summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.cirrus.yml1
-rw-r--r--Dockerfile1
-rw-r--r--Dockerfile.centos4
-rw-r--r--Makefile2
-rw-r--r--changelog.txt41
-rwxr-xr-xcontrib/cirrus/logcollector.sh37
-rw-r--r--contrib/cirrus/packer/fedora_setup.sh2
-rw-r--r--contrib/cirrus/packer/ubuntu_setup.sh1
-rw-r--r--contrib/spec/podman.spec.in2
-rw-r--r--docs/tutorials/podman-derivative-api.md (renamed from docs/podman-derivative-api.md)0
-rw-r--r--go.mod5
-rw-r--r--go.sum19
-rwxr-xr-xhack/install_catatonit.sh19
-rw-r--r--install.md1
-rw-r--r--libpod/container_internal.go4
-rw-r--r--libpod/networking_linux.go6
-rw-r--r--libpod/oci_internal_linux.go8
-rw-r--r--libpod/runtime.go7
-rw-r--r--pkg/netns/netns_linux.go15
-rw-r--r--vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go33
-rw-r--r--vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/allocator.go13
-rw-r--r--vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/store.go1
-rw-r--r--vendor/modules.txt2
-rw-r--r--version/version.go2
24 files changed, 197 insertions, 29 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index 5d810fa65..7f295e22e 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -363,6 +363,7 @@ testing_task:
failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh'
always: &standardlogs
+ package_versions_script: '$SCRIPT_BASE/logcollector.sh packages'
ginkgo_node_logs_script: '$SCRIPT_BASE/logcollector.sh ginkgo'
df_script: '$SCRIPT_BASE/logcollector.sh df'
audit_log_script: '$SCRIPT_BASE/logcollector.sh audit'
diff --git a/Dockerfile b/Dockerfile
index 1f51cd874..3c65bf5a8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,6 +8,7 @@ RUN apt-get update && apt-get install -y \
build-essential \
curl \
e2fslibs-dev \
+ file \
gawk \
gettext \
go-md2man \
diff --git a/Dockerfile.centos b/Dockerfile.centos
index 513c4bdfd..9af7ef7f1 100644
--- a/Dockerfile.centos
+++ b/Dockerfile.centos
@@ -2,9 +2,12 @@ FROM registry.centos.org/centos/centos:7
RUN yum -y install btrfs-progs-devel \
atomic-registries \
+ autoconf \
+ automake \
bzip2 \
device-mapper-devel \
findutils \
+ file \
git \
glibc-static \
glib2-devel \
@@ -15,6 +18,7 @@ RUN yum -y install btrfs-progs-devel \
libassuan-devel \
libseccomp-devel \
libselinux-devel \
+ libtool \
containers-common \
runc \
make \
diff --git a/Makefile b/Makefile
index b8d835f5d..e35264a74 100644
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,7 @@ export GOPROXY=https://proxy.golang.org
GO ?= go
DESTDIR ?=
-EPOCH_TEST_COMMIT ?= 0000afc1af06b04ececeb91637bb3d80d6f47e14
+EPOCH_TEST_COMMIT ?= d7eba026876e4a6a362464dcf08fe6757ebedd1a
HEAD ?= HEAD
CHANGELOG_BASE ?= HEAD~
CHANGELOG_TARGET ?= HEAD
diff --git a/changelog.txt b/changelog.txt
index 1e9d17d06..7d6522c4d 100644
--- a/changelog.txt
+++ b/changelog.txt
@@ -1,3 +1,44 @@
+- Changelog for v1.6.0 (2019-09-30)
+ * info: add cgroups2
+ * Finalize release notes for 1.6.0 final
+ * Bump github.com/onsi/ginkgo from 1.8.0 to 1.10.1
+ * Bump github.com/docker/docker-credential-helpers from 0.6.2 to 0.6.3
+ * Bump github.com/stretchr/testify from 1.3.0 to 1.4.0
+ * Bump github.com/uber/jaeger-client-go
+ * Bump github.com/spf13/pflag from 1.0.3 to 1.0.5
+ * update c/storage to v1.13.4
+ * Cirrus: Minor, fix env. var. intention
+ * new examples added updated two examples with supported CMD and ENTRYPOINT syntax.
