diff options
-rw-r--r-- | .autocopr/README | 5 | ||||
-rw-r--r-- | README.md | 10 | ||||
-rw-r--r-- | RELEASE_NOTES.md | 2 | ||||
-rw-r--r-- | build_osx.md | 2 | ||||
-rw-r--r-- | cni/README.md | 2 | ||||
-rw-r--r-- | contrib/podmanimage/stable/Dockerfile | 4 | ||||
-rw-r--r-- | contrib/podmanimage/testing/Dockerfile | 4 | ||||
-rw-r--r-- | contrib/podmanimage/upstream/Dockerfile | 6 | ||||
-rw-r--r-- | contrib/snapcraft/snap/snapcraft.yaml | 2 | ||||
-rw-r--r-- | contrib/systemd/README.md | 8 | ||||
-rw-r--r-- | docs/source/Tutorials.rst | 14 | ||||
-rw-r--r-- | docs/source/markdown/podman-build.1.md | 4 | ||||
-rw-r--r-- | docs/source/markdown/podman-create.1.md | 6 | ||||
-rw-r--r-- | docs/source/markdown/podman-run.1.md | 6 | ||||
-rw-r--r-- | docs/source/markdown/podman.1.md | 2 | ||||
-rw-r--r-- | docs/tutorials/mac_client.md | 4 | ||||
-rw-r--r-- | docs/tutorials/podman_tutorial.md | 4 | ||||
-rw-r--r-- | docs/tutorials/podman_tutorial_cn.md | 4 | ||||
-rw-r--r-- | docs/tutorials/remote_client.md | 4 | ||||
-rw-r--r-- | podman.spec.rpkg (renamed from .autocopr/podman.spec) | 167 | ||||
-rw-r--r-- | rootless.md | 6 | ||||
-rw-r--r-- | test/system/070-build.bats | 2 |
22 files changed, 138 insertions, 130 deletions
diff --git a/.autocopr/README b/.autocopr/README deleted file mode 100644 index 791fe8262..000000000 --- a/.autocopr/README +++ /dev/null @@ -1,5 +0,0 @@ -Enable COPR: -sudo dnf copr enable rhcontainerbot/podman-next - -Install podman: -sudo dnf install podman -y @@ -60,10 +60,10 @@ Rootless Podman runs locked-down containers with no privileges that the user run Some of these restrictions can be lifted (via `--privileged`, for example), but rootless containers will never have more privileges than the user that launched them. If you run Podman as your user and mount in `/etc/passwd` from the host, you still won't be able to change it, since your user doesn't have permission to do so. -Almost all normal Podman functionality is available, though there are some [shortcomings](https://github.com/containers/podman/blob/master/rootless.md). -Any recent Podman release should be able to run rootless without any additional configuration, though your operating system may require some additional configuration detailed in the [install guide](https://github.com/containers/podman/blob/master/install.md). +Almost all normal Podman functionality is available, though there are some [shortcomings](https://github.com/containers/podman/blob/main/rootless.md). +Any recent Podman release should be able to run rootless without any additional configuration, though your operating system may require some additional configuration detailed in the [install guide](https://github.com/containers/podman/blob/main/install.md). -A little configuration by an administrator is required before rootless Podman can be used, the necessary setup is documented [here](https://github.com/containers/podman/blob/master/docs/tutorials/rootless_tutorial.md). +A little configuration by an administrator is required before rootless Podman can be used, the necessary setup is documented [here](https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md). ## Out of scope @@ -110,10 +110,10 @@ includes tables showing Docker commands and their Podman equivalent commands. **[Tutorials](docs/tutorials)** Tutorials on using Podman. -**[Remote Client](https://github.com/containers/podman/blob/master/docs/tutorials/remote_client.md)** +**[Remote Client](https://github.com/containers/podman/blob/main/docs/tutorials/remote_client.md)** A brief how-to on using the Podman remote-client. -**[Basic Setup and Use of Podman in a Rootless environment](https://github.com/containers/podman/blob/master/docs/tutorials/rootless_tutorial.md)** +**[Basic Setup and Use of Podman in a Rootless environment](https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md)** A tutorial showing the setup and configuration necessary to run Rootless Podman. **[Release Notes](RELEASE_NOTES.md)** diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 60d433953..04bd196be 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -2026,7 +2026,7 @@ - Updated Buildah to v1.7, picking up a number of bugfixes - Updated containers/image library to v1.5, picking up a number of bugfixes and performance improvements to pushing images - Updated