summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore2
-rw-r--r--Makefile65
-rw-r--r--cmd/podman/build.go4
-rw-r--r--cmd/podman/cp.go11
-rw-r--r--cmd/podman/main_local.go11
-rw-r--r--contrib/cirrus/lib.sh46
-rwxr-xr-xcontrib/cirrus/lib.sh.t17
-rw-r--r--docs/Makefile23
-rw-r--r--docs/Readme.md21
-rw-r--r--docs/make.bat (renamed from docs/rtd/make.bat)0
-rwxr-xr-xdocs/remote-docs.sh (renamed from docs/podman-remote.sh)55
-rw-r--r--docs/requirements.txt (renamed from docs/rtd/requirements.txt)0
-rw-r--r--docs/rtd/Makefile123
-rw-r--r--docs/rtd/source/Commands.rst107
-rw-r--r--docs/rtd/source/man/generate.rst6
-rw-r--r--docs/rtd/source/man/healthcheck.rst4
-rw-r--r--docs/rtd/source/man/image.rst35
-rw-r--r--docs/rtd/source/man/managecontainers.rst64
-rw-r--r--docs/rtd/source/man/network.rst10
-rw-r--r--docs/rtd/source/man/play.rst4
-rw-r--r--docs/rtd/source/man/pod.rst30
-rw-r--r--docs/rtd/source/man/system.rst12
-rw-r--r--docs/rtd/source/man/volume.rst11
-rw-r--r--docs/source/Commands.rst107
-rw-r--r--docs/source/Introduction.rst (renamed from docs/rtd/source/Introduction.rst)0
-rw-r--r--docs/source/Reference.rst (renamed from docs/rtd/source/Reference.rst)0
-rw-r--r--docs/source/Tutorials.rst (renamed from docs/rtd/source/Tutorials.rst)0
-rw-r--r--docs/source/conf.py (renamed from docs/rtd/source/conf.py)0
-rw-r--r--docs/source/generate.rst6
-rw-r--r--docs/source/healthcheck.rst4
-rw-r--r--docs/source/image.rst35
-rw-r--r--docs/source/index.rst (renamed from docs/rtd/source/index.rst)0
-rw-r--r--docs/source/managecontainers.rst64
-rw-r--r--docs/source/markdown/links/podman-container-attach.1 (renamed from docs/links/podman-container-attach.1)0
-rw-r--r--docs/source/markdown/links/podman-container-commit.1 (renamed from docs/links/podman-container-commit.1)0
-rw-r--r--docs/source/markdown/links/podman-container-cp.1 (renamed from docs/links/podman-container-cp.1)0
-rw-r--r--docs/source/markdown/links/podman-container-create.1 (renamed from docs/links/podman-container-create.1)0
-rw-r--r--docs/source/markdown/links/podman-container-diff.1 (renamed from docs/links/podman-container-diff.1)0
-rw-r--r--docs/source/markdown/links/podman-container-exec.1 (renamed from docs/links/podman-container-exec.1)0
-rw-r--r--docs/source/markdown/links/podman-container-export.1 (renamed from docs/links/podman-container-export.1)0
-rw-r--r--docs/source/markdown/links/podman-container-init.1 (renamed from docs/links/podman-container-init.1)0
-rw-r--r--docs/source/markdown/links/podman-container-inspect.1 (renamed from docs/links/podman-container-inspect.1)0
-rw-r--r--docs/source/markdown/links/podman-container-kill.1 (renamed from docs/links/podman-container-kill.1)0
-rw-r--r--docs/source/markdown/links/podman-container-list.1 (renamed from docs/links/podman-container-list.1)0
-rw-r--r--docs/source/markdown/links/podman-container-logs.1 (renamed from docs/links/podman-container-logs.1)0
-rw-r--r--docs/source/markdown/links/podman-container-ls.1 (renamed from docs/links/podman-container-ls.1)0