+ * new testcase for podman import --change added
+ * syntax updated for podman import --change
+ * Correct use of reexec.Init()
+ * Add a missing escape in the Makefile
+ * Change ginkgo Wait() to Eventually() test
+ * Set log-level immediately, before rootless setup
+ * Cirrus: Implement newly built VM images
+ * Add README note about security reporting process.
+ * Cirrus: Disable boottime Ubuntu package update
+ * Move noCache logic lower in stack
+ * cirrus: Add bash-completion support
+ * Add an error for pods without a name
+ * Make links relative in Tutorial README
+ * docs/podman-derivative-api.md: New file
+ * fix cp none exists dest path ends with '/'
+ * Dockerfile.fedora: install packages to build catatonit
+ * README: add Communications section
+ * drop OWNERS link for CONTRIBUTING.md
+ * Bump gitvalidation epoch
+ * Bump to v1.6.0-dev
+ * Handle conflict between volumes and --read-only-tmpfs
+ * Cirrus: Upload windows MSI release file
+ * conditionally send stdin on remote run
+ * Cirrus: VM Image accounting doc update
+ * Force a CNI Delete on refreshing containers
+ * Document the required varlink build args
+ * Update mac_client link
+ * Cirrus: Fail early on CI script unit test
+ * Unconditionally remove conmon files before starting
+
- Changelog for v1.6.0-rc2 (2019-09-24)
* Add release notes for new-in-RC2 changes
* system tests: run test: reenable and fix
diff --git a/contrib/cirrus/logcollector.sh b/contrib/cirrus/logcollector.sh
index 425a619b0..3393ac9b5 100755
--- a/contrib/cirrus/logcollector.sh
+++ b/contrib/cirrus/logcollector.sh
@@ -32,5 +32,42 @@ case $1 in
df) showrun df -lhTx tmpfs ;;
ginkgo) showrun cat $CIRRUS_WORKING_DIR/test/e2e/ginkgo-node-*.log ;;
journal) showrun journalctl -b ;;
+ packages)
+ case $OS_RELEASE_ID in
+ fedora*)
+ PKG_LST_CMD='rpm -q --qf=%{N}-%{V}-%{R}-%{ARCH}\n'
+ PKG_NAMES=(\
+ container-selinux \
+ containernetworking-plugins \
+ containers-common \
+ criu \
+ golang \
+ podman \
+ slirp4netns \
+ )
+ if [[ "$OS_RELEASE_VER" -lt "31" ]]; then
+ PKG_NAMES+=(runc)
+ else
+ PKG_NAMES+=(crun)
+ fi
+ ;;
+ ubuntu*)
+ PKG_LST_CMD='dpkg-query --show --showformat=${Package}-${Version}-${Architecture}\n'
+ PKG_NAMES=(\
+ containernetworking-plugins \
+ containers-common \
+ cri-o-runc \
+ criu \
+ golang \
+ libvarlink \
+ podman \
+ skopeo \
+ slirp4netns \
+ )
+ ;;
+ *) bad_os_id_ver ;;
+ esac
+ $PKG_LST_CMD ${PKG_NAMES[@]} | sort -u
+ ;;
*) die 1 "Warning, $(basename $0) doesn't know how to handle the parameter '$1'"
esac
diff --git a/contrib/cirrus/packer/fedora_setup.sh b/contrib/cirrus/packer/fedora_setup.sh
index 8e0a2b2ee..679ad3b8d 100644
--- a/contrib/cirrus/packer/fedora_setup.sh
+++ b/contrib/cirrus/packer/fedora_setup.sh
@@ -37,6 +37,7 @@ ooe.sh sudo dnf install -y \
criu \
device-mapper-devel \
emacs-nox \
+ file \
findutils \
fuse3 \
fuse3-devel \
@@ -61,6 +62,7 @@ ooe.sh sudo dnf install -y \
libseccomp \
libseccomp-devel \
libselinux-devel \
+ libtool \
libvarlink-util \
lsof \
make \
diff --git a/contrib/cirrus/packer/ubuntu_setup.sh b/contrib/cirrus/packer/ubuntu_setup.sh
index c94e74a08..2f54da9ed 100644
--- a/contrib/cirrus/packer/ubuntu_setup.sh
+++ b/contrib/cirrus/packer/ubuntu_setup.sh
@@ -61,6 +61,7 @@ $BIGTO $SUDOAPTGET install \
curl \
e2fslibs-dev \
emacs-nox \
+ file \
gawk \
gcc \
gettext \