containers/storage library to v1.10, picking up a number of bugfixes -- Work on the remote Podman client for interacting with Podman remotely over Varlink is progressing steadily, and many image and pod commands are supported - please see the [Readme](https://github.com/containers/podman/blob/master/remote_client.md) for details +- Work on the remote Podman client for interacting with Podman remotely over Varlink is progressing steadily, and many image and pod commands are supported - please see the [Readme](https://github.com/containers/podman/blob/main/remote_client.md) for details - Added path masking to mounts with the `:z` and `:Z` options, preventing users from accidentally performing an SELinux relabel of their entire home directory - The `podman container runlabel` command will not pull an image if it does not contain the requested label - Many commands' usage information now includes examples diff --git a/build_osx.md b/build_osx.md index d5a292542..631fcf9c3 100644 --- a/build_osx.md +++ b/build_osx.md @@ -52,4 +52,4 @@ $ man podman ## Using the client To learn how to use the Podman client, refer its -[tutorial](https://github.com/containers/podman/blob/master/docs/tutorials/remote_client.md). +[tutorial](https://github.com/containers/podman/blob/main/docs/tutorials/remote_client.md). diff --git a/cni/README.md b/cni/README.md index 12c890ce8..8bcd4327a 100644 --- a/cni/README.md +++ b/cni/README.md @@ -11,7 +11,7 @@ For example a basic network configuration can be achieved with: ```bash sudo mkdir -p /etc/cni/net.d -curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/87-podman-bridge.conflist +curl -qsSL https://raw.githubusercontent.com/containers/podman/main/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/87-podman-bridge.conflist ``` Dependent upon your CNI configuration, you will need to install as a minimum the `port` and `bridge` [CNI plugins](https://github.com/containernetworking/plugins) into `/opt/cni/bin` (or the directory specified by `cni_plugin_dir` in containers.conf). Please refer to the [CNI](https://github.com/containernetworking) project page in GitHub for more information. diff --git a/contrib/podmanimage/stable/Dockerfile b/contrib/podmanimage/stable/Dockerfile index b0b5bb33b..a81c6fd58 100644 --- a/contrib/podmanimage/stable/Dockerfile +++ b/contrib/podmanimage/stable/Dockerfile @@ -19,8 +19,8 @@ RUN useradd podman; \ echo podman:10000:5000 > /etc/subuid; \ echo podman:10000:5000 > /etc/subgid; -ADD https://raw.githubusercontent.com/containers/libpod/master/contrib/podmanimage/stable/containers.conf /etc/containers/containers.conf -ADD https://raw.githubusercontent.com/containers/libpod/master/contrib/podmanimage/stable/podman-containers.conf /home/podman/.config/containers/containers.conf +ADD https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable/containers.conf /etc/containers/containers.conf +ADD https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable/podman-containers.conf /home/podman/.config/containers/containers.conf RUN mkdir -p /home/podman/.local/share/containers; chown podman:podman -R /home/podman diff --git a/contrib/podmanimage/testing/Dockerfile b/contrib/podmanimage/testing/Dockerfile index e7228ea42..0b3e077a6 100644 --- a/contrib/podmanimage/testing/Dockerfile +++ b/contrib/podmanimage/testing/Dockerfile @@ -19,8 +19,8 @@ RUN useradd podman; \ echo podman:10000:5000 > /etc/subuid; \ echo podman:10000:5000 > /etc/subgid; -ADD https://raw.githubusercontent.com/containers/libpod/master/contrib/podmanimage/stable/containers.conf /etc/containers/containers.conf -ADD https://raw.githubusercontent.com/containers/libpod/master/contrib/podmanimage/stable/podman-containers.conf /home/podman/.config/containers/containers.conf +ADD https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable/containers.conf /etc/containers/containers.conf +ADD https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable/podman-containers.conf /home/podman/.config/containers/containers.conf RUN mkdir -p /home/podman/.local/share/containers; chown podman:podman -R /home/podman diff --git a/contrib/podmanimage/upstream/Dockerfile b/contrib/podmanimage/upstream/Dockerfile index 864227f89..4b44c74c2 100644 --- a/contrib/podmanimage/upstream/Dockerfile +++ b/contrib/podmanimage/upstream/Dockerfile @@ -58,7 +58,7 @@ RUN