-rw-r--r--docs/source/markdown/links/podman-container-mount.1 (renamed from docs/links/podman-container-mount.1)0
-rw-r--r--docs/source/markdown/links/podman-container-pause.1 (renamed from docs/links/podman-container-pause.1)0
-rw-r--r--docs/source/markdown/links/podman-container-port.1 (renamed from docs/links/podman-container-port.1)0
-rw-r--r--docs/source/markdown/links/podman-container-ps.1 (renamed from docs/links/podman-container-ps.1)0
-rw-r--r--docs/source/markdown/links/podman-container-restart.1 (renamed from docs/links/podman-container-restart.1)0
-rw-r--r--docs/source/markdown/links/podman-container-rm.1 (renamed from docs/links/podman-container-rm.1)0
-rw-r--r--docs/source/markdown/links/podman-container-run.1 (renamed from docs/links/podman-container-run.1)0
-rw-r--r--docs/source/markdown/links/podman-container-start.1 (renamed from docs/links/podman-container-start.1)0
-rw-r--r--docs/source/markdown/links/podman-container-stats.1 (renamed from docs/links/podman-container-stats.1)0
-rw-r--r--docs/source/markdown/links/podman-container-stop.1 (renamed from docs/links/podman-container-stop.1)0
-rw-r--r--docs/source/markdown/links/podman-container-top.1 (renamed from docs/links/podman-container-top.1)0
-rw-r--r--docs/source/markdown/links/podman-container-umount.1 (renamed from docs/links/podman-container-umount.1)0
-rw-r--r--docs/source/markdown/links/podman-container-unmount.1 (renamed from docs/links/podman-container-unmount.1)0
-rw-r--r--docs/source/markdown/links/podman-container-unpause.1 (renamed from docs/links/podman-container-unpause.1)0
-rw-r--r--docs/source/markdown/links/podman-container-wait.1 (renamed from docs/links/podman-container-wait.1)0
-rw-r--r--docs/source/markdown/links/podman-help.1 (renamed from docs/links/podman-help.1)0
-rw-r--r--docs/source/markdown/links/podman-image-build.1 (renamed from docs/links/podman-image-build.1)0
-rw-r--r--docs/source/markdown/links/podman-image-history.1 (renamed from docs/links/podman-image-history.1)0
-rw-r--r--docs/source/markdown/links/podman-image-import.1 (renamed from docs/links/podman-image-import.1)0
-rw-r--r--docs/source/markdown/links/podman-image-inspect.1 (renamed from docs/links/podman-image-inspect.1)0
-rw-r--r--docs/source/markdown/links/podman-image-list.1 (renamed from docs/links/podman-image-list.1)0
-rw-r--r--docs/source/markdown/links/podman-image-load.1 (renamed from docs/links/podman-image-load.1)0
-rw-r--r--docs/source/markdown/links/podman-image-ls.1 (renamed from docs/links/podman-image-ls.1)0
-rw-r--r--docs/source/markdown/links/podman-image-pull.1 (renamed from docs/links/podman-image-pull.1)0
-rw-r--r--docs/source/markdown/links/podman-image-push.1 (renamed from docs/links/podman-image-push.1)0
-rw-r--r--docs/source/markdown/links/podman-image-rm.1 (renamed from docs/links/podman-image-rm.1)0
-rw-r--r--docs/source/markdown/links/podman-image-save.1 (renamed from docs/links/podman-image-save.1)0
-rw-r--r--docs/source/markdown/links/podman-image-tag.1 (renamed from docs/links/podman-image-tag.1)0
-rw-r--r--docs/source/markdown/links/podman-list.1 (renamed from docs/links/podman-list.1)0
