Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 events occurring around b548aee2ebc9c1d0.
|
2022-09-04
| ||
| 01:39 | Referencing the new containers.md file from Dockerfile.in so we can remove a big redundant block comment from it. While in there, made a few style tweaks that will help the ongoing container document expansion. ... (check-in: be8f721d61 user: wyoung tags: trunk) | |
|
2022-09-03
| ||
| 23:34 | Extracted the Docker containers material from www/build.wiki and moved it into a new document dedicated to the topic, containers.md. It was already pushing the bounds of how much info we want to provide in a single section of that doc, and it's about to get bigger. As part of the conversion from wiki format to Markdown, did another edit pass on the doc, improving a few things along the way. Dropped the "docker-" prefix from all internal IDs, as we no longer need them to disambiguate references to other parts of the build doc. ... (check-in: 7129dc9868 user: wyoung tags: trunk) | |
|
2022-09-01
| ||
| 16:05 | Address builtin_deliver_multiple_js_files() endless loop reported in [forum:a9a60fab07|forum post a9a60fab07]. ... (check-in: 76c9bbb3bd user: stephan tags: trunk) | |
| 10:52 | Add aliases as a new command type and display these next to the corresponding main command in /help. Make sure that for the 'test-all-help' command and webpage each help string is output at most once. ... (check-in: db70849495 user: danield tags: trunk) | |
| 01:29 | Merge in trunk. Resolve a shadowed var in dispatch.c which led to an assigned-but-not-used warning. ... (Closed-Leaf check-in: a257fbd92e user: stephan tags: help-aliases-unique) | |
|
2022-08-30
| ||
| 12:50 | • Edit [b04740bd75600c30|b04740bd75]: Mark "Closed". ... (artifact: 54ece50e6c user: stephan) | |
| 01:49 | Embroidered the "make container-run" target to make it more convenient. ... (check-in: bc09e28a26 user: wyoung tags: trunk) | |
|
2022-08-29
| ||
| 18:21 | The container doc bit on raw sockets now covers the other three Busybox utilities we left out previously. Today's removal of ping and traceroute merely completes the set; it wasn't complete in itself. ... (check-in: b429bd71db user: wyoung tags: trunk) | |
| 18:07 | Clarified the points in §5.2.1 of the Docker container build doc regarding the reason why the server parent process runs as root. ... (check-in: c2eaa60da9 user: wyoung tags: trunk) | |
| 17:54 | Researched, tested, and documented the set of "docker create --cap-drop" options we can add to strip away unnecessary root privileges inside the container without harming normal operation. Belt-and-suspenders: if any bad actor ever got into the container with root privileges, this would help prevent them from affecting anything outside the container. Added that set to the "make container-run" target so they get applied by default in the easy case. ... (check-in: f715add938 user: wyoung tags: trunk) | |
| 17:32 | Removed ping and traceroute commands from the Docker container. They require raw sockets support, which means if anyone broke into the container and managed a root privilege escalation, they could do a wide array of bad things on any network the container is bound to. ... (check-in: f00a88f896 user: wyoung tags: trunk) | |
| 16:01 | Polishing pass on §5.2 of the container build doc, "Why Chroot?" ... (check-in: e98603144b user: wyoung tags: trunk) | |
| 14:27 | Add a missing closing LI tag for the /tkthistory page. ... (check-in: 2d0b2bda87 user: george tags: deltify-tkt-blobs) | |
| 14:03 | Minor optimization within <code>getAllTicketFields()</code> function. ... (check-in: c3e7ed3089 user: george tags: deltify-tkt-blobs) | |
|
2022-08-28
| ||
| 17:58 | Clarified the parent process user ID vs the child process in the explanation of how the chroot feature interacts with the custom user feature of the Docker container. ... (check-in: f9ddd38ecc user: wyoung tags: trunk) | |
| 17:52 | Made a better distinction between bind mounts and Docker volumes in the new Docker section of the build doc. ... (check-in: 958a6af94b user: wyoung tags: trunk) | |
|
2022-08-25
| ||
| 12:39 | • Changes to wiki page "To Do List" ... (artifact: 9d9aa4ba2a user: stephan) | |
|
2022-08-24
| ||
| 07:42 | • Edit [b04740bd75600c30|b04740bd75]: Move to branch mistake. Edit check-in comment. ... (artifact: ce0e3724a3 user: stephan) | |
| 06:52 | Add a slight drop shadow to the /chat message widgets. Edit: we already had a drop shadow, just placed on a different sub-element. ... (Closed-Leaf check-in: b04740bd75 user: stephan tags: mistake) | |
|
2022-08-23
| ||
