summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2019-07-12 10:33:18 +0200
committerGitHub <noreply@github.com>2019-07-12 10:33:18 +0200
commit6f3e7f7eccdfed03d3d617a9040d5e0b844ea637 (patch)
tree2632afdbee8c1f480ae515453161b65d89866d69
parent20f11718def2a5bf5af96363e9c7082ba48077f4 (diff)
parent369f8b8862e8918a011290311e44c1691f699c58 (diff)
downloadpodman-6f3e7f7eccdfed03d3d617a9040d5e0b844ea637.tar.gz
podman-6f3e7f7eccdfed03d3d617a9040d5e0b844ea637.tar.bz2
podman-6f3e7f7eccdfed03d3d617a9040d5e0b844ea637.zip
Merge pull request #3557 from rhatdan/env
Add support for --env-host
-rw-r--r--CONTRIBUTING.md2
-rw-r--r--cmd/podman/common.go3
-rw-r--r--cmd/podman/shared/create.go10
-rw-r--r--cmd/podman/shared/intermediate.go1
-rw-r--r--cmd/podman/shared/parse/parse.go19
-rw-r--r--cmd/podman/system_df.go2
-rw-r--r--completions/bash/podman1
-rw-r--r--docs/podman-build.1.md14
-rw-r--r--docs/podman-cp.1.md2
-rw-r--r--docs/podman-create.1.md29
-rw-r--r--docs/podman-generate-kube.1.md2
-rw-r--r--docs/podman-generate-systemd.1.md2
-rw-r--r--docs/podman-image-sign.1.md6
-rw-r--r--docs/podman-load.1.md2
-rw-r--r--docs/podman-mount.1.md2
-rw-r--r--docs/podman-play-kube.1.md2
-rw-r--r--docs/podman-pod-create.1.md2
-rw-r--r--docs/podman-pod-stats.1.md2
-rw-r--r--docs/podman-run.1.md30
-rw-r--r--docs/podman-stats.1.md2
-rw-r--r--docs/podman-system-df.1.md2
-rw-r--r--docs/podman-volume-inspect.1.md2
-rw-r--r--install.md2
-rw-r--r--rootless.md2
-rw-r--r--test/e2e/run_test.go16
25 files changed, 119 insertions, 40 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 59b0a88da..07b2b3584 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -376,7 +376,7 @@ author hold special privileges on the github repository. Others can be used by
will cause Cirrus CI to ***NOT*** execute tests for the PR or after merge. This
is useful in only one instance: Your changes are absolutely not exercised by
any test. For example, documentation changes. ***IMPORTANT NOTE*** **Other
- automation may interpret the lack of test results as "PASSED" and unintentionall
+ automation may interpret the lack of test results as "PASSED" and unintentional
merge a PR. Consider also using `/hold` in a comment, to add additional
protection.**
diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index 50f3d9a7b..96a1c2244 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -221,6 +221,9 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"env", "e", []string{},
"Set environment variables in container",
)
+ createFlags.Bool(
+ "env-host", false, "Use all current host environment variables in container",
+ )
createFlags.StringSlice(
"env-file", []string{},
"Read in a file of environment variables",
diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go
index 60a01ff6d..be1a731cc 100644
--- a/cmd/podman/shared/create.go
+++ b/cmd/podman/shared/create.go
@@ -482,6 +482,16 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
// ENVIRONMENT VARIABLES
env := EnvVariablesFromData(data)
+ if c.Bool("env-host") {
+ for _, e := range os.Environ() {
+ pair := strings.SplitN(e, "=", 2)
+ if _, ok := env[pair[0]]; !ok {
+ if len(pair) > 1 {
+ env[pair[0]] = pair[1]
+ }
+ }
+ }
+ }
if err := parse.ReadKVStrings(env, c.StringSlice("env-file"), c.StringArray("env")); err != nil {
return nil, errors.Wrapf(err, "unable to process environment variables")
}
diff --git a/cmd/podman/shared/intermediate.go b/cmd/podman/shared/intermediate.go
index eecd1604c..855f84086 100644
--- a/cmd/podman/shared/intermediate.go
+++ b/cmd/podman/shared/intermediate.go
@@ -393,6 +393,7 @@ func NewIntermediateLayer(c *cliconfig.PodmanCommand, remote bool) GenericCLIRes
m["dns-search"] = newCRStringSlice(c, "dns-search")
m["entrypoint"] = newCRString(c, "entrypoint")
m["env"] = newCRStringArray(c, "env")
+ m["env-host"] = newCRBool(c, "env-host")
m["env-file"] = newCRStringSlice(c, "env-file")
m["expose"] = newCRStringSlice(c, "expose")
m["gidmap"] = newCRStringSlice(c, "gidmap")
diff --git a/cmd/podman/shared/parse/parse.go b/cmd/podman/shared/parse/parse.go
index 7bc2652cb..a77002235 100644
--- a/cmd/podman/shared/parse/parse.go
+++ b/cmd/podman/shared/parse/parse.go
@@ -112,9 +112,22 @@ func parseEnv(env map[string]string, line string) error {
if len(data) > 1 {
env[name] = data[1]
} else {
- // if only a pass-through variable is given, clean it up.