-rw-r--r--docs/source/markdown/links/podman-ls.1 (renamed from docs/links/podman-ls.1)0
-rw-r--r--docs/source/markdown/links/podman-system-info.1 (renamed from docs/links/podman-system-info.1)0
-rw-r--r--docs/source/markdown/links/podman-unmount.1 (renamed from docs/links/podman-unmount.1)0
-rw-r--r--docs/source/markdown/podman-attach.1.md (renamed from docs/podman-attach.1.md)0
-rw-r--r--docs/source/markdown/podman-build.1.md (renamed from docs/podman-build.1.md)0
-rw-r--r--docs/source/markdown/podman-commit.1.md (renamed from docs/podman-commit.1.md)0
-rw-r--r--docs/source/markdown/podman-container-checkpoint.1.md (renamed from docs/podman-container-checkpoint.1.md)0
-rw-r--r--docs/source/markdown/podman-container-cleanup.1.md (renamed from docs/podman-container-cleanup.1.md)0
-rw-r--r--docs/source/markdown/podman-container-exists.1.md (renamed from docs/podman-container-exists.1.md)0
-rw-r--r--docs/source/markdown/podman-container-prune.1.md (renamed from docs/podman-container-prune.1.md)0
-rw-r--r--docs/source/markdown/podman-container-restore.1.md (renamed from docs/podman-container-restore.1.md)0
-rw-r--r--docs/source/markdown/podman-container-runlabel.1.md (renamed from docs/podman-container-runlabel.1.md)0
-rw-r--r--docs/source/markdown/podman-container.1.md (renamed from docs/podman-container.1.md)0
-rw-r--r--docs/source/markdown/podman-cp.1.md (renamed from docs/podman-cp.1.md)0
-rw-r--r--docs/source/markdown/podman-create.1.md (renamed from docs/podman-create.1.md)0
-rw-r--r--docs/source/markdown/podman-diff.1.md (renamed from docs/podman-diff.1.md)0
-rw-r--r--docs/source/markdown/podman-events.1.md (renamed from docs/podman-events.1.md)0
-rw-r--r--docs/source/markdown/podman-exec.1.md (renamed from docs/podman-exec.1.md)0
-rw-r--r--docs/source/markdown/podman-export.1.md (renamed from docs/podman-export.1.md)0
-rw-r--r--docs/source/markdown/podman-generate-kube.1.md (renamed from docs/podman-generate-kube.1.md)0
-rw-r--r--docs/source/markdown/podman-generate-systemd.1.md (renamed from docs/podman-generate-systemd.1.md)0
-rw-r--r--docs/source/markdown/podman-generate.1.md (renamed from docs/podman-generate.1.md)0
-rw-r--r--docs/source/markdown/podman-healthcheck-run.1.md (renamed from docs/podman-healthcheck-run.1.md)0
-rw-r--r--docs/source/markdown/podman-healthcheck.1.md (renamed from docs/podman-healthcheck.1.md)0
-rw-r--r--docs/source/markdown/podman-history.1.md (renamed from docs/podman-history.1.md)0
-rw-r--r--docs/source/markdown/podman-image-exists.1.md (renamed from docs/podman-image-exists.1.md)0
-rw-r--r--docs/source/markdown/podman-image-prune.1.md (renamed from docs/podman-image-prune.1.md)0
-rw-r--r--docs/source/markdown/podman-image-sign.1.md (renamed from docs/podman-image-sign.1.md)0
-rw-r--r--docs/source/markdown/podman-image-tree.1.md (renamed from docs/podman-image-tree.1.md)0
-rw-r--r--docs/source/markdown/podman-image-trust.1.md (renamed from docs/podman-image-trust.1.md)0
-rw-r--r--docs/source/markdown/podman-image.1.md (renamed from docs/podman-image.1.md)0