yum -y update; rpm --restore shadow-utils 2>/dev/null; yum -y install --exc mkdir -p /usr/libexec/cni; \ \cp -fR bin/* /usr/libexec/cni; \ mkdir -p /etc/cni/net.d; \ - curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | tee /etc/cni/net.d/99-loopback.conf; \ + curl -qsSL https://raw.githubusercontent.com/containers/podman/main/cni/87-podman-bridge.conflist | tee /etc/cni/net.d/99-loopback.conf; \ mkdir -p /usr/share/containers; \ rm -rf /root/podman/*; \ yum -y remove git golang go-md2man make; \ @@ -68,8 +68,8 @@ RUN useradd podman; \ echo podman:10000:5000 > /etc/subuid; \ echo podman:10000:5000 > /etc/subgid; -ADD https://raw.githubusercontent.com/containers/libpod/master/contrib/podmanimage/stable/containers.conf /etc/containers/containers.conf -ADD https://raw.githubusercontent.com/containers/libpod/master/contrib/podmanimage/stable/podman-containers.conf /home/podman/.config/containers/containers.conf +ADD https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable/containers.conf /etc/containers/containers.conf +ADD https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable/podman-containers.conf /home/podman/.config/containers/containers.conf RUN mkdir -p /home/podman/.local/share/containers; chown podman:podman -R /home/podman diff --git a/contrib/snapcraft/snap/snapcraft.yaml b/contrib/snapcraft/snap/snapcraft.yaml index e3948e01b..57589b00e 100644 --- a/contrib/snapcraft/snap/snapcraft.yaml +++ b/contrib/snapcraft/snap/snapcraft.yaml @@ -17,7 +17,7 @@ parts: source: https://github.com/containers/podman/archive/v0.11.1.1.tar.gz go-importpath: github.com/containers/podman build-packages: - # https://github.com/containers/podman/blob/master/install.md#build-and-run-dependencies + # https://github.com/containers/podman/blob/main/install.md#build-and-run-dependencies - btrfs-tools - git - golang-go diff --git a/contrib/systemd/README.md b/contrib/systemd/README.md index 480596915..af5ae0218 100644 --- a/contrib/systemd/README.md +++ b/contrib/systemd/README.md @@ -11,9 +11,9 @@ Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/podman/podman.sock` ### podman.service -You can refer to [this example](https://github.com/containers/podman/blob/master/contrib/systemd/system/podman.service) for a sample podman.service file. +You can refer to [this example](https://github.com/containers/podman/blob/main/contrib/systemd/system/podman.service) for a sample podman.service file. ### podman.socket -You can refer to [this example](https://github.com/containers/podman/blob/master/contrib/systemd/system/podman.socket) for a sample podman.socket file. +You can refer to [this example](https://github.com/containers/podman/blob/main/contrib/systemd/system/podman.socket) for a sample podman.socket file. ## user (podman service run as given user aka "rootless") @@ -26,7 +26,7 @@ You can refer to [this example](https://github.com/containers/podman/blob/master Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/user/$(id -u)/podman/podman.sock` ### podman.service -You can refer to [this example](https://github.com/containers/podman/blob/master/contrib/systemd/user/podman.service) for a rootless podman.service file. +You can refer to [this example](https://github.com/containers/podman/blob/main/contrib/systemd/user/podman.service) for a rootless podman.service file. ### podman.socket -You can refer to [this example](https://github.com/containers/podman/blob/master/contrib/systemd/user/podman.socket) for a rootless podman.socket file. +You can refer to [this example](https://github.com/containers/podman/blob/main/contrib/systemd/user/podman.socket) for a rootless podman.socket file. diff --git a/docs/source/Tutorials.rst b/docs/source/Tutorials.rst index cb9ab644d..34a029484 100644 --- a/docs/source/Tutorials.rst +++ b/docs/source/Tutorials.rst @@ -4,11 +4,11 @@ Tutorials ========= Here are a number of useful tutorials to get you up and running with Podman. If you are familiar with the Docker `Container Engine`_ the command in Podman_ should be quite familiar. If you are brand new to containers, take a look at our `Introduction`. -* `Basic Setup and Use of Podman <https://github.com/containers/podman/blob/master/docs/tutorials/podman_tutorial.md>`_: Learn how to setup Podman and perform some basic commands with the utility. -* `Basic Setup and Use of Podman in a