Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change version to 0.x #1

Closed
shykes opened this issue Jun 10, 2015 · 1 comment

Comments

@shykes
Copy link
Contributor

commented Jun 10, 2015

Currently the version is 1. From experience with the Docker remote API, we regretted bitterly not starting with a 0.x version number, it would have made it easier to break things later.

We should change this before opening the repo if possible.

@crosbymichael

This comment has been minimized.

Copy link
Member

commented Jun 11, 2015

done on the binary side ;)

crosbymichael pushed a commit that referenced this issue Jun 17, 2015
jhjeong-kr added a commit to jhjeong-kr/runc that referenced this issue Jul 19, 2015
     runc always shows "container in use" if /var/run/ocf/container exists
     However, there are two cases
         1) case 1: "container in use"
         2) case 2: /var/run/ocf/container still exists after runc was terminated by SIGKILL or abnormal crash
     For case 2, runc should yield "delete the lock dir" instead of "container in use"
     This patch is for this issue using "pid" file in /var/run/ocf/container/task
     minor revision opencontainers#1: error indentation, slice length check for "exeName"
     minor revision opencontainers#2: use "filepath.join" instead of "fmt.Sprintf"

Signed-off-by: Jin-Hwan Jeong <jhjeong.kr@gmail.com>
sallyom added a commit to sallyom/runc that referenced this issue Jul 30, 2015
TL;DR: check for IsExist(err) after a failed MkdirAll() is both
redundant and wrong -- so two reasons to remove it.

Quoting MkdirAll documentation:

> MkdirAll creates a directory named path, along with any necessary
> parents, and returns nil, or else returns an error. If path
> is already a directory, MkdirAll does nothing and returns nil.

This means two things:

1. If a directory to be created already exists, no error is
returned.

2. If the error returned is IsExist (EEXIST), it means there exists
a non-directory with the same name as MkdirAll need to use for
directory. Example: we want to MkdirAll("a/b"), but file "a"
(or "a/b") already exists, so MkdirAll fails.

The above is a theory, based on quoted documentation and my UNIX
knowledge.

3. In practice, though, current MkdirAll implementation [1] returns
ENOTDIR in most of cases described in opencontainers#2, with the exception when
there is a race between MkdirAll and someone else creating the
last component of MkdirAll argument as a file. In this very case
MkdirAll() will indeed return EEXIST.

Because of opencontainers#1, IsExist check after MkdirAll is not needed.

Because of opencontainers#2 and opencontainers#3, ignoring IsExist error is just plain wrong,
as directory we require is not created. It's cleaner to report
the error now.

Note this error is all over the tree, I guess due to copy-paste,
or trying to follow the same usage pattern as for Mkdir(),
or some not quite correct examples on the Internet.

[1] https://github.com/golang/go/blob/f9ed2f75/src/os/path.go

Signed-off-by: Kir Kolyshkin <kir@openvz.org>
clnperez pushed a commit to clnperez/runc that referenced this issue Aug 12, 2015
TL;DR: check for IsExist(err) after a failed MkdirAll() is both
redundant and wrong -- so two reasons to remove it.

Quoting MkdirAll documentation:

> MkdirAll creates a directory named path, along with any necessary
> parents, and returns nil, or else returns an error. If path
> is already a directory, MkdirAll does nothing and returns nil.

This means two things:

1. If a directory to be created already exists, no error is
returned.

2. If the error returned is IsExist (EEXIST), it means there exists
a non-directory with the same name as MkdirAll need to use for
directory. Example: we want to MkdirAll("a/b"), but file "a"
(or "a/b") already exists, so MkdirAll fails.

The above is a theory, based on quoted documentation and my UNIX
knowledge.

3. In practice, though, current MkdirAll implementation [1] returns
ENOTDIR in most of cases described in opencontainers#2, with the exception when
there is a race between MkdirAll and someone else creating the
last component of MkdirAll argument as a file. In this very case
MkdirAll() will indeed return EEXIST.

Because of opencontainers#1, IsExist check after MkdirAll is not needed.

Because of opencontainers#2 and opencontainers#3, ignoring IsExist error is just plain wrong,
as directory we require is not created. It's cleaner to report
the error now.

Note this error is all over the tree, I guess due to copy-paste,
or trying to follow the same usage pattern as for Mkdir(),
or some not quite correct examples on the Internet.

[1] https://github.com/golang/go/blob/f9ed2f75/src/os/path.go

Signed-off-by: Kir Kolyshkin <kir@openvz.org>
stefanberger pushed a commit to stefanberger/runc that referenced this issue Sep 8, 2017
Don't use strings when you can use dictionaries/objects. JSON objects are trivial to parse and manipulate, unlike strings. String parsing is the opencontainers#1 cause of security bugs, so if it can be trivially avoided, then why not ;)
YuheiTakagawa referenced this issue in YuheiTakagawa/runc Sep 26, 2018
# This is the 1st commit message:

[add] Call cgroups(rctl) parameter setting function from FreeBSD container

# The commit message #1 will be skipped:

# [tmp] go fmt factory_freebsd.go
jordemort added a commit to jordemort/cri-o-runc that referenced this issue May 28, 2019
… stretch-backport

v1.0.0~rc8

This is a hot-fix for v1.0.0-rc7, and fixes a regression on old kernels
(which don't support keycreate labeling). Users are strongly encouraged
to update, as this regression was introduced in 1.0.0-rc7 and has
blocked many users from updating to mitigate CVE-2019-5736.

Bugs: opencontainers#2032 opencontainers#2031 opencontainers#2043

At the moment the only outlying issue before we can release 1.0.0 is
some spec discussions we are having about OCI hooks and how to handle
the integration with existing NVIDIA hooks. We will do our best to
finish this work as soon as we can.

Thanks to the following people who made this release possible:

 * Aleksa Sarai <asarai@suse.de>
 * Daniel J Walsh <dwalsh@redhat.com>
 * lifubang <lifubang@acmcoder.com>
 * Michael Crosby <crosbymichael@gmail.com>
 * Mrunal Patel <mrunal@me.com>

Vote: +4 -0 opencontainers#1
Signed-off-by: Aleksa Sarai <asarai@suse.de>
cyphar added a commit that referenced this issue Oct 5, 2019
  VERSION: back to development
  VERSION: update to 1.0.0-rc9

Vote: +4 -0 #1
LGTMs: @crosbymichael @hqhq @mrunalp
Closes #2134
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.