-rw-r--r--docs/source/markdown/podman-images.1.md (renamed from docs/podman-images.1.md)0
-rw-r--r--docs/source/markdown/podman-import.1.md (renamed from docs/podman-import.1.md)0
-rw-r--r--docs/source/markdown/podman-info.1.md (renamed from docs/podman-info.1.md)0
-rw-r--r--docs/source/markdown/podman-init.1.md (renamed from docs/podman-init.1.md)0
-rw-r--r--docs/source/markdown/podman-inspect.1.md (renamed from docs/podman-inspect.1.md)0
-rw-r--r--docs/source/markdown/podman-kill.1.md (renamed from docs/podman-kill.1.md)0
-rw-r--r--docs/source/markdown/podman-load.1.md (renamed from docs/podman-load.1.md)0
-rw-r--r--docs/source/markdown/podman-login.1.md (renamed from docs/podman-login.1.md)0
-rw-r--r--docs/source/markdown/podman-logout.1.md (renamed from docs/podman-logout.1.md)0
-rw-r--r--docs/source/markdown/podman-logs.1.md (renamed from docs/podman-logs.1.md)0
-rw-r--r--docs/source/markdown/podman-mount.1.md (renamed from docs/podman-mount.1.md)0
-rw-r--r--docs/source/markdown/podman-network-create.1.md (renamed from docs/podman-network-create.1.md)0
-rw-r--r--docs/source/markdown/podman-network-inspect.1.md (renamed from docs/podman-network-inspect.1.md)0
-rw-r--r--docs/source/markdown/podman-network-ls.1.md (renamed from docs/podman-network-ls.1.md)0
-rw-r--r--docs/source/markdown/podman-network-rm.1.md (renamed from docs/podman-network-rm.1.md)0
-rw-r--r--docs/source/markdown/podman-network.1.md (renamed from docs/podman-network.1.md)0
-rw-r--r--docs/source/markdown/podman-pause.1.md (renamed from docs/podman-pause.1.md)0
-rw-r--r--docs/source/markdown/podman-play-kube.1.md (renamed from docs/podman-play-kube.1.md)0
-rw-r--r--docs/source/markdown/podman-play.1.md (renamed from docs/podman-play.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-create.1.md (renamed from docs/podman-pod-create.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-exists.1.md (renamed from docs/podman-pod-exists.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-inspect.1.md (renamed from docs/podman-pod-inspect.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-kill.1.md (renamed from docs/podman-pod-kill.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-pause.1.md (renamed from docs/podman-pod-pause.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-prune.1.md (renamed from docs/podman-pod-prune.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-ps.1.md (renamed from docs/podman-pod-ps.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-restart.1.md (renamed from docs/podman-pod-restart.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-rm.1.md (renamed from docs/podman-pod-rm.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-start.1.md (renamed from docs/podman-pod-start.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-stats.1.md (renamed from docs/podman-pod-stats.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-stop.1.md (renamed from docs/podman-pod-stop.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-top.1.md (renamed from docs/podman-pod-top.1.md)0