Rootless environment <https://github.com/containers/podman/blob/master/docs/tutorials/rootless_tutorial.md>`_: The steps required to setup rootless Podman are enumerated. -* `Podman Mac/Windows tutorial <https://github.com/containers/podman/blob/master/docs/tutorials/mac_win_client.md>`_: Special setup for running the Podman remote client on a Mac or Windows PC and connecting to Podman running on a Linux VM are documented. -* `How to sign and distribute container images using Podman <https://github.com/containers/podman/blob/master/docs/tutorials/image_signing.md>`_: Learn how to setup and use image signing with Podman. -* `Podman remote-client tutorial <https://github.com/containers/podman/blob/master/docs/tutorials/remote_client.md>`_: A brief how-to on using the Podman remote-client. -* `How to use libpod for custom/derivative projects <https://github.com/containers/podman/blob/master/docs/tutorials/podman-derivative-api.md>`_: How the libpod API can be used within your own project. +* `Basic Setup and Use of Podman <https://github.com/containers/podman/blob/main/docs/tutorials/podman_tutorial.md>`_: Learn how to setup Podman and perform some basic commands with the utility. +* `Basic Setup and Use of Podman in a Rootless environment <https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md>`_: The steps required to setup rootless Podman are enumerated. +* `Podman Mac/Windows tutorial <https://github.com/containers/podman/blob/main/docs/tutorials/mac_win_client.md>`_: Special setup for running the Podman remote client on a Mac or Windows PC and connecting to Podman running on a Linux VM are documented. +* `How to sign and distribute container images using Podman <https://github.com/containers/podman/blob/main/docs/tutorials/image_signing.md>`_: Learn how to setup and use image signing with Podman. +* `Podman remote-client tutorial <https://github.com/containers/podman/blob/main/docs/tutorials/remote_client.md>`_: A brief how-to on using the Podman remote-client. +* `How to use libpod for custom/derivative projects <https://github.com/containers/podman/blob/main/docs/tutorials/podman-derivative-api.md>`_: How the libpod API can be used within your own project. * `How to use Podman's Go RESTful bindings <https://github.com/containers/podman/tree/main/pkg/bindings>`_: An introduction to using our RESTful Golang bindings in an external application. -* `Common network setups <https://github.com/containers/podman/blob/master/docs/tutorials/basic_networking.md>`_: A basic guide to common network setups for Podman. +* `Common network setups <https://github.com/containers/podman/blob/main/docs/tutorials/basic_networking.md>`_: A basic guide to common network setups for Podman. diff --git a/docs/source/markdown/podman-build.1.md b/docs/source/markdown/podman-build.1.md index 55549c99a..474597938 100644 --- a/docs/source/markdown/podman-build.1.md +++ b/docs/source/markdown/podman-build.1.md @@ -149,7 +149,7 @@ microseconds. On some systems, changing the CPU limits may not be allowed for non-root users. For more details, see -https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error #### **--cpu-quota**=*limit* @@ -162,7 +162,7 @@ ends (controllable via **--cpu-period**). On some systems, changing the CPU limits may not be allowed for non-root users. For more details, see -https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error #### **--cpu-shares**, **-c**=*shares* diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index dd79a8d74..62028de40 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -160,7 +160,7 @@ microseconds. On some systems, changing the CPU limits may not be allowed for non-root users. For more details, see -https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error #### **--cpu-quota**=*limit* @@ -173,7 +173,7 @@ ends (controllable via **--cpu-period**). On some systems, changing the CPU limits may not be allowed for non-root users. For more details, see -https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error #### **--cpu-rt-period**=*microseconds* @@ -239,7 +239,7 @@ for **--cpu-period** and **--cpu-quota**, so you may only set either On some systems, changing the CPU limits may not be allowed for non-root users. For more details, see -https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error #### **--cpuset-cpus**=*cpus* diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index f77d0418b..efd60b46d 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -178,7 +178,7 @@ microseconds. On some systems, changing the CPU limits may not be allowed for non-root users. For more details, see -https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error #### **--cpu-quota**=*limit* @@ -191,7 +191,7 @@ ends (controllable via **--cpu-period**). On some systems, changing the CPU limits may not be allowed for non-root users. For more details, see -https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error #### **--cpu-rt-period**=*microseconds* @@ -255,7 +255,7 @@ for **--cpu-period** and **--cpu-quota**, so you may only set either On some systems, changing the CPU limits may not be allowed for non-root users. For more details, see -https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error #### **--cpuset-cpus**=*number* diff --git a/docs/source/markdown/podman.1.md b/docs/source/markdown/podman.1.md index 9f85ebda3..c1a22c0c1 100644 --- a/docs/source/markdown/podman.1.md +++ b/docs/source/markdown/podman.1.md @@ -402,7 +402,7 @@ The Overlay file system (OverlayFS) is not supported with kernels prior to 5.12. The Network File System (NFS) and other distributed file systems (for example: Lustre, Spectrum Scale, the General Parallel File System (GPFS)) are not supported when running in rootless mode as these file systems do not understand user namespace. However, rootless Podman can make use of an NFS Homedir by modifying the `$HOME/.config/containers/storage.conf` to have the `graphroot` option point to a directory stored on local (Non NFS) storage. -For more information, please refer to the [Podman Troubleshooting Page](https://github.com/containers/podman/blob/master/troubleshooting.md). +For more information, please refer to the [Podman Troubleshooting Page](https://github.com/containers/podman/blob/main/troubleshooting.md). ## SEE ALSO **[containers-mounts.conf(5)](https://github.com/containers/common/blob/main/docs/containers-mounts.conf.5.md)**, **[containers.conf(5)](https://github.com/containers/common/blob/main/docs/containers.conf.5.md)**, **[containers-registries.conf(5)](https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md)**, **[containers-storage.conf(5)](https://github.com/containers/storage/blob/main/docs/containers-storage.conf.5.md)**, **[buildah(1)](https://github.com/containers/buildah/blob/main/docs/buildah.1.md)**, **oci-hooks(5)**, **[containers-policy.json(5)](https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md)**, **[crun(1)](https://github.com/containers/crun/blob/main/crun.1.md)**, **[runc(8)](https://github.com/opencontainers/runc/blob/master/man/runc.8.md)**, **[subuid(5)](https://www.unix.com/man-page/linux/5/subuid)**, **[subgid(5)](https://www.unix.com/man-page/linux/5/subgid)**, **[slirp4netns(1)](https://github.com/rootless-containers/slirp4netns/blob/master/slirp4netns.1.md)**, **[conmon(8)](https://github.com/containers/conmon/blob/main/docs/conmon.8.md)** diff --git a/docs/tutorials/mac_client.md b/docs/tutorials/mac_client.md index 19522e74d..e73522da9 100644 --- a/docs/tutorials/mac_client.md +++ b/docs/tutorials/mac_client.md @@ -1,2 +1,2 @@ -# [Podman Mac Client tutorial](https://github.com/containers/podman/blob/master/docs/tutorials/mac_win_client.md) -This tutorial has moved! You can find out how to set up Podman on macOS (as well as Windows) [here](https://github.com/containers/podman/blob/master/docs/tutorials/mac_win_client.md) +# [Podman Mac Client tutorial](https://github.com/containers/podman/blob/main/docs/tutorials/mac_win_client.md) +This tutorial has moved! You can find out how to set up Podman on macOS (as well as Windows) [here](https://github.com/containers/podman/blob/main/docs/tutorials/mac_win_client.md) diff --git a/docs/tutorials/podman_tutorial.md b/docs/tutorials/podman_tutorial.md index 92d0c41b1..83f1e5e1e 100644 --- a/docs/tutorials/podman_tutorial.md +++ b/docs/tutorials/podman_tutorial.md @@ -5,7 +5,7 @@ Podman is a utility provided as part of the libpod library. It can be used to c containers. The following tutorial will teach you how to set up Podman and perform some basic commands with Podman. -If you are running on a Mac or Windows PC, you should instead follow the [Mac and