| 11:14 | Correct a NULL being passed to strcmp() which caused any submit of JS script code in the skin editor to segfault. Reported in [forum:9d9f0580fd | forum post 9d9f0580fd]. ... (check-in: a88478391e user: stephan tags: trunk) | |
|
2022-08-22
| ||
| 18:27 | Make it possible to store similar ticket change artifacts as deltas. This might be useful when a certain column of the <var>TICKET</var> table holds a lengthy text that may undergo frequent modifications. This is an opt-in feature. It is activated only when <var>TICKET</var> table contains a phony <code>INTEGER</code> column <code>"baseline for $name"</code> where <code>$name</code> stands for the name of the actual column provisioned for the aforementioned frequently changing text. ... (check-in: 0f4a0fe82a user: george tags: deltify-tkt-blobs) | |
|
2022-08-19
| ||
| 04:42 | Fix the logic to cancel default actions and further event bubbling to take effect for all handled keys. ... (check-in: 9cfd4e2b23 user: florian tags: timeline-keyboard-navigation) | |
|
2022-08-18
| ||
| 13:21 | Add the "Timeline" submenu link on the setup_edit page, for ordinary users. Change the "Access Log" link on that same page so that it is only present for ordinary users - not special users like "reader" or "developer". ... (check-in: 6f70a236ce user: drh tags: trunk) | |
|
2022-08-17
| ||
| 05:30 | Removed a digression in the gitusers doc about Fossil's new clone-and-open mechanisms. That got moved to the ckout-workflows doc quite some time back, and we already point to it from that same section. There's no reason for the redundancy. Also cleaned up some grammar and typos while in there. ... (check-in: f43eaf01e3 user: wyoung tags: trunk) | |
|
2022-08-16
| ||
| 20:54 | • Edit [8849abb733c619b8|8849abb733]: Edit check-in comment. ... (artifact: b548aee2eb user: wyoung) | |
| 11:05 | Changed the "fossil server --user" flag's argument back to "admin" from "fossil" for the container: I was confusing the Unix user name with the default Fossil repo user name. The new "adduser fossil" stuff doesn't help here; we still want it to be called "admin". ... (check-in: 72d820f320 user: wyoung tags: trunk) | |
| 11:04 | ARM build fixes for the container: * QEMU couldn't cope with "make -j" on the BusyBox step (too many processes) so I changed it to -j11 * Made the new executable compression step conditional, since there is no upx package in Alpine for either ARM flavor. There's [https://github.com/upx/upx/issues/441 | a long bug thread] for it on GitHub, which doesn't look to be getting resolved any time soon. ... (check-in: 8849abb733 user: wyoung tags: trunk) | |
| 09:39 | Minor fixes to the Docker container build process ... (check-in: 454397b0cd user: wyoung tags: trunk) | |
| 07:14 | URL fix necessitated from the Dockerfile.in rename ... (check-in: 2f67bf941a user: wyoung tags: trunk) | |
| 07:03 | Carved the Docker container image size down still further by stripping out all but two of the stock skins (d* so we get default and darkmode) and packing Fossil and BusyBox with UPX. ... (check-in: e20d044cc0 user: wyoung tags: trunk) | |
| 06:49 | Fixed an Obi Wan error in the new Fossil version prefix stuff in auto.def: it was extracting the first 13 characters of the hash, not the first 12. ... (check-in: 7ecd23e0ef user: wyoung tags: trunk) | |
|
2022-08-15
| ||
| 23:21 | Added the container-image and container-run top-level build targets to manage dependencies better and to auto-version the build products. ... (check-in: 67386c75f5 user: wyoung tags: trunk) | |
| 23:07 | Put the "--user fossil" bit back into the fossil server command for the container. Just ran into a situations where it's still needed. ... (check-in: 4c8cc80450 user: wyoung tags: trunk) | |
| 22:13 | Polishing pass on the container repo storage section of the build docs. ... (check-in: 3e332637f1 user: wyoung tags: trunk) | |
| 22:02 | Changed several of the Docker environment variables to build arguments so the user an override them at build time rather than container creation time, and documented them in build.wiki. Using this new mechanism to pull the Fossil source tarball in such a way that we can use the Docker artifact cache without getting stale builds. You can now pass one of the new build args to force the old behavior if you want it. This required generating Dockerfile from Dockerfile.in at configure time, to inject the current Fossil checkin ID. (This busts the Docker cache when the source tree changes.) ... (check-in: f938438380 user: wyoung tags: trunk) | |