diff --git a/contrib/spec/podman.spec.in b/contrib/spec/podman.spec.in
index 6ac324499..dc734a6b4 100644
--- a/contrib/spec/podman.spec.in
+++ b/contrib/spec/podman.spec.in
@@ -39,7 +39,7 @@
%global shortcommit_conmon %(c=%{commit_conmon}; echo ${c:0:7})
Name: podman
-Version: 1.6.0
+Version: 1.6.1
Release: #COMMITDATE#.git%{shortcommit0}%{?dist}
Summary: Manage Pods, Containers and Container Images
License: ASL 2.0
diff --git a/docs/podman-derivative-api.md b/docs/tutorials/podman-derivative-api.md
index 0342bb740..0342bb740 100644
--- a/docs/podman-derivative-api.md
+++ b/docs/tutorials/podman-derivative-api.md
diff --git a/go.mod b/go.mod
index 275556a70..bb39f503d 100644
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
github.com/checkpoint-restore/go-criu v0.0.0-20190109184317-bdb7599cd87b
github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc // indirect
github.com/containernetworking/cni v0.7.1
- github.com/containernetworking/plugins v0.8.1
+ github.com/containernetworking/plugins v0.8.2
github.com/containers/buildah v1.11.2
github.com/containers/conmon v0.3.0 // indirect
github.com/containers/image v3.0.2+incompatible
@@ -20,7 +20,6 @@ require (
github.com/containers/storage v1.13.4
github.com/coreos/bbolt v1.3.3 // indirect
github.com/coreos/etcd v3.3.13+incompatible // indirect
- github.com/coreos/go-iptables v0.4.2 // indirect
github.com/coreos/go-semver v0.3.0 // indirect
github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f
github.com/cri-o/ocicni v0.1.1-0.20190702175919-7762645d18ca
@@ -76,7 +75,6 @@ require (
github.com/pmezard/go-difflib v1.0.0
github.com/prometheus/common v0.6.0 // indirect
github.com/rogpeppe/fastuuid v1.1.0 // indirect
- github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8 // indirect
github.com/seccomp/containers-golang v0.0.0-20190312124753-8ca8945ccf5f // indirect
github.com/seccomp/libseccomp-golang v0.9.1 // indirect
github.com/sirupsen/logrus v1.4.2
@@ -106,7 +104,6 @@ require (
google.golang.org/genproto v0.0.0-20190620144150-6af8c5fc6601 // indirect
google.golang.org/grpc v1.21.1 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
- gopkg.in/mgo.v2 v2.0.0-20180705113604-9856a29383ce // indirect
gopkg.in/yaml.v2 v2.2.2
k8s.io/api v0.0.0-20190813020757-36bff7324fb7
k8s.io/apimachinery v0.0.0-20190809020650-423f5d784010
diff --git a/go.sum b/go.sum
index 5adb3cc9b..b5b6e7eed 100644
--- a/go.sum
+++ b/go.sum
@@ -34,6 +34,7 @@ github.com/VividCortex/ewma v1.1.1 h1:MnEK4VOv6n0RSY4vtRe3h11qjxL3+t0B8yOL8iMXdc
github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA=
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
+github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0=
github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/beorn7/perks v1.0.0 h1:HWo1m869IqiPhD389kmkxeTalrjNbbJTC8LXupb+sl0=
@@ -44,6 +45,7 @@ github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdn
github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
github.com/buger/goterm v0.0.0-20181115115552-c206103e1f37 h1:uxxtrnACqI9zK4ENDMf0WpXfUsHP5V8liuq5QdgDISU=
github.com/buger/goterm v0.0.0-20181115115552-c206103e1f37/go.mod h1:u9UyCz2eTrSGy6fbupqJ54eY5c4IC8gREQ1053dK12U=
+github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
github.com/checkpoint-restore/go-criu v0.0.0-20181120144056-17b0214f6c48 h1:AQMF0Xixllgf29MKlx/TGEhRk7bEDX5kxz8Ui8lOvEs=