Windows tutorial](https://github.com/containers/podman/blob/master/docs/tutorials/mac_win_client.md) +If you are running on a Mac or Windows PC, you should instead follow the [Mac and Windows tutorial](https://github.com/containers/podman/blob/main/docs/tutorials/mac_win_client.md) to set up the remote Podman client. **NOTE**: the code samples are intended to be run as a non-root user, and use `sudo` where @@ -13,7 +13,7 @@ root escalation is required. ## Installing Podman -For installing or building Podman, please see the [installation instructions](https://github.com/containers/podman/blob/master/install.md). +For installing or building Podman, please see the [installation instructions](https://github.com/containers/podman/blob/main/install.md). ## Familiarizing yourself with Podman diff --git a/docs/tutorials/podman_tutorial_cn.md b/docs/tutorials/podman_tutorial_cn.md index 5290c4076..36e83e16f 100644 --- a/docs/tutorials/podman_tutorial_cn.md +++ b/docs/tutorials/podman_tutorial_cn.md @@ -7,14 +7,14 @@ Podman是由libpod库提供一个实用的程序,可以被用于创建和管 下面的教程会教你如何启动 Podman 并使用 Podman 执行一些基本的命令。 如果你正在使用 Mac 或者 Windows -,你应该先查看[Mac 和 Windows 使用说明](https://github.com/containers/podman/blob/master/docs/tutorials/mac_win_client.md)来设置 Podman +,你应该先查看[Mac 和 Windows 使用说明](https://github.com/containers/podman/blob/main/docs/tutorials/mac_win_client.md)来设置 Podman 远程客户端。 **注意**:示例中所有命令皆以非 root 的用户运行,必要的时候通过 `sudo` 命令来获取 root 权限。 ## 安装Podman -安装或者编译 Podman ,请参照[安装说明](https://github.com/containers/podman/blob/master/install.md)。 +安装或者编译 Podman ,请参照[安装说明](https://github.com/containers/podman/blob/main/install.md)。 ## 熟悉podman diff --git a/docs/tutorials/remote_client.md b/docs/tutorials/remote_client.md index 0370b0329..ef7160f6c 100644 --- a/docs/tutorials/remote_client.md +++ b/docs/tutorials/remote_client.md @@ -5,7 +5,7 @@ The purpose of the Podman remote-client is to allow users to interact with a Pod The remote client takes advantage of a client-server model. You need Podman installed on a Linux machine or VM that also has the SSH daemon running. On the local operating system, when you execute a Podman command, Podman connects to the server via SSH. It then connects to the Podman service by using systemd socket activation, and hitting our [Rest API](https://docs.podman.io/en/latest/_static/api.html). The Podman commands are executed on the server. From the client's point of view, it seems like Podman runs locally. -This tutorial is for running Podman remotely on Linux. If you are using a Mac or a Windows PC, please follow the [Mac and Windows tutorial](https://github.com/containers/podman/blob/master/docs/tutorials/mac_win_client.md) +This tutorial is for running Podman remotely on Linux. If you are using a Mac or a Windows PC, please follow the [Mac and Windows tutorial](https://github.com/containers/podman/blob/main/docs/tutorials/mac_win_client.md) ## Obtaining and installing Podman @@ -113,4 +113,4 @@ You can use the Podman remote clients to manage your containers running on a Lin See the [Troubleshooting](../../troubleshooting.md) document if you run into issues. ## History -Adapted from the [Mac and Windows tutorial](https://github.com/containers/podman/blob/master/docs/tutorials/mac_win_client.md) +Adapted from the [Mac and Windows tutorial](https://github.com/containers/podman/blob/main/docs/tutorials/mac_win_client.md) diff --git a/.autocopr/podman.spec b/podman.spec.rpkg index 45f6c14d8..cff5eb3d9 100644 --- a/.autocopr/podman.spec +++ b/podman.spec.rpkg @@ -1,4 +1,9 @@ -%global with_debug 0 +# For automatic rebuilds in COPR + +# The following tag is to get correct syntax highlighting for this file in vim text editor +# vim: syntax=spec + +%global with_debug 1 %if 0%{?with_debug} %global _find_debuginfo_dwz_opts %{nil} @@ -7,6 +12,10 @@ %global debug_package %{nil} %endif +%if ! 0%{?gobuild:1} +%define gobuild(o:) GO111MODULE=off go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '-Wl,-z,relro -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld '" -a -v -x %{?**}; +%endif + %global provider github %global provider_tld com %global project containers @@ -15,68 +24,37 @@ %global import_path %{provider}.%{provider_tld}/%{project}/%{repo} %global git0 https://%{import_path} -Name: podman -Epoch: 100 -Version: 4 -%define build_datestamp %{lua: print(os.date("%Y%m%d"))} -%define build_timestamp %{lua: print(os.date("%H%M%S"))} -Release: %{build_datestamp}.