- val, _ := os.LookupEnv(name)
- env[name] = val
+ if strings.HasSuffix(name, "*") {
+ name = strings.TrimSuffix(name, "*")
+ for _, e := range os.Environ() {
+ part := strings.SplitN(e, "=", 2)
+ if len(part) < 2 {
+ continue
+ }
+ if strings.HasPrefix(part[0], name) {
+ env[part[0]] = part[1]
+ }
+ }
+ } else {
+ // if only a pass-through variable is given, clean it up.
+ val, _ := os.LookupEnv(name)
+ env[name] = val
+ }
}
return nil
}
diff --git a/cmd/podman/system_df.go b/cmd/podman/system_df.go
index 85554bf05..5b5655dc9 100644
--- a/cmd/podman/system_df.go
+++ b/cmd/podman/system_df.go
@@ -546,7 +546,7 @@ func imagesVerboseOutput(ctx context.Context, metaData dfMetaData) error {
"Created": "CREATED",
"Size": "SIZE",
"SharedSize": "SHARED SIZE",
- "UniqueSize": "UNQUE SIZE",
+ "UniqueSize": "UNIQUE SIZE",
"Containers": "CONTAINERS",
}
imagesVerboseDiskUsage, err := getImageVerboseDiskUsage(ctx, metaData.images, metaData.imagesUsedbyCtrMap)
diff --git a/completions/bash/podman b/completions/bash/podman
index 65c6308cc..2b9254d47 100644
--- a/completions/bash/podman
+++ b/completions/bash/podman
@@ -1740,6 +1740,7 @@ _podman_container_run() {
--dns-search
--entrypoint
--env -e
+ --env-host
--env-file
--expose
--gidmap
diff --git a/docs/podman-build.1.md b/docs/podman-build.1.md
index 120573235..c4667070d 100644
--- a/docs/podman-build.1.md
+++ b/docs/podman-build.1.md
@@ -339,7 +339,7 @@ environment variable. `export BUILDAH_RUNTIME=/usr/local/bin/runc`
**--runtime-flag**=*flag*
-Adds global flags for the container rutime. To list the supported flags, please
+Adds global flags for the container runtime. To list the supported flags, please
consult the manpages of the selected container runtime (`runc` is the default
runtime, the manpage to consult is `runc(8)`).
@@ -394,7 +394,7 @@ Require HTTPS and verify certificates when talking to container registries (defa
Specifies resource limits to apply to processes launched when processing `RUN` instructions.
This option can be specified multiple times. Recognized resource types
include:
- "core": maximimum core dump size (ulimit -c)
+ "core": maximum core dump size (ulimit -c)
"cpu": maximum CPU time (ulimit -t)
"data": maximum size of a process's data segment (ulimit -d)
"fsize": maximum size of new files (ulimit -f)
@@ -422,7 +422,7 @@ process.
**--userns-uid-map**=*mapping*
Directly specifies a UID mapping which should be used to set ownership, at the
-filesytem level, on the working container's contents.
+filesystem level, on the working container's contents.
Commands run when handling `RUN` instructions will default to being run in
their own user namespaces, configured using the UID and GID maps.
@@ -443,7 +443,7 @@ use the same numeric values as the GID map.
**--userns-gid-map**=*mapping*
Directly specifies a GID mapping which should be used to set ownership, at the
-filesytem level, on the working container's contents.
+filesystem level, on the working container's contents.