github.com/checkpoint-restore/go-criu v0.0.0-20181120144056-17b0214f6c48/go.mod h1:TrMrLQfeENAPYPRsJuq3jsqdlRh3lvi6trTZJG8+tho=
@@ -62,12 +64,15 @@ github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc h1:TP+534wVl
github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
github.com/containernetworking/cni v0.7.0-rc2 h1:2GGDhbwdWPY53iT7LXy+LBP76Ch2D/hnw1U2zVFfGbk=
github.com/containernetworking/cni v0.7.0-rc2/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY=
+github.com/containernetworking/cni v0.7.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY=
github.com/containernetworking/cni v0.7.1 h1:fE3r16wpSEyaqY4Z4oFrLMmIGfBYIKpPrHK31EJ9FzE=
github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY=
github.com/containernetworking/plugins v0.7.4 h1:ugkuXfg1Pdzm54U5DGMzreYIkZPSCmSq4rm5TIXVICA=
github.com/containernetworking/plugins v0.7.4/go.mod h1:dagHaAhNjXjT9QYOklkKJDGaQPTg4pf//FrUcJeb7FU=
github.com/containernetworking/plugins v0.8.1 h1:dJbykiiSIS3Xvo8d+A6rSXcUEFGfvCjUA+bUED4qegQ=
github.com/containernetworking/plugins v0.8.1/go.mod h1:dagHaAhNjXjT9QYOklkKJDGaQPTg4pf//FrUcJeb7FU=
+github.com/containernetworking/plugins v0.8.2 h1:5lnwfsAYO+V7yXhysJKy3E1A2Gy9oVut031zfdOzI9w=
+github.com/containernetworking/plugins v0.8.2/go.mod h1:TxALKWZpWL79BC3GOYKJzzXr7U8R23PdhwaLp6F3adc=
github.com/containers/buildah v1.8.4-0.20190821140209-376e52ee0142 h1:RxJ7MbdmorTHiKcJDOz6SwRPasZVp4LOdRWoZ1fdlsQ=
github.com/containers/buildah v1.8.4-0.20190821140209-376e52ee0142/go.mod h1:QIIw13J1YIwWQskItX1wqZPQtUOOKrOnHE+LTibbLLA=
github.com/containers/buildah v1.9.0 h1:ktVRCGNoVfW8PlTuCKUeh+zGdqn1Nik80DSWvGX+v4Y=
@@ -145,6 +150,10 @@ github.com/cyphar/filepath-securejoin v0.2.1 h1:5DPkzz/0MwUpvR4fxASKzgApeq2OMFY5
github.com/cyphar/filepath-securejoin v0.2.1/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4=
github.com/cyphar/filepath-securejoin v0.2.2 h1:jCwT2GTP+PY5nBz3c/YL5PAIbusElVrPujOBSCj8xRg=
github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4=
+github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ=
+github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s=
+github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8=
+github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I=
github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
@@ -226,6 +235,7 @@ github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcs
github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I=
github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw=
github.com/godbus/dbus v0.0.0-20181101234600-2ff6f7ffd60f h1:zlOR3rOlPAVvtfuxGKoghCmop5B0TRyu/ZieziZuGiM=
github.com/godbus/dbus v0.0.0-20181101234600-2ff6f7ffd60f/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw=
github.com/godbus/dbus v4.1.0+incompatible h1:WqqLRTsQic3apZUK9qC5sGNfXthmPXzUZ7nQPrNITa4=
@@ -311,6 +321,7 @@ github.com/ishidawataru/sctp v0.0.0-20180213033435-07191f837fed h1:3MJOWnAfq3T9e
github.com/ishidawataru/sctp v0.0.0-20180213033435-07191f837fed/go.mod h1:DM4VvS+hD/kDi1U1QsX2fnZowwBhqD0Dk3bRPKF/Oc8=
github.com/ishidawataru/sctp v0.0.0-20180918013207-6e2cb1366111 h1:NAAiV9ass6VReWFjuxqrMIq12WKlSULI6Gs3PxQghLA=
github.com/ishidawataru/sctp v0.0.0-20180918013207-6e2cb1366111/go.mod h1:DM4VvS+hD/kDi1U1QsX2fnZowwBhqD0Dk3bRPKF/Oc8=
+github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA=
