Bug 24374

Looking into this openSUSE advisory from today (February 16):
https://lists.opensuse.org/opensuse-updates/2019-02/msg00078.html

It sounds like docker needs to also be built with the updated golang otherwise it can be affected by the CVE-2018-1687[3-5] fixed in Bug 24014, but the docker update in Bug 24289 was built first.

For Docker in Mageia 6, this can be fixed by updating to 18.06.3 (See https://github.com/docker/docker-ce/blob/v18.06.3-ce/CHANGELOG.md)

Working on an update now.

Status: NEW => ASSIGNED

For Docker in cauldron, this is fixed by an update to 18.09.3 as well (See https://github.com/docker/docker-ce/blob/v18.09.3/CHANGELOG.md)

Working on it as well.

version 18.06.3 uploaded to updates_testing for mga6 and version 18.09.3 pushed to cauldron.

Whiteboard: MGA6TOO => (none)
CC: (none) => bruno
Assignee: bruno => qa-bugs
Version: Cauldron => 6

Didn't build in Mageia 6:
http://pkgsubmit.mageia.org/uploads/failure/6/core/updates_testing/20190317232758.bcornec.duvel.5515/log/docker-18.06.3-1.1.mga6/build.0.20190317232945.log

Assignee: qa-bugs => bruno
CC: (none) => qa-bugs

Builds locally. And doesn't seem to be me :-(:

/man/md2man-all.sh: line 12:  5266 Trace/breakpoint trap   (core dumped) go-md2man -in "$FILE" -out "./man${num}/${name}"

Not sure what to do except retrying tomorrow...

It built this time.

docker-18.06.3-1.2.mga6
docker-devel-18.06.3-1.2.mga6
docker-fish-completion-18.06.3-1.2.mga6
docker-logrotate-18.06.3-1.2.mga6
docker-unit-test-18.06.3-1.2.mga6
docker-vim-18.06.3-1.2.mga6
docker-zsh-completion-18.06.3-1.2.mga6
docker-nano-18.06.3-1.2.mga6

from docker-18.06.3-1.2.mga6.src.rpm

Moving docker update to the correct bug (from Bug 24321).

Assignee: bruno => qa-bugs

mga6, x86_64

Found Bruno's Labs-master already installed on this machine.  To be investigated after the update.  later.

CC: (none) => tarazed25

Had a quick look and realized that the Labs are about full on training to learn to use Docker seriously.  Far too ambitious for a humble tester and likely to need several weeks effort so I shall, with all due respect for Bruno's excellent work, go back to my simple introductory manual.

Well, I didn't meant to do the full Lab (iit's a 4 hours + work !) just the begining to check that docker is installed correctly and works at least to pull an image and run it.

Well, that is the problem, I have the whole thing sitting on a hard disk but am too dumb to understand how to kickstart it.  I did run one script and it went straight on to the web, downloaded a lot of stuff and said that there were all sorts of things needed to set up a proper environment and then asked me to set up an Azure account.  What is Azure?  Haven't a clue.  And I don't want to have to run things in virtualbox.  It really is out of my league.

Thanks for replying though.

Short tutorial:

1/ Install docker from the test repo (sudo urpmi docker)
2/ sudo systemctl restart docker (restart or start docker engine)
3/ docker --version (should give the corect version)
4/ docker run hello-world (should print an hello work after downloading the image from the docker hub)
5/ docker images (should show you the image downloaded
6/ docker ps -a (should show you the now defunct container)

7/ docker pull fedora (should do the same with the latest fedora image)
8/ docker run -ti fedora:latest /bin/bash (should give you a bash shell in a fedora context)
9/ in that container you can do dnf install tcsh to check it works as expected

If all that works, then you already have a pretty solid docker env :-)

Many thanks for that.  I have a vague memory of doing similar things for the openrunc update a few months back, getting as far as deleting containers and exchanging information between running containers.

I shall get back to this later.