%{build_timestamp} +# git_dir_name returns repository name derived from remote Git repository URL +Name: {{{ git_dir_name }}} + +Epoch: 101 + +# git_dir_version returns version based on commit and tag history of the Git project +Version: {{{ git_dir_version }}} + +# This can be useful later for adding downstream patches +Release: 1%{?dist} + +# Basic description of the package Summary: Manage Pods, Containers and Container Images -License: ASL 2.0 -URL: https://%{name}.io/ -Source0: %{git0}/archive/main.tar.gz -Provides: %{name}-manpages = %{epoch}:%{version}-%{release} -%if 0%{?fedora} && ! 0%{?rhel} -BuildRequires: btrfs-progs-devel -%endif -BuildRequires: gcc -BuildRequires: golang >= 1.16.6 -BuildRequires: glib2-devel -BuildRequires: glibc-devel -BuildRequires: glibc-static -BuildRequires: git-core -BuildRequires: golang-github-cpuguy83-md2man -BuildRequires: go-rpm-macros -BuildRequires: gpgme-devel -BuildRequires: libassuan-devel -BuildRequires: libgpg-error-devel -BuildRequires: libseccomp-devel -BuildRequires: libselinux-devel -%if 0%{?fedora} >= 35 -BuildRequires: shadow-utils-subid-devel -%endif -BuildRequires: pkgconfig -BuildRequires: make -BuildRequires: ostree-devel -BuildRequires: systemd -BuildRequires: systemd-devel -Requires: conmon >= 2:2.0.30-2 -%if 0%{?fedora} -Requires: containers-common >= 4:1-21 -%else -Requires: containers-common >= 2:1-13 -%endif -Requires: containernetworking-plugins >= 1.0.0-15.1 -Requires: iptables -Requires: nftables -Recommends: %{name}-plugins -Recommends: catatonit -Suggests: qemu-user-static -%description -%{name} (Pod Manager) is a fully featured container engine that is a simple -daemonless tool. %{name} provides a Docker-CLI comparable command line that -eases the transition from other container engines and allows the management of -pods, containers and images. Simply put: alias docker=%{name}. -Most %{name} commands can be run as a regular user, without requiring -additional privileges. +# License. We assume GPLv2+ here. +License: ASL 2.0 -%{name} uses Buildah(1) internally to create container images. -Both tools share image (not container) storage, hence each can use or -manipulate images (but not containers) created by the other. +# Home page of the project. Can also point to the public Git repository page. +URL: https://github.com/containers/podman -%{summary} -%{repo} Simple management tool for pods, containers and images +# Detailed information about the source Git repository and the source commit +# for the created rpm package +VCS: {{{ git_dir_vcs }}} + +# git_dir_pack macro places the repository content (the source files) into a tarball +# and returns its filename. The tarball will be used to build the rpm. +Source: {{{ git_dir_pack }}} + +# More detailed description of the package +%description +This is a hello world package. %package docker Summary: Emulate Docker CLI using %{name} @@ -124,12 +102,55 @@ run %{name}-remote in production. manage pods, containers and container images. %{name}-remote supports ssh connections as well. +# The following four sections already describe the rpm build process itself. +# prep will extract the tarball defined as Source above and descend into it. %prep -%autosetup -n %{name}-main +{{{ git_dir_setup_macro }}} +# This will invoke `make` command in the directory with the extracted sources. %build -make all docker-docs +%set_build_flags +export GO111MODULE=off +export GOPATH=$(pwd)/_build:$(pwd) +export CGO_CFLAGS=$CFLAGS +# These extra flags present in $CFLAGS have been skipped for now as they break the build +CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-flto=auto//g') +CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-Wp,D_GLIBCXX_ASSERTIONS//g') +CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-annobin-cc1//g') + +%ifarch x86_64 +export CGO_CFLAGS+=" -m64 -mtune=generic -fcf-protection=full" +%endif +mkdir _build +pushd _build +mkdir -p src/%{provider}.