github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
github.com/json-iterator/go v0.0.0-20180701071628-ab8a2e0c74be/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
@@ -321,6 +332,9 @@ github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCV
github.com/json-iterator/go v1.1.7 h1:KfgG9LzI+pYjr4xvmz/5H4FXjokeP+rlHLhv3iH62Fo=
github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+github.com/juju/errors v0.0.0-20180806074554-22422dad46e1/go.mod h1:W54LbzXuIE0boCoNJfwqpmkKJ1O4TCTZMetAt6jGk7Q=
+github.com/juju/loggo v0.0.0-20190526231331-6e530bcce5d8/go.mod h1:vgyd7OREkbtVEN/8IXZe5Ooef3LQePvuBm9UWj6ZL8U=
+github.com/juju/testing v0.0.0-20190613124551-e81189438503/go.mod h1:63prj8cnj0tU0S9OHjGJn+b1h0ZghCndfnbQolrYTwA=
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
@@ -380,6 +394,7 @@ github.com/munnerz/goautoneg v0.0.0-20190414153302-2ae31c8b6b30/go.mod h1:+n7T8m
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
+github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.7.0 h1:WSHQ+IS43OoUrWtD1/bbclrwK8TTH5hzp+umCiuxHgs=
@@ -388,6 +403,7 @@ github.com/onsi/ginkgo v1.8.0 h1:VkHVNpR4iVnU8XQR6DBm8BqYjN7CRzw+xKUbVVbbW9w=
github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.10.1 h1:q/mM8GF/n0shIN8SaAZ0V+jnLPzen6WIVZdiwrRlMlo=
github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v0.0.0-20190113212917-5533ce8a0da3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/onsi/gomega v1.4.1/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
@@ -561,6 +577,7 @@ github.com/vbauerster/mpb v3.3.4+incompatible h1:DDIhnwmgTQIDZo+SWlEr5d6mJBxkOLB
github.com/vbauerster/mpb v3.3.4+incompatible/go.mod h1:zAHG26FUhVKETRu+MWqYXcI70POlC6N8up9p1dID7SU=
github.com/vbauerster/mpb v3.4.0+incompatible h1:mfiiYw87ARaeRW6x5gWwYRUawxaW1tLAD8IceomUCNw=
github.com/vbauerster/mpb v3.4.0+incompatible/go.mod h1:zAHG26FUhVKETRu+MWqYXcI70POlC6N8up9p1dID7SU=
+github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk=
github.com/vishvananda/netlink v1.0.0 h1:bqNY2lgheFIu1meHUFSH3d7vG93AFyqg3oGbJCOJgSM=
github.com/vishvananda/netlink v1.0.0/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk=
github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc h1:R83G5ikgLMxrBvLh22JhdfI8K6YXEPHx5P03Uu3DRs4=
@@ -584,6 +601,7 @@ go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/
go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
golang.org/x/crypto v0.0.0-20180820150726-614d502a4dac/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20181025213731-e84da0312774/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190103213133-ff983b9c42bc h1:F5tKCVGp+MUAHhKp5MZtGqAlGX3+oCsiL1Q629FL90M=
@@ -613,6 +631,7 @@ golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73r
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190107210223-45ffb0cd1ba0 h1:1DW40AJQ7AP4nY6ORUGUdkpXyEC9W2GAXcOPaMZK0K8=
diff --git a/hack/install_catatonit.sh b/hack/install_catatonit.sh
index e5532a200..7fd7592a9 100755
--- a/hack/install_catatonit.sh
+++ b/hack/install_catatonit.sh
@@ -1,15 +1,24 @@
#!/bin/bash -e
BASE_PATH="/usr/libexec/podman"
CATATONIT_PATH="${BASE_PATH}/catatonit"
-CATATONIT_VERSION="v0.1.3"
+CATATONIT_VERSION="v0.1.4"
if [ -f $CATATONIT_PATH ]; then
echo "skipping ... catatonit is already installed"
else
- echo "downloading catatonit to $CATATONIT_PATH"
- curl -o catatonit -L https://github.com/openSUSE/catatonit/releases/download/$CATATONIT_VERSION/catatonit.x86_64