| 15:32 | Adding the BusyBox tarball to the container image with an ADD command rather than wget to avoid triggering GitHub throttling. Unlike the Fossil repo URL, it has a version number baked into it, so it's safe to give it over to Docker's caching behavior. ... (check-in: d06d7c464e user: wyoung tags: trunk) | |
| 14:48 | Noted the container size shrinkage in the fossil-v-git doc ... (check-in: f21de33e97 user: wyoung tags: trunk) | |
| 14:42 | The container now builds Busybox from source so we can remove utilities that are unhelpful inside the container. We leave a lot behind for expansion (e.g. the runit init system, crond, inetd…) but we remove things that have no possible justification, such as modprobe. We remove everything from /bin that's a shell builtin (echo, printf, test…) and we replace a few BusyBox commands (sha[13]sum) with wrapper shell scripts that call Fossil builtins. We cap that off by adding a "sqlite3" wrapper that calls "fossil sqlite3 --no-repository", just for fun. All together, this trims about a meg of fat. ... (check-in: 953f367e94 user: wyoung tags: trunk) | |
| 10:28 | Add #ifdef's to fix the Windows build. ... (check-in: f572f7524d user: florian tags: trunk) | |
| 10:25 | Simplification and harmonisation of the help text. ... (check-in: 6d10841735 user: florian tags: timeline-keyboard-navigation) | |
| 10:21 | Also disable shortcut handling if the View Style drop-down list has keyboard focus. ... (check-in: f419c7ebe7 user: florian tags: timeline-keyboard-navigation) | |
|
2022-08-14
| ||
| 19:53 | The chown -R bit added to the Dockerfile touches /jail/bin/fossil, which causes "docker build" to promote it back into a new layer, nearly doubling the container size. Doing a chown now only on two directories, restoring it to its sub-9M size. ... (check-in: 00cc9c3eb1 user: wyoung tags: trunk) | |
| 19:42 | Fossil's chroot feature drops root permissions based on file ownership, but since the container was built with everything-root, its HTTP hit handling children would run as whatever host-side UID/GID pair you used for file ownership. What happened next was complex. If you let the container create the repo internally, it would be owned as root, so it would drop root permissions for…root! This isn't super-bad, since Fossil is presumed secure and is double-jailed besides. The risk is, if anyone works out an RCE for Fossil, they might be able to get it to create raw sockets or do various other types of escapes despite the double-jail dance. Attaching a Docker volume brings external permisssions into the container. We were recommending a "chown 0" command on the shared volume to make it similar to the in-container case, but that opens you to the same risks above. If you ignored this and used host-side UID/GID pairs, Fossil would then be left running under IDs that didn't exist internally, which could cause assorted weirdness. We're now creating an explicit "fossil" user/group pair inside the container and recommending that Docker volumes use these IDs for copied-in files to batten down something that shouldn't've been left flapping. Updated build.wiki to cover all this. ... (check-in: ba21bc0b8f user: wyoung tags: trunk) | |
| 19:33 | Resolved timeline segfault reported in [forum:0bbb66eee4ba35db|forum post 0bbb66eee4ba35db], triggered by entries with NULL checkin messages. ... (check-in: 20eab78592 user: stephan tags: trunk) | |
| 18:48 | Moved the SIGTERM handler up before the "fossil server" HTTP hit handler. We had it clustered with the other signal() calls, but those are to handle signals intended to occur only during CGI processing. This one will normally occur while we're blocked, waiting for the HTTP hit to occur, so it had no useful effect where it was. ... (check-in: d3c55fe024 user: wyoung tags: trunk) | |
| 18:01 | Changed previous to call fossil_exit() instead of exit(3) so we close our databases before dying. ... (check-in: 7c857d2233 user: wyoung tags: trunk) | |
| 17:59 | The parent process now handles SIGTERM with an explicit exit(3) call when its PID is 1, as when it's running as "fossil server" in a Docker container. Without this, the container host's shutdown process takes a long time because it's waiting on PID 1 to die and eventually has to time out and kill it. ... (check-in: 1d09e60739 user: wyoung tags: trunk) | |
| 16:19 | Markup fix ... (check-in: cf1497877a user: wyoung tags: trunk) | |
| 16:18 | Clarified the fact that the "docker cp" command is changing the name of the repository DB file. ... (check-in: f0b15a37fc user: wyoung tags: trunk) | |
| 16:15 | Slight emphasis fix in previous ... (check-in: 1441c2e6d3 user: wyoung tags: trunk) | |