Commands run when handling `RUN` instructions will default to being run in
their own user namespaces, configured using the UID and GID maps.
@@ -464,7 +464,7 @@ use the same numeric values as the UID map.
**--userns-uid-map-user**=*user*
Specifies that a UID mapping which should be used to set ownership, at the
-filesytem level, on the working container's contents, can be found in entries
+filesystem level, on the working container's contents, can be found in entries
in the `/etc/subuid` file which correspond to the specified user.
Commands run when handling `RUN` instructions will default to being run in
their own user namespaces, configured using the UID and GID maps.
@@ -475,7 +475,7 @@ suitable user name to use as the default setting for this option.
**--userns-gid-map-group**=*group*
Specifies that a GID mapping which should be used to set ownership, at the
-filesytem level, on the working container's contents, can be found in entries
+filesystem level, on the working container's contents, can be found in entries
in the `/etc/subgid` file which correspond to the specified group.
Commands run when handling `RUN` instructions will default to being run in
their own user namespaces, configured using the UID and GID maps.
@@ -565,7 +565,7 @@ Use `df <source-dir>` to determine the source mount and then use
`findmnt -o TARGET,PROPAGATION <source-mount-dir>` to determine propagation
properties of source mount, if `findmnt` utility is not available, the source mount point
can be determined by looking at the mount entry in `/proc/self/mountinfo`. Look
-at `optional fields` and see if any propagaion properties are specified.
+at `optional fields` and see if any propagation properties are specified.
`shared:X` means the mount is `shared`, `master:X` means the mount is `slave` and if
nothing is there that means the mount is `private`.
diff --git a/docs/podman-cp.1.md b/docs/podman-cp.1.md
index bc9f17520..178a05018 100644
--- a/docs/podman-cp.1.md
+++ b/docs/podman-cp.1.md
@@ -7,7 +7,7 @@ podman\-cp - Copy files/folders between a container and the local filesystem
**podman cp** [*options*] [*container*:]*src_path* [*container*:]*dest_path*
## DESCRIPTION
-Copies the contents of **src_path** to the **dest_path**. You can copy from the containers's filesystem to the local machine or the reverse, from the local filesystem to the container.
+Copies the contents of **src_path** to the **dest_path**. You can copy from the container's filesystem to the local machine or the reverse, from the local filesystem to the container.
If - is specified for either the SRC_PATH or DEST_PATH, you can also stream a tar archive from STDIN or to STDOUT.
The CONTAINER can be a running or stopped container. The **src_path** or **dest_path** can be a file or directory.
diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md
index a34111a03..87e18dbb9 100644
--- a/docs/podman-create.1.md
+++ b/docs/podman-create.1.md
@@ -245,13 +245,17 @@ You need to specify multi option commands in the form of a json string.
Set environment variables
-This option allows you to specify arbitrary
-environment variables that are available for the process that will be launched
-inside of the container.
+This option allows you to specify arbitrary environment variables that are available for the process that will be launched inside of the container. If you specify a environment variable without a value, podman will check the host environment for a value or set the environment to "". If you specify a environment variable ending in --*--, podman will search the host environment for variables starting with the prefix and add them to the container. If you want to add an environment variable with a ***** following it, then you need to set a value.
+
+See **Environment** note below for precedence.
+
+**--env-host**=*true|false*
+
+Use host environment inside of the container. See **Environment** note below for precedence.
**--env-file**=*file*
-Read in a line delimited file of environment variables
+Read in a line delimited file of environment variables. See **Environment** note below for precedence.
**--expose**=*port*
@@ -312,7 +316,7 @@ those. This option is only needed when the host system must use a proxy but
the container should not use any proxy. Proxy environment variables specified
for the container in any other way will override the values that would have
been passed thru from the host. (Other ways to specify the proxy for the
-container include passing the values with the `--env` flag, or hardcoding the
+container include passing the values with the `--env` flag, or hard coding the
proxy environment at container build time.)
For example, to disable passing these environment variables from host to
@@ -630,7 +634,7 @@ Security Options
"seccomp=unconfined" : Turn off seccomp confinement for the container
"seccomp=profile.json : White listed syscalls seccomp Json file to be used as a seccomp filter
-Note: Labelling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file.
+Note: Labeling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file.