-rw-r--r--docs/source/markdown/podman-pod-unpause.1.md (renamed from docs/podman-pod-unpause.1.md)0
-rw-r--r--docs/source/markdown/podman-pod.1.md (renamed from docs/podman-pod.1.md)0
-rw-r--r--docs/source/markdown/podman-port.1.md (renamed from docs/podman-port.1.md)0
-rw-r--r--docs/source/markdown/podman-ps.1.md (renamed from docs/podman-ps.1.md)0
-rw-r--r--docs/source/markdown/podman-pull.1.md (renamed from docs/podman-pull.1.md)0
-rw-r--r--docs/source/markdown/podman-push.1.md (renamed from docs/podman-push.1.md)0
-rw-r--r--docs/source/markdown/podman-remote.1.md (renamed from docs/podman-remote.1.md)0
-rw-r--r--docs/source/markdown/podman-restart.1.md (renamed from docs/podman-restart.1.md)0
-rw-r--r--docs/source/markdown/podman-rm.1.md (renamed from docs/podman-rm.1.md)0
-rw-r--r--docs/source/markdown/podman-rmi.1.md (renamed from docs/podman-rmi.1.md)0
-rw-r--r--docs/source/markdown/podman-run.1.md (renamed from docs/podman-run.1.md)0
-rw-r--r--docs/source/markdown/podman-save.1.md (renamed from docs/podman-save.1.md)0
-rw-r--r--docs/source/markdown/podman-search.1.md (renamed from docs/podman-search.1.md)0
-rw-r--r--docs/source/markdown/podman-start.1.md (renamed from docs/podman-start.1.md)0
-rw-r--r--docs/source/markdown/podman-stats.1.md (renamed from docs/podman-stats.1.md)0
-rw-r--r--docs/source/markdown/podman-stop.1.md (renamed from docs/podman-stop.1.md)0
-rw-r--r--docs/source/markdown/podman-system-df.1.md (renamed from docs/podman-system-df.1.md)0
-rw-r--r--docs/source/markdown/podman-system-migrate.1.md (renamed from docs/podman-system-migrate.1.md)0
-rw-r--r--docs/source/markdown/podman-system-prune.1.md (renamed from docs/podman-system-prune.1.md)0
-rw-r--r--docs/source/markdown/podman-system-renumber.1.md (renamed from docs/podman-system-renumber.1.md)0
-rw-r--r--docs/source/markdown/podman-system.1.md (renamed from docs/podman-system.1.md)0
-rw-r--r--docs/source/markdown/podman-tag.1.md (renamed from docs/podman-tag.1.md)0
-rw-r--r--docs/source/markdown/podman-top.1.md (renamed from docs/podman-top.1.md)0
-rw-r--r--docs/source/markdown/podman-umount.1.md (renamed from docs/podman-umount.1.md)0
-rw-r--r--docs/source/markdown/podman-unpause.1.md (renamed from docs/podman-unpause.1.md)0
-rw-r--r--docs/source/markdown/podman-unshare.1.md (renamed from docs/podman-unshare.1.md)0
-rw-r--r--docs/source/markdown/podman-varlink.1.md (renamed from docs/podman-varlink.1.md)0
-rw-r--r--docs/source/markdown/podman-version.1.md (renamed from docs/podman-version.1.md)0
-rw-r--r--docs/source/markdown/podman-volume-create.1.md (renamed from docs/podman-volume-create.1.md)0
-rw-r--r--docs/source/markdown/podman-volume-inspect.1.md (renamed from docs/podman-volume-inspect.1.md)0
-rw-r--r--docs/source/markdown/podman-volume-ls.1.md (renamed from docs/podman-volume-ls.1.md)0
-rw-r--r--docs/source/markdown/podman-volume-prune.1.md (renamed from docs/podman-volume-prune.1.md)0
-rw-r--r--docs/source/markdown/podman-volume-rm.1.md (renamed from docs/podman-volume-rm.1.md)0