Right, here we are.  What was already on the system:

$ docker ps -a
CONTAINER ID        IMAGE                    COMMAND                  CREATED             STATUS                     PORTS               NAMES
457c015182dc        azure                    "/bin/sh -c /tmp/az.…"   18 hours ago        Up 18 hours                                    elegant_mclean
eede586b3474        redis                    "docker-entrypoint.s…"   6 weeks ago         Exited (0) 6 weeks ago                         modest_archimedes
3bb196546b48        redis                    "docker-entrypoint.s…"   6 weeks ago         Exited (0) 6 weeks ago                         vigorous_hugle
429da90ab706        hello-world              "/hello"                 7 weeks ago         Exited (0) 7 weeks ago                         determined_fermat
722f36262cd8        test/cowsay-dockerfile   "/usr/games/cowsay B…"   7 weeks ago         Exited (0) 7 weeks ago                         gracious_dubinsky
e45bc35da265        test/cowsayimage         "/usr/games/cowsay M…"   7 weeks ago         Exited (0) 7 weeks ago                         mystifying_babbage
73d9edcc3796        debian                   "bash"                   7 weeks ago         Exited (0) 7 weeks ago                         cowsay
2ce141353ad8        redis:latest             "docker-entrypoint.s…"   7 weeks ago         Exited (255) 7 weeks ago   6379/tcp            alpha
86cf6a564b99        redis:latest             "docker-entrypoint.s…"   7 weeks ago         Exited (255) 7 weeks ago   6379/tcp            wedgewood

Better get rid of those and start from scratch after the update.

Ran the update.

Used 'docker ps -a' and 'docker images' to list containers and images.
Removed them with repeated commands:
$ docker rm <container id>
$ docker rmi <reository name>
or
$ docker rmi <image id>

$ sudo systemctl restart docker
$ systemctl status docker
   Active: active (running) since Sun 2019-03-31 19:04:01 BST; 1min 32s ago

$ docker version
Client:
 Version:           18.06.0-dev
 API version:       1.38
 Go version:        go1.11.5
 Git commit:        d7080c1
 Built:             Tue Mar 19 16:53:43 2019
 OS/Arch:           linux/amd64
 Experimental:      false
Server:
 Engine:
  Version:          18.06.3-ce
  API version:      1.38 (minimum version 1.12)
  Go version:       go1.11.5
  Git commit:       d7080c1
  Built:            Tue Mar 19 16:53:14 2019
  OS/Arch:          linux/amd64
  Experimental:     false

$ docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete 
Digest: sha256:2557e3c07ed1e38f26e389462d03ed943586f744621577a99efb77324b0fe535
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.
[...]
$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
hello-world         latest              fce289e99eb9        2 months ago        1.84kB
$ docker ps -a
$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS                          PORTS               NAMES
6064d8abf9ac        hello-world         "/hello"            About a minute ago   Exited (0) About a minute ago                       confident_kilby
64740c6ad06b        hello-world         "/hello"            2 minutes ago        Exited (0) 2 minutes ago                            gracious_keldysh
<Ran it twice>
$ docker pull fedora
Using default tag: latest
latest: Pulling from library/fedora
<downloading and extracting ~89MB>
01eb078129a0: Pull complete 
Digest: sha256:8ee55e140e8751492ab2cfa4513c82093cd2716df9311ea6f442f1f1259cbb3e
Status: Downloaded newer image for fedora:latest

$ docker run -ti fedora:latest /bin/bash
[root@23a1a062bdde /]# dnf install tcsh
Fedora Modular 29 - x86_64                      335 kB/s | 1.5 MB     00:04    
Fedora Modular 29 - x86_64 - Updates            485 kB/s | 2.1 MB     00:04    
Fedora 29 - x86_64 - Updates                    1.7 MB/s |  25 MB     00:14    
Fedora 29 - x86_64                              3.4 MB/s |  62 MB     00:18    
Dependencies resolved.
================================================================================
 Package       Architecture    Version                    Repository       Size
================================================================================
Installing:
 tcsh          x86_64          6.20.00-10.fc29            fedora          431 k

Transaction Summary
================================================================================
Install  1 Package

Total download size: 431 k
Installed size: 1.2 M
Is this ok [y/N]: y
Downloading Packages:
tcsh-6.20.00-10.fc29.x86_64.rpm                 326 kB/s | 431 kB     00:01    
--------------------------------------------------------------------------------
Total                                           129 kB/s | 431 kB     00:03     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                        1/1 
  Installing       : tcsh-6.20.00-10.fc29.x86_64                            1/1 
  Running scriptlet: tcsh-6.20.00-10.fc29.x86_64                            1/1 
  Verifying        : tcsh-6.20.00-10.fc29.x86_64                            1/1 

Installed:
  tcsh-6.20.00-10.fc29.x86_64                                                   

Complete!