%{provider_tld}/%{project} +ln -s ../../../../ src/%{import_path} +popd +ln -s vendor src + +# build date. FIXME: Makefile uses '/v2/libpod', that doesn't work here? +LDFLAGS="-X %{import_path}/libpod/define.buildInfo=$(date +%s)" + +# build rootlessport first +%gobuild -o bin/rootlessport %%{import_path}/cmd/rootlessport + +# build %%{name} +export BUILDTAGS="seccomp exclude_graphdriver_devicemapper $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh) $(hack/libdm_tag.sh) $(hack/selinux_tag.sh) $(hack/systemd_tag.sh)" +%if 0%{?fedora} >= 35 +export BUILDTAGS+=" $(hack/libsubid_tag.sh)" +%endif + +%gobuild -o bin/%{name} %{import_path}/cmd/%{name} + +# build %%{name}-remote +export BUILDTAGS+=" exclude_graphdriver_btrfs btrfs_noversion remote" +%gobuild -o bin/%{name}-remote %{import_path}/cmd/%{name} + +make docs docker-docs + +# This will copy the files generated by the `make` command above into +# the installable rpm package. %install PODMAN_VERSION=%{version} %{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} ETCDIR=%{buildroot}%{_sysconfdir} \ install.bin-nobuild \ @@ -140,23 +161,18 @@ PODMAN_VERSION=%{version} %{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} ETCDI install.docker-docs-nobuild \ install.remote-nobuild \ -mv pkg/hooks/README.md pkg/hooks/README-hooks.md +install -d -p %{buildroot}/%{_datadir}/%{name}/test/system +cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/ +mv pkg/hooks/README.md pkg/hooks/README-hooks.md # do not include docker and podman-remote man pages in main package for file in `find %{buildroot}%{_mandir}/man[15] -type f | sed "s,%{buildroot},," | grep -v -e remote -e docker`; do echo "$file*" >> podman.file-list done -# install tests -install -d -p %{buildroot}/%{_datadir}/%{name}/test/system -cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/ - -%check - -#define license tag if not already defined -%{!?_licensedir:%global license %doc} - +# This lists all the files that are included in the rpm package and that +# are going to be installed into target system where the rpm is installed. %files -f %{name}.file-list %license LICENSE %doc README.md CONTRIBUTING.md pkg/hooks/README-hooks.md install.md transfer.md @@ -201,10 +217,7 @@ cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/ %license LICENSE %{_datadir}/%{name}/test -%triggerpostun -- %{name} <= 3.2 -rm -f %{_sharedstatedir}/containers/storage/libpod/defaultCNINetExists -exit 0 - +# Finally, changes from the latest release of your application are generated from +# your project's Git history. It will be empty until you make first annotated Git tag. %changelog -* Fri Dec 03 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - %{version}-%{release} -- auto copr build +{{{ git_dir_changelog }}} diff --git a/rootless.md b/rootless.md index bee5d337b..39c961d2a 100644 --- a/rootless.md +++ b/rootless.md @@ -25,11 +25,11 @@ can easily fail * When a container root process like YUM attempts to create a file owned by a different UID, NFS Server/GPFS denies the creation. * Does not work with homedirs mounted with noexec/nodev * User can setup storage to point to other directories they can write to that are not mounted noexec/nodev -* Can not use overlayfs driver, but does support fuse-overlayfs - * Ubuntu supports non root overlay, but no other Linux distros do. +* Support for using native overlayfs as an unprivileged user is only available for Podman version >= 3.1 on a Linux kernel version >= 5.12, otherwise the slower _fuse-overlayfs_ may be used. + * A few Linux distributions (e.g. Ubuntu) have supported even older Podman and Linux kernel versions by modifying the normal Linux kernel behaviour. * Only other supported driver is VFS. * Cannot use ping out of the box. - * [(Can be fixed by setting sysctl on host)](https://github.com/containers/podman/blob/master/troubleshooting.md#5-rootless-containers-cannot-ping-hosts) + * [(Can be fixed by setting sysctl on host)](https://github.com/containers/podman/blob/main/troubleshooting.md#5-rootless-containers-cannot-ping-hosts) * Requires new shadow-utils (not found in older (RHEL7/Centos7 distros) Should be fixed in RHEL7.7 release) * A few commands do not work. * mount/unmount (on fuse-overlay) diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 5e920506d..d5f7365e8 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -194,7 +194,7 @@ EOF cat >$tmpdir/Dockerfile <<EOF FROM $IMAGE -ADD https://github.com/containers/podman/blob/master/README.md /tmp/ +ADD https://github.com/containers/podman/blob/main/README.md /tmp/ EOF run_podman build -t add_url $tmpdir run_podman run --rm add_url stat /tmp/README.md |