-rw-r--r--docs/source/markdown/podman-volume.1.md (renamed from docs/podman-volume.1.md)0
-rw-r--r--docs/source/markdown/podman-wait.1.md (renamed from docs/podman-wait.1.md)0
-rw-r--r--docs/source/markdown/podman.1.md (renamed from docs/podman.1.md)0
-rw-r--r--docs/source/network.rst10
-rw-r--r--docs/source/play.rst4
-rw-r--r--docs/source/pod.rst30
-rw-r--r--docs/source/system.rst12
-rw-r--r--docs/source/volume.rst11
-rw-r--r--go.sum15
-rwxr-xr-xhack/man-page-checker2
-rwxr-xr-xhack/podman-commands.sh6
-rw-r--r--libpod/boltdb_state.go5
-rw-r--r--libpod/common_test.go3
-rw-r--r--libpod/config/config.go549
-rw-r--r--libpod/config/config_test.go64
-rw-r--r--libpod/config/default.go137
-rw-r--r--libpod/config/merge.go183
-rw-r--r--libpod/config/merge_test.go157
-rw-r--r--libpod/config/testdata/empty.conf0
l---------libpod/config/testdata/libpod.conf1
-rw-r--r--libpod/container.go4
-rw-r--r--libpod/container_inspect.go4
-rw-r--r--libpod/container_internal_linux.go4
-rw-r--r--libpod/define/config.go18
-rw-r--r--libpod/define/runtime.go37
-rw-r--r--libpod/in_memory_state.go5
-rw-r--r--libpod/oci_attach_linux.go2
-rw-r--r--libpod/oci_conmon_linux.go21
-rw-r--r--libpod/oci_conmon_unsupported.go3
-rw-r--r--libpod/oci_util.go26
-rw-r--r--libpod/options.go24
-rw-r--r--libpod/pod_internal.go4
-rw-r--r--libpod/runtime.go828
-rw-r--r--libpod/runtime_ctr.go6
-rw-r--r--libpod/runtime_pod_linux.go10
-rw-r--r--libpod/state.go13
-rw-r--r--libpod/state_test.go3
-rw-r--r--libpod/util.go17
-rw-r--r--libpod/volume_internal_linux.go16
-rw-r--r--pkg/adapter/containers.go29
-rw-r--r--pkg/spec/spec.go8
-rw-r--r--pkg/util/utils.go14
-rw-r--r--test/e2e/run_selinux_test.go2
-rw-r--r--test/e2e/run_volume_test.go11
-rw-r--r--test/e2e/start_test.go21
216 files changed, 1747 insertions, 1449 deletions
diff --git a/.gitignore b/.gitignore
index 598384582..54b63518f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,6 +5,7 @@
/docs/*.[158]
/docs/*.[158].gz
/docs/remote
+/docs/build/
*.o
*.orig
/pause/pause.o
@@ -25,3 +26,4 @@ release.txt
podman-remote*.zip
podman*.tar.gz
.idea*
+.vscode*
diff --git a/Makefile b/Makefile
index d4d123d69..98b7bbdfd 100644
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,7 @@ export GOPROXY=https://proxy.golang.org
GO ?= go
DESTDIR ?=
-EPOCH_TEST_COMMIT ?= 2b0892e757c878cdb087dd22b8986bccef0276ed
+EPOCH_TEST_COMMIT ?= ac73fd3fe5dcbf2647d589f9c9f37fe9531ed663
HEAD ?= HEAD
CHANGELOG_BASE ?= HEAD~
CHANGELOG_TARGET ?= HEAD
@@ -73,8 +73,8 @@ ASMFLAGS ?= all=-trimpath=${PWD}
LDFLAGS_PODMAN ?= $(LDFLAGS) \
-X $(LIBPOD)/define.gitCommit=$(GIT_COMMIT) \
-X $(LIBPOD)/define.buildInfo=$(BUILD_INFO) \
- -X $(LIBPOD).installPrefix=$(PREFIX) \
- -X $(LIBPOD).etcDir=$(ETCDIR)
+ -X $(LIBPOD)/config._installPrefix=$(PREFIX) \
+ -X $(LIBPOD)/config._etcDir=$(ETCDIR)
#Update to LIBSECCOMP_COMMIT should reflect in Dockerfile too.
LIBSECCOMP_COMMIT := release-2.3
# Rarely if ever should integration tests take more than 50min,
@@ -167,13 +167,11 @@ podman-remote: .gopathok $(PODMAN_VARLINK_DEPENDENCIES) ## Build with podman on
$(GO_BUILD) $(BUILDFLAGS) -gcflags '$(GCFLAGS)' -asmflags '$(ASMFLAGS)' -ldflags '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS) remoteclient" -o bin/$@ $(PROJECT)/cmd/podman
.PHONY: podman.msi
-podman.msi: podman-remote podman-remote-windows docs ## Will always rebuild exe as there is no podman-remote-windows.exe target to verify timestamp
- rm -rf bin/windows
- mkdir -p bin/windows
- docs/podman-remote.sh windows bin/windows docs
- find bin/windows -print \
- |wixl-heat --var var.ManSourceDir --component-group ManFiles --directory-ref INSTALLDIR --prefix bin/windows/ >bin/windows/pages.wsx
- wixl -D VERSION=$(RELEASE_NUMBER) -D ManSourceDir=bin/windows -o podman-v$(RELEASE_NUMBER).msi contrib/msi/podman.wxs bin/windows/pages.wsx
+podman.msi: podman-remote podman-remote-windows install-podman-remote-windows-docs ## Will always rebuild exe as there is no podman-remote-windows.exe target to verify timestamp
+ $(eval DOCFILE := docs/build/remote/windows)
+ find $(DOCFILE) -print \
+ |wixl-heat --var var.ManSourceDir --component-group ManFiles --directory-ref INSTALLDIR --prefix $(DOCFILE)/ >$(DOCFILE)/pages.wsx
+ wixl -D VERSION=$(RELEASE_NUMBER) -D ManSourceDir=$(DOCFILE) -o podman-v$(RELEASE_NUMBER).msi contrib/msi/podman.wxs $(DOCFILE)/pages.wsx
podman-remote-%: .gopathok $(PODMAN_VARLINK_DEPENDENCIES) ## Build podman for a specific GOOS
$(eval BINSFX := $(shell test "$*" != "windows" || echo ".exe"))
@@ -196,7 +194,6 @@ clean: ## Clean artifacts
$(wildcard podman*.tar.gz) \
bin \
build \
- docs/remote \
test/checkseccomp/checkseccomp \
test/goecho/goecho \
test/testdata/redis-image \
@@ -205,9 +202,7 @@ clean: ## Clean artifacts
libpod/pod_ffjson.go \
libpod/container_easyjson.go \
libpod/pod_easyjson.go \
- $(MANPAGES) ||:
- find . -name \*~ -delete
- find . -name \#\* -delete
+ docs/build
libpodimage: ## Build the libpod image
${CONTAINER_RUNTIME} build -t ${LIBPOD_IMAGE} .
@@ -312,20 +307,26 @@ install.catatonit:
test-binaries: test/checkseccomp/checkseccomp test/goecho/goecho install.catatonit
-MANPAGES_MD ?= $(wildcard docs/*.md pkg/*/docs/*.md)
+MANPAGES_MD ?= $(wildcard docs/source/markdown/*.md pkg/*/docs/*.md)
MANPAGES ?= $(MANPAGES_MD:%.md=%)
+MANPAGES_DEST ?= $(subst markdown,man, $(subst source,build,$(MANPAGES)))
$(MANPAGES): %: %.md .gopathok
- @sed -e 's/\((podman.*\.md)\)//' -e 's/\[\(podman.*\)\]/\1/' $< | $(GOMD2MAN) -in /dev/stdin -out $@
+ @sed -e 's/\((podman.*\.md)\)//' -e 's/\[\(podman.*\)\]/\1/' $< | $(GOMD2MAN) -in /dev/stdin -out $(subst source/markdown,build/man,$@)
-docs: $(MANPAGES) ## Generate documentation
+docdir:
+ mkdir -p docs/build/man
-install-podman-remote-docs: podman-remote docs
- rm -rf docs/remote
- docs/podman-remote.sh darwin docs/remote docs
+docs: docdir $(MANPAGES) ## Generate documentation
+
+install-podman-remote-%-docs: podman-remote docs $(MANPAGES)
+ rm -rf docs/build/remote
+ mkdir -p docs/build/remote
+ ln -sf $(shell pwd)/docs/source/markdown/links docs/build/man/
+ docs/remote-docs.sh $* docs/build/remote/$* $(if $(findstring windows,$*),docs/source/markdown,docs/build/man)
man-page-check:
