Summary
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Versions
v23.0.1 :: 0 :: gentoo
- Modified
- License
- Apache-2.0
- Keywords
- ~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86
- USE flags
- apparmor aufs btrfs container-init device-mapper overlay seccomp selinux
v20.10.22 :: 0 :: gentoo
- Modified
- License
- Apache-2.0
- Keywords
- amd64 arm64 ppc64 ~arm ~riscv ~x86
- USE flags
- apparmor aufs btrfs cli container-init device-mapper hardened overlay seccomp selinux
USE flags
General
- apparmor
- Enable support for the AppArmor application security system
- aufs
- Enables dependencies for the "aufs" graph driver, including necessary kernel flags.
- btrfs
- Enables dependencies for the "btrfs" graph driver, including necessary kernel flags.
- cli
- This is a temporary use flag which pulls in app-containers/docker-cli, the docker command line client. This flag is here to assist in the transition to split packages and will be removed in a future release.
- container-init
- Makes the a staticly-linked init system tini available inside a container.
- device-mapper
- Enables dependencies for the "devicemapper" graph driver, including necessary kernel flags.
- hardened
- Activate default security enhancements for toolchain (gcc, glibc, binutils)
- overlay
- Enables dependencies for the "overlay" graph driver, including necessary kernel flags.
- seccomp
- Enable seccomp (secure computing mode) to perform system call filtering at runtime to increase security of programs
- selinux
- !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
Dependencies
acct-group / docker : System group: docker
dev-db / sqlite : SQL database engine
sys-fs / btrfs-progs : Btrfs filesystem utilities
sys-fs / lvm2 : User-land utilities for LVM2 (device-mapper) software
sys-libs / libapparmor : Library to support AppArmor userspace utilities
sys-libs / libseccomp : high level interface to Linux seccomp filter
Runtime Dependencies
acct-group / docker : System group: docker
app-arch / xz-utils : Utils for managing LZMA compressed files
app-containers / containerd : A daemon to control runC
app-containers / docker-cli : the command line binary for docker
app-containers / docker-proxy : Docker container networking
dev-db / sqlite : SQL database engine
dev-libs / libltdl : A shared library tool for developers
dev-vcs / git : Stupid content tracker: distributed VCS designed for speed and efficiency
net-firewall / iptables : Linux kernel (2.4+) firewall, NAT and packet mangling tools
sec-policy / selinux-docker : SELinux policy for docker
sys-fs / btrfs-progs : Btrfs filesystem utilities
sys-fs / lvm2 : User-land utilities for LVM2 (device-mapper) software
sys-libs / libapparmor : Library to support AppArmor userspace utilities
sys-libs / libseccomp : high level interface to Linux seccomp filter
sys-process / procps : Standard informational utilities and process-handling tools
sys-process / tini : A tiny but valid init for containers
Depending packages
app-containers / distrobox : Use any Linux distribution inside your terminal (powered by docker/podman)
app-containers / docker-bench-security : Test for best practices around deploying docker containers
app-containers / docker-buildx : Docker CLI plugin for extended build capabilities with BuildKit
app-containers / go-secbench : run and evaluate the docker security benchmark
dev-util / ebuildtester : A dockerized approach to test a Gentoo package within a clean stage3 container
Bugs
- 645694
- app-containers/docker-18.01.0 - improve .config variable checks
- 680094
- app-containers/docker-18.09.2 not waiting for all host zfs volumes to mount before starting service
- 699950
- app-containers/docker-19.03.4 - start-stop-daemon: fopen `/run/docker.pid': No such file or directory
- 706776
- app-containers/docker-19.03.5: module declares its path as: github.com/sirupsen/logrus but was required as: github.com/Sirupsen/logrus
- 763891
- app-containers/docker: runscript defines default ulimit options that depend on bash
- 765487
- app-containers/docker-20.10.2 doesn't remove iptable entries
- 775431
- app-containers/docker-20.10.5 is checking for CONFIG_NETFILTER_NETLINK, but this is not a user configurable option
- 816273
- <app-containers/docker-20.10.9: multiple vulnerabilities
- 829561
- app-containers/docker-20.10.9: openrc does not stop the daemon
- 844568
- app-containers/docker: uses deprecated Go eclass (DeprecatedEclass)
- 869407
- app-containers/docker: supplementary groups mishandling
- 877653
- app-containers/docker: Git vulnerability mitigations
- 882289
- app-containers/docker fails to start on boot: containerd is already running
- 886509
- <app-containers/docker-20.10.22: multiple vulnerabilities
- 888645