**--shm-size**=*size*
@@ -903,6 +907,19 @@ The fuse-overlay package provides a userspace overlay storage driver, otherwise
the vfs storage driver, which is diskspace expensive and does not perform well. slirp4netns is
required for VPN, without it containers need to be run with the --net=host flag.
+## ENVIRONMENT
+
+Environment variables within containers can be set using multiple different options: This section describes the precedence.
+
+Precedence Order:
+ **--env-host** : Host environment of the process executing podman is added.
+
+ Container image : Any environment variables specified in the container image.
+
+ **--env-file** : Any environment variables specified via env-files. If multiple files specified, then they override each other in order of entry.
+
+ **--env** : Any environment variables specified will override previous settings.
+
## FILES
**/etc/subuid**
diff --git a/docs/podman-generate-kube.1.md b/docs/podman-generate-kube.1.md
index 76baad83a..93f746664 100644
--- a/docs/podman-generate-kube.1.md
+++ b/docs/podman-generate-kube.1.md
@@ -147,4 +147,4 @@ status:
podman(1), podman-container(1), podman-pod(1), podman-play-kube(1)
## HISTORY
-Decemeber 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)
+December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)
diff --git a/docs/podman-generate-systemd.1.md b/docs/podman-generate-systemd.1.md
index 64e68a69a..ea72fdfae 100644
--- a/docs/podman-generate-systemd.1.md
+++ b/docs/podman-generate-systemd.1.md
@@ -23,7 +23,7 @@ Use the name of the container for the start, stop, and description in the unit f
Override the default stop timeout for the container with the given value.
**--restart-policy**=*policy*
-Set the SystemD restart policy. The restart-policy must be one of: "no", "on-success", "on-failure", "on-abnormal",
+Set the systemd restart policy. The restart-policy must be one of: "no", "on-success", "on-failure", "on-abnormal",
"on-watchdog", "on-abort", or "always". The default policy is *on-failure*.
## Examples
diff --git a/docs/podman-image-sign.1.md b/docs/podman-image-sign.1.md
index c425fcf2e..61df3b3bd 100644
--- a/docs/podman-image-sign.1.md
+++ b/docs/podman-image-sign.1.md
@@ -7,7 +7,7 @@ podman-image-sign - Create a signature for an image
**podman image sign** [*options*] *image* [*image* ...]
## DESCRIPTION
-**podmain image sign** will create a local signature for one or more local images that have
+**podman image sign** will create a local signature for one or more local images that have
been pulled from a registry. The signature will be written to a directory
derived from the registry configuration files in /etc/containers/registries.d. By default, the signature will be written into /var/lib/containers/sigstore directory.
@@ -39,8 +39,8 @@ docker:
privateregistry.example.com:
sigstore: file:///var/lib/containers/sigstore
-When signing an image preceeded with the registry name 'privateregistry.example.com',
-the signature will be written into subdirectories of
+When signing an image preceded with the registry name 'privateregistry.example.com',
+the signature will be written into sub-directories of
/var/lib/containers/sigstore/privateregistry.example.com. The use of 'sigstore' also means
the signature will be 'read' from that same location on a pull-related function.
diff --git a/docs/podman-load.1.md b/docs/podman-load.1.md
index 0a47c18c1..6643538ce 100644
--- a/docs/podman-load.1.md
+++ b/docs/podman-load.1.md
@@ -8,7 +8,7 @@ podman\-load - Load an image from a container image archive into container stora
## DESCRIPTION
**podman load** loads an image from either an **oci-archive** or **docker-archive** stored on the local machine into container storage. **podman load** reads from stdin by default or a file if the **input** option is set.
-You can also specify a name for the image if the archive does not contain a named reference, of if you want an additonal name for the local image.
+You can also specify a name for the image if the archive does not contain a named reference, of if you want an additional name for the local image.
The **quiet** option suppresses the progress output when set.
Note: `:` is a restricted character and cannot be part of the file name.
diff --git a/docs/podman-mount.1.md b/docs/podman-mount.1.md
index 6b8eb77d9..2722f460c 100644
--- a/docs/podman-mount.1.md
+++ b/docs/podman-mount.1.md
@@ -1,7 +1,7 @@
% podman-mount(1)
## NAME
-podman\-mount - Mount the specifed working containers' root filesystem
+podman\-mount - Mount the specified working containers' root filesystem
## SYNOPSIS
**podman mount** [*container* ...]
diff --git a/docs/podman-play-kube.1.md b/docs/podman-play-kube.1.md
index f9a867b44..2fae09199 100644
--- a/docs/podman-play-kube.1.md
+++ b/docs/podman-play-kube.1.md
@@ -62,4 +62,4 @@ $ podman play kube demo.yml
podman(1), podman-container(1), podman-pod(1), podman-generate-kube(1), podman-play(1)
## HISTORY
-Decemeber 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)
+December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)
diff --git a/docs/podman-pod-create.1.md b/docs/podman-pod-create.1.md
index 009a93019..cd1de6401 100644
--- a/docs/podman-pod-create.1.md
+++ b/docs/podman-pod-create.1.md
@@ -64,7 +64,7 @@ NOTE: This cannot be modified once the pod is created.
**--share**=*namespace*
-A comma deliminated list of kernel namespaces to share. If none or "" is specified, no namespaces will be shared. The namespaces to choose from are ipc, net, pid, user, uts.
+A comma delimited list of kernel namespaces to share. If none or "" is specified, no namespaces will be shared. The namespaces to choose from are ipc, net, pid, user, uts.
The operator can identify a pod in three ways:
UUID long identifier (“f78375b1c487e03c9438c729345e54db9d20cfa2ac1fc3494b6eb60872e74778”)
diff --git a/docs/podman-pod-stats.1.md b/docs/podman-pod-stats.1.md
index d081c91cb..12fc83cff 100644
--- a/docs/podman-pod-stats.1.md
+++ b/docs/podman-pod-stats.1.md
@@ -47,7 +47,7 @@ Valid placeholders for the Go template are listed below:
| .BlockIO | Block IO |
| .PIDS | Number of PIDs |
-When using a GO template, you may preceed the format with `table` to print headers.
+When using a GO template, you may precede the format with `table` to print headers.
## EXAMPLE
```
diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md
index 86cc2125c..95499edd6 100644
--- a/docs/podman-run.1.md
+++ b/docs/podman-run.1.md
@@ -252,13 +252,17 @@ You need to specify multi option commands in the form of a json string.
Set environment variables
-This option allows you to specify arbitrary
-environment variables that are available for the process that will be launched
-inside of the container.
+This option allows you to specify arbitrary environment variables that are available for the process that will be launched inside of the container. If you specify a environment variable without a value, podman will check the host environment for a value or set the environment to "". If you specify a environment variable ending in --*--, podman will search the host environment for variables starting with the prefix and add them to the container. If you want to add an environment variable with a ***** following it, then you need to set a value.
+
+See **Environment** note below for precedence.
+
+**--env-host**=*true|false*
+
+Use host environment inside of the container. See **Environment** note below for precedence.
**--env-file**=*file*
-Read in a line delimited file of environment variables
+Read in a line delimited file of environment variables. See **Environment** note below for precedence.
**--expose**=*port*
@@ -319,7 +323,7 @@ those. This option is only needed when the host system must use a proxy but
the container should not use any proxy. Proxy environment variables specified
for the container in any other way will override the values that would have
been passed thru from the host. (Other ways to specify the proxy for the
-container include passing the values with the `--env` flag, or hardcoding the
+container include passing the values with the `--env` flag, or hard coding the
proxy environment at container build time.)
For example, to disable passing these environment variables from host to
@@ -651,7 +655,7 @@ Security Options
- `seccomp=unconfined` : Turn off seccomp confinement for the container
- `seccomp=profile.json` : White listed syscalls seccomp Json file to be used as a seccomp filter
-Note: Labelling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file.
+Note: Labeling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file.
**--shm-size**=*size*
@@ -1187,6 +1191,20 @@ The fuse-overlay package provides a userspace overlay storage driver, otherwise
the vfs storage driver, which is diskspace expensive and does not perform well. slirp4netns is
required for VPN, without it containers need to be run with the --net=host flag.
+## ENVIRONMENT
+
+Environment variables within containers can be set using multiple different options: This section describes the precedence.
+
+Precedence Order:
+
+ **--env-host** : Host environment of the process executing podman is added.
+
+ Container image : Any environment variables specified in the container image.
+
+ **--env-file** : Any environment variables specified via env-files. If multiple files specified, then they override each other in order of entry.
+
+ **--env** : Any environment variables specified will override previous settings.