To see how far it could be pushed tried installing a big package, stellarium (122 packages), and that ran very smoothly.  It is not runnable - another chapter I guess - no X display.
# dnf remove stellarium
took care of it.
# exit <to leave container>

$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
23a1a062bdde        fedora:latest       "/bin/bash"         19 minutes ago      Exited (0) 19 seconds ago                       pedantic_sammet
6064d8abf9ac        hello-world         "/hello"            25 minutes ago      Exited (0) 25 minutes ago                       confident_kilby
64740c6ad06b        hello-world         "/hello"            26 minutes ago      Exited (0) 26 minutes ago                       gracious_keldysh
$ docker rm 6064d8abf9ac
6064d8abf9ac
$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
23a1a062bdde        fedora:latest       "/bin/bash"         22 minutes ago      Exited (0) 3 minutes ago                        pedantic_sammet
64740c6ad06b        hello-world         "/hello"            29 minutes ago      Exited (0) 29 minutes ago                       gracious_keldysh

$ docker inspect pedantic_sammet
[
    {
        "Id": "23a1a062bddeffa84ed58694c213a543ec4389bd9068473870ec88fed6f5b657",
        "Created": "2019-03-31T18:15:36.204923966Z",
        "Path": "/bin/bash",
        "Args": [],
        "State": {
            "Status": "exited",
            "Running": false,
[...]

$ docker inspect pedantic_sammet | grep NetworkID
                    "NetworkID": "9e0bdfab3882457b659a75af77481661ce6a19d0051fb6569caa1ab7e2f6a0c4",

$ docker restart 23a1a062bdde
23a1a062bdde
$
Not sure what that did.  Probably starts a stopped container or stops and starts it.

Re-enter the fedora container:
$ docker run -ti fedora:latest /bin/bash
[root@c70d49401bea /]# ls
bin   dev  home  lib64       media  opt   root  sbin  sys  usr
boot  etc  lib   lost+found  mnt    proc  run   srv   tmp  var
[root@c70d49401bea /]# cd bin
[root@c70d49401bea bin]# ll
total 26800
-rwxr-xr-x 1 root root   69776 Nov  7 15:14 '['
-rwxr-xr-x 1 root root      33 Jan 17 08:27  alias
-rwxr-xr-x 1 root root   77824 Jul 14  2018  applydeltarpm
-rwxr-xr-x 1 root root   46952 Nov  7 15:14  arch
[...]
-rwxr-xr-x 1 root root    2209 Jul 26  2018  zless
-rwxr-xr-x 1 root root    1845 Jul 26  2018  zmore
-rwxr-xr-x 1 root root    4556 Jul 26  2018  znew
[root@c70d49401bea bin]# ls | wc -l
375

$ docker run -it --name cowsay --hostname cowsay debian bash
Unable to find image 'debian:latest' locally
latest: Pulling from library/debian
e79bb959ec00: Pull complete 
Digest: sha256:724b0fbbda7fda6372ffed586670573c59e07a48c86d606bab05db118abe0ef5
Status: Downloaded newer image for debian:latest
root@cowsay:/# apt-get update
Get:1 http://security-cdn.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Get:3 http://security-cdn.debian.org/debian-security stretch/updates/main amd64 Packages [481 kB]
Ign:2 http://cdn-fastly.deb.debian.org/debian stretch InRelease                
Get:4 http://cdn-fastly.deb.debian.org/debian stretch-updates InRelease [91.0 kB]
Get:5 http://cdn-fastly.deb.debian.org/debian stretch-updates/main amd64 Packages [11.1 kB]
Get:6 http://cdn-fastly.deb.debian.org/debian stretch Release [118 kB]         
Get:7 http://cdn-fastly.deb.debian.org/debian stretch Release.gpg [2434 B]
Get:8 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 Packages [7084 kB]
Fetched 7881 kB in 3s (2441 kB/s)                     
Reading package lists... Done
root@cowsay:/# apt-get install -y cowsay fortune
[...]
root@cowsay:/# /usr/games/fortune | /usr/games/cowsay
 _________________________________________
/ Cheer Up! Things are getting worse at a \
\ slower rate.                            /
 -----------------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||
root@cowsay:/# 

That should do for this update.  docker is running fine.
Thanks again to Bruno for the tutorial.

Looks more than sufficient to me. Thanks for your help, Bruno.

Validating, but it still needs advisory information.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Adding the feedback keyword. Please remove it when the advisory info is available.

CC: (none) => davidwhodgins
Keywords: (none) => feedback

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2019-0180.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED