operating-system

Home-Assistant/operating-system

Fork 0

mirror of https://github.com/home-assistant/operating-system.git synced 2026-04-17 07:34:11 +01:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Stefan Agner	50c1efdb3a	Add patches with fixes for Docker engine (#4605 ) This adds two patches with fixes/improvements for the Docker engine - `0001-daemon-respect-explicit-AppArmor-profile-on-privileg.patch`: Makes sure that AppArmor rules are always loaded, also on reboot. This is a long standing bug in Docker and affects Supervisor which is a privileged container with an AppArmor profile. Upstream PR: https://github.com/moby/moby/pull/52215 - `0002-bridge-protect-bridge-subnet-from-direct-external-ac.patch`: Makes sure that the whole network (including gateway IP) of any Docker bridge network in NAT mode is firewalled from access from the outside. This essentially implements on Docker level what Supervisor applies on startup with https://github.com/home-assistant/supervisor/pull/6650. Upstream PR: https://github.com/moby/moby/pull/52224.	2026-03-30 11:25:00 +02:00
Jan Čermák	fd8dc64d0d	Remove Docker patch already included in v28.5.2 (#4398 ) This reverts commit `b3a9e76521`.	2025-11-11 21:09:36 +01:00
Jan Čermák	b3a9e76521	Fix Docker issue that could cause slow system startup (#4369 ) A bug introduced in Docker v28.2+ can cause slow container restart in some cases because of usage of IPv4 mapped IPv6 addresses in iptables command. Backport a simple patch from upstream to fix it before we bump to a newer Docker version. Fixes #4363	2025-10-29 13:50:49 +01:00

Stefan Agner

50c1efdb3a

Add patches with fixes for Docker engine (#4605 )

This adds two patches with fixes/improvements for the Docker engine

- `0001-daemon-respect-explicit-AppArmor-profile-on-privileg.patch`:
  Makes sure that AppArmor rules are always loaded, also on reboot. This
  is a long standing bug in Docker and affects Supervisor which is a
  privileged container with an AppArmor profile.
  Upstream PR: https://github.com/moby/moby/pull/52215
- `0002-bridge-protect-bridge-subnet-from-direct-external-ac.patch`:
  Makes sure that the whole network (including gateway IP) of any Docker
  bridge network in NAT mode is firewalled from access from the outside.
  This essentially implements on Docker level what Supervisor applies on
  startup with https://github.com/home-assistant/supervisor/pull/6650.
  Upstream PR: https://github.com/moby/moby/pull/52224.

2026-03-30 11:25:00 +02:00

Jan Čermák

fd8dc64d0d

Remove Docker patch already included in v28.5.2 (#4398 )

This reverts commit b3a9e76521.

2025-11-11 21:09:36 +01:00

Jan Čermák

b3a9e76521

Fix Docker issue that could cause slow system startup (#4369 )

A bug introduced in Docker v28.2+ can cause slow container restart in some
cases because of usage of IPv4 mapped IPv6 addresses in iptables command.
Backport a simple patch from upstream to fix it before we bump to a newer
Docker version.

Fixes #4363

2025-10-29 13:50:49 +01:00

3 Commits