+
## FILES
**/etc/subuid**
diff --git a/docs/podman-stats.1.md b/docs/podman-stats.1.md
index b71d435fa..c1a87f210 100644
--- a/docs/podman-stats.1.md
+++ b/docs/podman-stats.1.md
@@ -48,7 +48,7 @@ Valid placeholders for the Go template are listed below:
| .BlockIO | Block IO |
| .PIDS | Number of PIDs |
-When using a GO template, you may preceed the format with `table` to print headers.
+When using a GO template, you may precede the format with `table` to print headers.
## EXAMPLE
diff --git a/docs/podman-system-df.1.md b/docs/podman-system-df.1.md
index 425796f50..d0b1755ee 100644
--- a/docs/podman-system-df.1.md
+++ b/docs/podman-system-df.1.md
@@ -28,7 +28,7 @@ Local Volumes 1 1 22B 0B (0%)
$ podman system df -v
Images space usage:
-REPOSITORY TAG IMAGE ID CREATED SIZE SHARED SIZE UNQUE SIZE CONTAINERS
+REPOSITORY TAG IMAGE ID CREATED SIZE SHARED SIZE UNIQUE SIZE CONTAINERS
docker.io/library/alpine latest 5cb3aa00f899 2 weeks ago 5.79MB 0B 5.79MB 5
Containers space usage:
diff --git a/docs/podman-volume-inspect.1.md b/docs/podman-volume-inspect.1.md
index 4900e2feb..b00c821bb 100644
--- a/docs/podman-volume-inspect.1.md
+++ b/docs/podman-volume-inspect.1.md
@@ -8,7 +8,7 @@ podman\-volume\-inspect - Inspect one or more volumes
## DESCRIPTION
-Display detailed information on one or more volumes. The output can be formated using
+Display detailed information on one or more volumes. The output can be formatted using
the **--format** flag and a Go template. To get detailed information about all the
existing volumes, use the **--all** flag.
diff --git a/install.md b/install.md
index 368cdd386..0706a68c1 100644
--- a/install.md
+++ b/install.md
@@ -158,7 +158,7 @@ After that enable user namespaces:
sudo sysctl kernel.unprivileged_userns_clone=1
```
-To enable the user namespaces permanenty:
+To enable the user namespaces permanently:
```
echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/userns.conf
diff --git a/rootless.md b/rootless.md
index bdbc1becc..c5033881b 100644
--- a/rootless.md
+++ b/rootless.md
@@ -2,7 +2,7 @@
The following list categorizes the known issues and irregularities with running Podman as a non-root user. Although currently functional, there is still a number of work items that are under consideration to be added. These proposed changes are in varying degrees of design and development.
-Contributors are more than welcomed to help with this work. If you decide to carve off a piece and work on it, please create an issue in [GitHub](https://github.com/containers/libpod/issues), and assign it to yourself. If you find other unexpected behaviour with rootless Podman and feel it’s warranted, please feel free to update this document.
+Contributors are more than welcomed to help with this work. If you decide to carve off a piece and work on it, please create an issue in [GitHub](https://github.com/containers/libpod/issues), and assign it to yourself. If you find other unexpected behavior with rootless Podman and feel it’s warranted, please feel free to update this document.
* Podman can not create containers that bind to ports < 1024.
* The kernel does not allow processes without CAP_NET_BIND_SERVICE to bind to low ports.
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index f95c5298d..8c7830204 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -226,6 +226,22 @@ var _ = Describe("Podman run", func() {
Expect(match).Should(BeTrue())
})
+ It("podman run --host-env environment test", func() {
+ os.Setenv("FOO", "BAR")
+ session := podmanTest.Podman([]string{"run", "--rm", "--env-host", ALPINE, "printenv", "FOO"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("BAR")
+ Expect(match).Should(BeTrue())
+
+ session = podmanTest.Podman([]string{"run", "--rm", "--env", "FOO=BAR1", "--env-host", ALPINE, "printenv", "FOO"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("BAR1")
+ Expect(match).Should(BeTrue())
+ os.Unsetenv("FOO")
+ })
+
It("podman run limits test", func() {
SkipIfRootless()
session := podmanTest.Podman([]string{"run", "--rm", "--ulimit", "rtprio=99", "--cap-add=sys_nice", fedoraMinimal, "cat", "/proc/self/sched"})