- chmod +x catatonit
+ echo "installing catatonit to $CATATONIT_PATH"
+ buildDir=$(mktemp -d)
+ git clone https://github.com/openSUSE/catatonit.git $buildDir
+
+ pushd $buildDir
+ echo `pwd`
+ git reset --hard ${CATATONIT_VERSION}
+ autoreconf -fi
+ ./configure
+ make
install ${SELINUXOPT} -d -m 755 $BASE_PATH
install ${SELINUXOPT} -m 755 catatonit $CATATONIT_PATH
- rm catatonit
+ popd
+
+ rm -rf $buildDir
fi
diff --git a/install.md b/install.md
index eb4ecfa68..b90f20395 100644
--- a/install.md
+++ b/install.md
@@ -130,6 +130,7 @@ sudo apt-get install \
go-md2man \
iptables \
libassuan-dev \
+ libbtrfs-dev \
libc6-dev \
libdevmapper-dev \
libglib2.0-dev \
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index f1456548b..a4dcd23be 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -622,6 +622,10 @@ func (c *Container) refresh() error {
return err
}
+ if rootless.IsRootless() {
+ return nil
+ }
+
return c.refreshCNI()
}
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index d854a2de6..61ab57d65 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -201,6 +201,12 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) (err error) {
Setpgid: true,
}
+ // workaround for https://github.com/rootless-containers/slirp4netns/pull/153
+ if sandbox {
+ cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWNS
+ cmd.SysProcAttr.Unshareflags = syscall.CLONE_NEWNS
+ }
+
// Leak one end of the pipe in slirp4netns, the other will be sent to conmon
cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessSlirpSyncR, syncW)
diff --git a/libpod/oci_internal_linux.go b/libpod/oci_internal_linux.go
index a5cce795b..437b7cf4d 100644
--- a/libpod/oci_internal_linux.go
+++ b/libpod/oci_internal_linux.go
@@ -137,8 +137,12 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Containe
return errors.Wrapf(err, "failed to create rootless network sync pipe")
}
} else {
- defer errorhandling.CloseQuiet(ctr.rootlessSlirpSyncR)
- defer errorhandling.CloseQuiet(ctr.rootlessSlirpSyncW)
+ if ctr.rootlessSlirpSyncR != nil {
+ defer errorhandling.CloseQuiet(ctr.rootlessSlirpSyncR)
+ }
+ if ctr.rootlessSlirpSyncW != nil {
+ defer errorhandling.CloseQuiet(ctr.rootlessSlirpSyncW)
+ }
}
// Leak one end in conmon, the other one will be leaked into slirp4netns
cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessSlirpSyncW)
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 675c92b7a..9f3549e00 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -387,6 +387,13 @@ func SetXdgDirs() error {
return errors.Wrapf(err, "cannot set XDG_RUNTIME_DIR")
}
+ if rootless.IsRootless() && os.Getenv("DBUS_SESSION_BUS_ADDRESS") == "" {
+ sessionAddr := filepath.Join(runtimeDir, "bus")
+ if _, err := os.Stat(sessionAddr); err == nil {
+ os.Setenv("DBUS_SESSION_BUS_ADDRESS", fmt.Sprintf("unix:path=%s", sessionAddr))
+ }
+ }
+
// Setup XDG_CONFIG_HOME
if cfgHomeDir := os.Getenv("XDG_CONFIG_HOME"); cfgHomeDir == "" {
if cfgHomeDir, err = util.GetRootlessConfigHomeDir(); err != nil {
diff --git a/pkg/netns/netns_linux.go b/pkg/netns/netns_linux.go
index a62296549..e765bd46f 100644
--- a/pkg/netns/netns_linux.go
+++ b/pkg/netns/netns_linux.go
@@ -126,9 +126,12 @@ func NewNS() (ns.NetNS, error) {
// Don't unlock. By not unlocking, golang will kill the OS thread when the
// goroutine is done (for go1.10+)
