From 200d55ba2dac78642ccf283cc0f88726a1c7927c Mon Sep 17 00:00:00 2001
From: Vito Caputo <vito.caputo@coreos.com>
Date: Wed, 4 Feb 2015 17:58:16 -0500
Subject: [PATCH] docker: backport cgroups: systemd: DefaultDependencies=false

Part of fixing https://github.com/coreos/bugs/issues/186
---
 ...1.4.1-r3.ebuild => docker-1.4.1-r4.ebuild} |  0
 .../app-emulation/docker/docker-9999.ebuild   |  3 +
 ...set-DefaultDependencies-false-if-pos.patch | 88 +++++++++++++++++++
 3 files changed, 91 insertions(+)
 rename sdk_container/src/third_party/coreos-overlay/app-emulation/docker/{docker-1.4.1-r3.ebuild => docker-1.4.1-r4.ebuild} (100%)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-cgroups-systemd-set-DefaultDependencies-false-if-pos.patch

diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.4.1-r3.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.4.1-r4.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.4.1-r3.ebuild
rename to sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.4.1-r4.ebuild
diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild
index 949ac23819..6df179a1c2 100644
--- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild
@@ -141,6 +141,9 @@ src_prepare() {
 
 	# allow user patches (use sparingly - upstream won't support them)
 	epatch_user
+
+	# https://github.com/coreos/bugs/issues/186
+	epatch "${FILESDIR}"/0001-cgroups-systemd-set-DefaultDependencies-false-if-pos.patch
 }
 
 src_compile() {
diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-cgroups-systemd-set-DefaultDependencies-false-if-pos.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-cgroups-systemd-set-DefaultDependencies-false-if-pos.patch
new file mode 100644
index 0000000000..a673eee1d0
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-cgroups-systemd-set-DefaultDependencies-false-if-pos.patch
@@ -0,0 +1,88 @@
+From be952432f3ba855f5a931137349a14ed4ca8bce9 Mon Sep 17 00:00:00 2001
+From: Brandon Philips <brandon.philips@coreos.com>
+Date: Tue, 3 Feb 2015 20:43:21 -0500
+Subject: [PATCH] cgroups: systemd: set DefaultDependencies=false if possible
+
+The root problem this fixes is the docker daemon uses DefaulDependencies
+for all of its scopes which means that the containers get killed by
+systemd before the docker daemon is notified to shutdown. This means
+that a docker run in a service file won't get ordered properly on
+shutdown! This has affected many CoreOS users and is documented in
+systemd as so:
+
+"Unless DefaultDependencies=false is used, scope units will implicitly
+have dependencies of type Conflicts= and Before= on shutdown.target."
+
+Unfortunately, systemd didn't allow setting DefaultDependencies=false on
+transient units until today:
+
+    systemd-run --scope --property="DefaultDependencies=false" /usr/bin/sleep 50000
+    Unknown assignment DefaultDependencies=false.
+    Failed to create message: Invalid argument
+
+Fixed here:
+http://cgit.freedesktop.org/systemd/systemd/commit/?id=261420ba2a20305ad271b6f5f380aa74c5c9dd50
+
+Discussion with systemd upstream:
+http://lists.freedesktop.org/archives/systemd-devel/2014-December/026313.html
+http://lists.freedesktop.org/archives/systemd-devel/2015-February/027890.html
+
+Tested with docker and systemd master as of today and it work for me.
+
+Signed-off-by: Brandon Philips <brandon.philips@coreos.com>
+---
+ cgroups/systemd/apply_systemd.go | 24 +++++++++++++++++++++---
+ 1 file changed, 21 insertions(+), 3 deletions(-)
+
+diff --git a/vendor/src/github.com/docker/libcontainer/cgroups/systemd/apply_systemd.go b/vendor/src/github.com/docker/libcontainer/cgroups/systemd/apply_systemd.go
+index 3e7ad84..e250dd7 100644
+--- a/vendor/src/github.com/docker/libcontainer/cgroups/systemd/apply_systemd.go
++++ b/vendor/src/github.com/docker/libcontainer/cgroups/systemd/apply_systemd.go
+@@ -28,9 +28,10 @@ type subsystem interface {
+ }
+ 
+ var (
+-	connLock              sync.Mutex
+-	theConn               *systemd.Conn
+-	hasStartTransientUnit bool
++	connLock                        sync.Mutex
++	theConn                         *systemd.Conn
++	hasStartTransientUnit           bool
++	hasTransientDefaultDependencies bool
+ )
+ 
+ func newProp(name string, units interface{}) systemd.Property {
+@@ -64,6 +65,18 @@ func UseSystemd() bool {
+ 			if dbusError, ok := err.(dbus.Error); ok {
+ 				if dbusError.Name == "org.freedesktop.DBus.Error.UnknownMethod" {
+ 					hasStartTransientUnit = false
++					return hasStartTransientUnit
++				}
++			}
++		}
++
++		// Assume StartTransientUnit on a scope allows DefaultDependencies
++		hasTransientDefaultDependencies = true
++		ddf := newProp("DefaultDependencies", false)
++		if _, err := theConn.StartTransientUnit("docker-systemd-test-default-dependencies.scope", "replace", ddf); err != nil {
++			if dbusError, ok := err.(dbus.Error); ok {
++				if dbusError.Name == "org.freedesktop.DBus.Error.PropertyReadOnly" {
++					hasTransientDefaultDependencies = false
+ 				}
+ 			}
+ 		}
+@@ -108,6 +121,11 @@ func Apply(c *vendor/src/github.com/docker/libcontainer/cgroups.Cgroup, pid int) (map[string]string, error) {
+ 		newProp("CPUAccounting", true),
+ 		newProp("BlockIOAccounting", true))
+ 
++	if hasTransientDefaultDependencies {
++		properties = append(properties,
++			newProp("DefaultDependencies", false))
++	}
++
+ 	if c.Memory != 0 {
+ 		properties = append(properties,
+ 			newProp("MemoryLimit", uint64(c.Memory)))
+-- 
+2.1.4
+