From 710a40db6f390810f2e1094964df272888314f1e Mon Sep 17 00:00:00 2001 From: Brandon Philips Date: Tue, 15 Jul 2014 12:15:56 -0700 Subject: [PATCH] app-emulation/docker: make the docker socket protected --- .../docker/{docker-1.1.1.ebuild => docker-1.1.1-r1.ebuild} | 0 .../coreos-overlay/app-emulation/docker/files/docker.service | 1 + .../coreos-overlay/app-emulation/docker/files/docker.socket | 3 +++ 3 files changed, 4 insertions(+) rename sdk_container/src/third_party/coreos-overlay/app-emulation/docker/{docker-1.1.1.ebuild => docker-1.1.1-r1.ebuild} (100%) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.1.1.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.1.1-r1.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.1.1.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.1.1-r1.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service index 89c292ad3b..115f1ad6b6 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service @@ -1,6 +1,7 @@ [Unit] Description=Docker Application Container Engine Documentation=http://docs.docker.io +Requires=docker.socket [Service] Environment="TMPDIR=/var/tmp/" diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket index 3635c89385..1d541d11b3 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket @@ -2,6 +2,9 @@ Description=Docker Socket for the API [Socket] +SocketMode=0660 +SocketUser=docker +SocketGroup=docker ListenStream=/var/run/docker.sock [Install]