+ threadNsPath := getCurrentThreadNetNSPath()
+
var origNS ns.NetNS
- origNS, err = ns.GetNS(getCurrentThreadNetNSPath())
+ origNS, err = ns.GetNS(threadNsPath)
if err != nil {
+ logrus.Warnf("cannot open current network namespace %s: %q", threadNsPath, err)
return
}
defer func() {
@@ -140,13 +143,19 @@ func NewNS() (ns.NetNS, error) {
// create a new netns on the current thread
err = unix.Unshare(unix.CLONE_NEWNET)
if err != nil {
+ logrus.Warnf("cannot create a new network namespace: %q", err)
return
}
// Put this thread back to the orig ns, since it might get reused (pre go1.10)
defer func() {
if err := origNS.Set(); err != nil {
- logrus.Warnf("unable to set namespace: %q", err)
+ if rootless.IsRootless() && strings.Contains(err.Error(), "operation not permitted") {
+ // When running in rootless mode it will fail to re-join
+ // the network namespace owned by root on the host.
+ return
+ }
+ logrus.Warnf("unable to reset namespace: %q", err)
}
}()
@@ -154,7 +163,7 @@ func NewNS() (ns.NetNS, error) {
// mount point. This causes the namespace to persist, even when there
// are no threads in the ns. Make this a shared mount; it needs to be
// back-propogated to the host
- err = unix.Mount(getCurrentThreadNetNSPath(), nsPath, "none", unix.MS_BIND|unix.MS_SHARED|unix.MS_REC, "")
+ err = unix.Mount(threadNsPath, nsPath, "none", unix.MS_BIND|unix.MS_SHARED|unix.MS_REC, "")
if err != nil {
err = fmt.Errorf("failed to bind mount ns at %s: %v", nsPath, err)
}
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go b/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go
index 909afd04e..c0053cabe 100644
--- a/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go
+++ b/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go
@@ -60,11 +60,15 @@ func peerExists(name string) bool {
return true
}
-func makeVeth(name string, mtu int) (peerName string, veth netlink.Link, err error) {
+func makeVeth(name, vethPeerName string, mtu int) (peerName string, veth netlink.Link, err error) {
for i := 0; i < 10; i++ {
- peerName, err = RandomVethName()
- if err != nil {
- return
+ if vethPeerName != "" {
+ peerName = vethPeerName
+ } else {
+ peerName, err = RandomVethName()
+ if err != nil {
+ return
+ }
}
veth, err = makeVethPair(name, peerName, mtu)
@@ -73,7 +77,7 @@ func makeVeth(name string, mtu int) (peerName string, veth netlink.Link, err err
return
case os.IsExist(err):
- if peerExists(peerName) {
+ if peerExists(peerName) && vethPeerName == "" {
continue
}
err = fmt.Errorf("container veth name provided (%v) already exists", name)
@@ -121,12 +125,13 @@ func ifaceFromNetlinkLink(l netlink.Link) net.Interface {
}
}
-// SetupVeth sets up a pair of virtual ethernet devices.
-// Call SetupVeth from inside the container netns. It will create both veth
+// SetupVethWithName sets up a pair of virtual ethernet devices.
+// Call SetupVethWithName from inside the container netns. It will create both veth
// devices and move the host-side veth into the provided hostNS namespace.
-// On success, SetupVeth returns (hostVeth, containerVeth, nil)
-func SetupVeth(contVethName string, mtu int, hostNS ns.NetNS) (net.Interface, net.Interface, error) {
- hostVethName, contVeth, err := makeVeth(contVethName, mtu)
+// hostVethName: If hostVethName is not specified, the host-side veth name will use a random string.
