-18.09.0-checkout/daemon/graphdriver/overlay/overlay.go 2019-03-19 09:16:03.487087490 +0100
@@ -8,7 +8,6 @@
"io"
"io/ioutil"
"os"
- "os/exec"
"path"
"path/filepath"
"strconv"
@@ -201,9 +200,16 @@
}
func supportsOverlay() error {
- // We can try to modprobe overlay first before looking at
- // proc/filesystems for when overlay is supported
- exec.Command("modprobe", "overlay").Run()
+ // Access overlay filesystem so that Linux loads it (if possible).
+ mountTarget, err := ioutil.TempDir("", "supportsOverlay")
+ if err != nil {
+ logrus.WithField("storage-driver", "overlay2").Error("Could not create temporary directory, so assuming that 'overlay' is not supported.")
+ return graphdriver.ErrNotSupported
+ } else {
+ /* The mounting will fail--after the module has been loaded.*/
+ defer os.RemoveAll(mountTarget)
+ unix.Mount("overlay", mountTarget, "overlay", 0, "")
+ }
f, err := os.Open("/proc/filesystems")
if err != nil {
--- docker-18.09.0-checkout/daemon/graphdriver/overlay2/overlay.go.orig 2019-03-18 23:42:23.728525231 +0100
+++ docker-18.09.0-checkout/daemon/graphdriver/overlay2/overlay.go 2019-03-19 08:54:31.411906113 +0100
@@ -10,7 +10,6 @@
"io"
"io/ioutil"
"os"
- "os/exec"
"path"
"path/filepath"
"strconv"
@@ -261,9 +260,16 @@
}
func supportsOverlay() error {
- // We can try to modprobe overlay first before looking at
- // proc/filesystems for when overlay is supported
- exec.Command("modprobe", "overlay").Run()
+ // Access overlay filesystem so that Linux loads it (if possible).
+ mountTarget, err := ioutil.TempDir("", "supportsOverlay2")
+ if err != nil {
+ logrus.WithField("storage-driver", "overlay2").Error("Could not create temporary directory, so assuming that 'overlay' is not supported.")
+ return graphdriver.ErrNotSupported
+ } else {
+ /* The mounting will fail--after the module has been loaded.*/
+ defer os.RemoveAll(mountTarget)
+ unix.Mount("overlay", mountTarget, "overlay", 0, "")
+ }
f, err := os.Open("/proc/filesystems")
if err != nil {
--- docker-18.09.0-checkout/daemon/graphdriver/devmapper/deviceset.go.orig 2019-03-19 09:19:16.592844887 +0100
+++ docker-18.09.0-checkout/daemon/graphdriver/devmapper/deviceset.go 2019-03-19 09:21:18.019361761 +0100
@@ -540,8 +539,14 @@
return err // error text is descriptive enough
}
- // Check if kernel supports xfs filesystem or not.
- exec.Command("modprobe", "xfs").Run()
+ mountTarget, err := ioutil.TempDir("", "supportsXFS")
+ if err != nil {
+ return errors.Wrapf(err, "error checking for xfs support")
+ } else {
+ /* The mounting will fail--after the module has been loaded.*/
+ defer os.RemoveAll(mountTarget)
+ unix.Mount("none", mountTarget, "xfs", 0, "")
+ }
f, err := os.Open("/proc/filesystems")
if err != nil {
--- docker-18.09.0-checkout/vendor/github.com/docker/libnetwork/iptables/iptables.go.orig 2019-03-19 09:47:19.430111170 +0100
+++ docker-18.09.0-checkout/vendor/github.com/docker/libnetwork/iptables/iptables.go 2019-03-19 10:38:01.445136177 +0100
@@ -72,11 +71,12 @@
}
func probe() {
- if out, err := exec.Command("modprobe", "-va", "nf_nat").CombinedOutput(); err != nil {
- logrus.Warnf("Running modprobe nf_nat failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
+ path, err := exec.LookPath("iptables")
+ if err != nil {
+ return
}
- if out, err := exec.Command("modprobe", "-va", "xt_conntrack").CombinedOutput(); err != nil {
- logrus.Warnf("Running modprobe xt_conntrack failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
+ if out, err := exec.Command(path, "--wait", "-t", "nat", "-L", "-n").CombinedOutput(); err != nil {
+ logrus.Warnf("Running iptables --wait -t nat -L -n failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
}
}
--- docker-18.09.0-checkout/vendor/github.com/docker/libnetwork/ns/init_linux.go.orig 2019-03-19 11:23:20.738316699 +0100
+++ docker-18.09.0-checkout/vendor/github.com/docker/libnetwork/ns/init_linux.go 2019-03-19 11:27:57.149753073 +0100
@@ -76,12 +76,8 @@ func NlHandle() *netlink.Handle {
func getSupportedNlFamilies() []int {
fams := []int{syscall.NETLINK_ROUTE}
// NETLINK_XFRM test
- if err := loadXfrmModules(); err != nil {
- if checkXfrmSocket() != nil {
- logrus.Warnf("Could not load necessary modules for IPSEC rules: %v", err)
- } else {
- fams = append(fams, syscall.NETLINK_XFRM)
- }
+ if err := checkXfrmSocket(); err != nil {
+ logrus.Warnf("Could not load necessary modules for IPSEC rules: %v", err)
} else {
fams = append(fams, syscall.NETLINK_XFRM)
}
@@ -99,16 +95,6 @@ func getSupportedNlFamilies() []int {
return fams
}
-func loadXfrmModules() error {
- if out, err := exec.Command("modprobe", "-va", "xfrm_user").CombinedOutput(); err != nil {
- return fmt.Errorf("Running modprobe xfrm_user failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
- }
- if out, err := exec.Command("modprobe", "-va", "xfrm_algo").CombinedOutput(); err != nil {
- return fmt.Errorf("Running modprobe xfrm_algo failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
- }
- return nil
-}
-
// API check on required xfrm modules (xfrm_user, xfrm_algo)
func checkXfrmSocket() error {
fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW, syscall.NETLINK_XFRM)
View git blame Copy permalink