- app-containers/docker-20.10.17 failed to emerge with sys-fs/btrfs-progs-6.1
- 900933
- app-containers/runc, app-containers/docker, app-containers/docker-cli: CGO_CFLAGS disables optimization
Change logs
- Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: typo fix for LEGACY_VSYSCALL_NONE warning
The warning was not assigned to the proper configuration check. This commit fixes that issue which results in a better warning message. Bug: https://bugs.gentoo.org/900845 Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: more kernel option fixes
- put SECURITY_SELINUX and SECURITY_APPARMOR behind the appropriate use flags - put MEMCG_SWAP and LEGACY_SYSCALL_EMULATE behind kernel version checks Bug: https://bugs.gentoo.org/900845 Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-containers/docker: drop hardened cruft from IUSE
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-containers/docker: fix (some) kernel check options
This doesn't fix all of them, just the misspellings of VSYSCALL. Bug: https://bugs.gentoo.org/900845 Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-containers/docker: drop USE=hardened hacks
1. These aren't needed on hardened systems anyway (we've had default PIE on normal, non-hardened systems for years); 2. The relevant variables are gone upstream, see https://github.com/moby/moby/commit/877baae03e1810b6a6afaa8b767b8df25f5c5cae, which fails because of the grep sanity check in the ebuild (correctly); 3. If we did need to keep this check, we would need to do it based on a e.g. toolchain-funcs function to check if the toolchain defaults to PIE, but not based on USE=hardened. Closes: https://bugs.gentoo.org/900849 Signed-off-by: Sam James <sam@gentoo.org> - Sam James · gentoo
app-containers/docker: fix pkg_postinst referencing removed IUSE=cli
Closes: https://bugs.gentoo.org/900771 Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: changelog was removed, so don't try to install it
Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: add 23.0.1
Closes: https://bugs.gentoo.org/900216 Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: adjust kernel checks
The CONFIG_MEMCG_SWAP kernel option was removed in linux 6.1, so adjust the check to account for this. Closes: https://bugs.gentoo.org/889932 Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: drop 20.10.17
Bug: https://bugs.gentoo.org/886509 Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-containers/docker: Stabilize 20.10.22 arm64, #889546
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: stabilize 20.10.22 for amd64 #889546
Signed-off-by: William Hubbs <williamh@gentoo.org> - Arthur Zamarin · gentoo
app-containers/docker: Stabilize 20.10.22 ppc64, #889546
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: add 20.10.22
Bug: https://bugs.gentoo.org/886509 Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: drop 20.10.12-r1, 20.10.14, 20.10.16
Bug: https://bugs.gentoo.org/850124 Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Arthur Zamarin · gentoo
app-containers/docker: Stabilize 20.10.17 ppc64, #865193
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Agostino Sarubbo · gentoo
app-containers/docker: arm64 stable wrt bug #865193
Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Agostino Sarubbo · gentoo
app-containers/docker: amd64 stable wrt bug #865193
Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: add 20.10.17
Closes: https://bugs.gentoo.org/842567 Closes: https://bugs.gentoo.org/854231 Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: add 20.10.16
Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: drop 20.10.9
Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker:
Closes: https://bugs.gentoo.org/836571 Signed-off-by: William Hubbs <williamh@gentoo.org> sec-policy dependency for selinux - Repository mirror & CI · gentoo
Merge updates from master - William Hubbs · gentoo
app-containers/docker: add 20.10.14
Signed-off-by: William Hubbs <williamh@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-containers/docker: fix typo in comment
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Jakov Smolić · gentoo
app-containers/docker: Stabilize 20.10.12-r1 amd64, #830674
Signed-off-by: Jakov Smolić <jsmolic@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Repository mirror & CI · gentoo
Merge updates from master - Georgy Yakovlev · gentoo
app-containers/docker: Stabilize 20.10.12-r1 arm64, #830674
Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> - Georgy Yakovlev · gentoo
app-containers/docker: Stabilize 20.10.12-r1 ppc64, #830674
Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Georgy Yakovlev · gentoo
Move {app-emulation -> app-containers}/docker
Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>