+// On success, SetupVethWithName returns (hostVeth, containerVeth, nil)
+func SetupVethWithName(contVethName, hostVethName string, mtu int, hostNS ns.NetNS) (net.Interface, net.Interface, error) {
+ hostVethName, contVeth, err := makeVeth(contVethName, hostVethName, mtu)
if err != nil {
return net.Interface{}, net.Interface{}, err
}
@@ -161,6 +166,14 @@ func SetupVeth(contVethName string, mtu int, hostNS ns.NetNS) (net.Interface, ne
return ifaceFromNetlinkLink(hostVeth), ifaceFromNetlinkLink(contVeth), nil
}
+// SetupVeth sets up a pair of virtual ethernet devices.
+// Call SetupVeth from inside the container netns. It will create both veth
+// devices and move the host-side veth into the provided hostNS namespace.
+// On success, SetupVeth returns (hostVeth, containerVeth, nil)
+func SetupVeth(contVethName string, mtu int, hostNS ns.NetNS) (net.Interface, net.Interface, error) {
+ return SetupVethWithName(contVethName, "", mtu, hostNS)
+}
+
// DelLinkByName removes an interface link.
func DelLinkByName(ifName string) error {
iface, err := netlink.LinkByName(ifName)
diff --git a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/allocator.go b/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/allocator.go
index d1c2b1018..4cec1a74e 100644
--- a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/allocator.go
+++ b/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/allocator.go
@@ -40,7 +40,7 @@ func NewIPAllocator(s *RangeSet, store backend.Store, id int) *IPAllocator {
}
}
-// Get alocates an IP
+// Get allocates an IP
func (a *IPAllocator) Get(id string, ifname string, requestedIP net.IP) (*current.IPConfig, error) {
a.store.Lock()
defer a.store.Unlock()
@@ -73,6 +73,17 @@ func (a *IPAllocator) Get(id string, ifname string, requestedIP net.IP) (*curren
gw = r.Gateway
} else {
+ // try to get allocated IPs for this given id, if exists, just return error
+ // because duplicate allocation is not allowed in SPEC
+ // https://github.com/containernetworking/cni/blob/master/SPEC.md
+ allocatedIPs := a.store.GetByID(id, ifname)
+ for _, allocatedIP := range allocatedIPs {
+ // check whether the existing IP belong to this range set
+ if _, err := a.rangeset.RangeFor(allocatedIP); err == nil {
+ return nil, fmt.Errorf("%s has been allocated to %s, duplicate allocation is not allowed", allocatedIP.String(), id)
+ }
+ }
+
iter, err := a.GetIter()
if err != nil {
return nil, err
diff --git a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/store.go b/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/store.go
index 4ea845da7..7211ddf6a 100644
--- a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/store.go
+++ b/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/store.go
@@ -24,4 +24,5 @@ type Store interface {
LastReservedIP(rangeID string) (net.IP, error)
Release(ip net.IP) error
ReleaseByID(id string, ifname string) error
+ GetByID(id string, ifname string) []net.IP
}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 9a94c1f09..dc113b619 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -43,7 +43,7 @@ github.com/containernetworking/cni/pkg/version
github.com/containernetworking/cni/libcni
github.com/containernetworking/cni/pkg/invoke
github.com/containernetworking/cni/pkg/types/020
-# github.com/containernetworking/plugins v0.8.1
+# github.com/containernetworking/plugins v0.8.2
github.com/containernetworking/plugins/pkg/ns
github.com/containernetworking/plugins/pkg/ip
github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator
diff --git a/version/version.go b/version/version.go
index 348a69594..9fcd5faa7 100644
--- a/version/version.go
+++ b/version/version.go
@@ -4,7 +4,7 @@ package version
// NOTE: remember to bump the version at the top
// of the top-level README.md file when this is
// bumped.
-const Version = "1.6.0-dev"
+const Version = "1.6.1-dev"
// RemoteAPIVersion is the version for the remote
// client API. It is used to determine compatibility