- ./hack/man-page-checker
+ hack/man-page-checker
# When publishing releases include critical build-time details
.PHONY: release.txt
@@ -349,7 +350,7 @@ podman-v$(RELEASE_NUMBER).tar.gz: binaries docs release.txt
# Must call make in-line: Dependency-spec. w/ wild-card also consumes variable value.
podman-remote-v$(RELEASE_NUMBER)-%.zip:
- $(MAKE) podman-remote-$* install-podman-remote-docs release.txt \
+ $(MAKE) podman-remote-$* install-podman-remote-$*-docs release.txt \
RELEASE_BASENAME=$(shell hack/get_release_info.sh REMOTENAME) \
RELEASE_DIST=$* RELEASE_DIST_VER="-"
$(eval TMPDIR := $(shell mktemp -d -p '' $podman_remote_XXXX))
@@ -359,13 +360,7 @@ podman-remote-v$(RELEASE_NUMBER)-%.zip:
# release.txt location and content depended upon by automated tooling
cp release.txt "$(TMPDIR)/"
cp ./bin/podman-remote-$*$(BINSFX) "$(TMPDIR)/$(SUBDIR)/podman$(BINSFX)"
- cp -r ./docs/remote "$(TMPDIR)/$(SUBDIR)/docs/"
- $(eval DOCFILE := $(TMPDIR)/$(SUBDIR)/docs/podman.1)
- cp docs/podman-remote.1 "$(DOCFILE)"
- sed -i 's/podman\\*-remote/podman/g' "$(DOCFILE)"
- sed -i 's/Podman\\*-remote/Podman\ for\ $*/g' "$(DOCFILE)"
- sed -i 's/podman\.conf/podman\-remote\.conf/g' "$(DOCFILE)"
- sed -i 's/A\ remote\ CLI\ for\ Podman\:\ //g' "$(DOCFILE)"
+ cp -r ./docs/build/remote/$* "$(TMPDIR)/$(SUBDIR)/docs/"
cd "$(TMPDIR)" && \
zip --recurse-paths "$(CURDIR)/$@" "./release.txt" "./"
-rm -rf "$(TMPDIR)"
@@ -408,9 +403,9 @@ install.bin: podman
install.man: docs
install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(MANDIR)/man1
install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(MANDIR)/man5
- install ${SELINUXOPT} -m 644 $(filter %.1,$(MANPAGES)) -t $(DESTDIR)$(MANDIR)/man1
- install ${SELINUXOPT} -m 644 $(filter %.5,$(MANPAGES)) -t $(DESTDIR)$(MANDIR)/man5
- install ${SELINUXOPT} -m 644 docs/links/*1 -t $(DESTDIR)$(MANDIR)/man1
+ install ${SELINUXOPT} -m 644 $(filter %.1,$(MANPAGES_DEST)) -t $(DESTDIR)$(MANDIR)/man1
+ install ${SELINUXOPT} -m 644 $(filter %.5,$(MANPAGES_DEST)) -t $(DESTDIR)$(MANDIR)/man5
+ install ${SELINUXOPT} -m 644 docs/source/markdown/links/*1 -t $(DESTDIR)$(MANDIR)/man1
install.config:
install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(SHAREDIR_CONTAINERS)
@@ -444,16 +439,16 @@ install.systemd:
install ${SELINUXOPT} -m 644 contrib/varlink/podman.conf ${DESTDIR}${TMPFILESDIR}/podman.conf
uninstall:
- for i in $(filter %.1,$(MANPAGES)); do \
+ for i in $(filter %.1,$(MANPAGES_DEST)); do \
rm -f $(DESTDIR)$(MANDIR)/man1/$$(basename $${i}); \
done; \
- for i in $(filter %.5,$(MANPAGES)); do \
+ for i in $(filter %.5,$(MANPAGES_DEST)); do \
rm -f $(DESTDIR)$(MANDIR)/man5/$$(basename $${i}); \
done
.PHONY: .gitvalidation
.gitvalidation: .gopathok
- GIT_CHECK_EXCLUDE="./vendor:docs/rtd/make.bat" $(GOBIN)/git-validation -v -run DCO,short-subject,dangling-whitespace -range $(EPOCH_TEST_COMMIT)..$(HEAD)
+ GIT_CHECK_EXCLUDE="./vendor:docs/make.bat" $(GOBIN)/git-validation -v -run DCO,short-subject,dangling-whitespace -range $(EPOCH_TEST_COMMIT)..$(HEAD)
.PHONY: install.tools
install.tools: .install.gitvalidation .install.gometalinter .install.md2man .install.ginkgo .install.golangci-lint ## Install needed tools
diff --git a/cmd/podman/build.go b/cmd/podman/build.go
index e9ebc50aa..896d5661a 100644
--- a/cmd/podman/build.go
+++ b/cmd/podman/build.go
@@ -11,7 +11,7 @@ import (
buildahcli "github.com/containers/buildah/pkg/cli"
"github.com/containers/image/v5/types"
"github.com/containers/libpod/cmd/podman/cliconfig"
- "github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/adapter"
"github.com/docker/go-units"
"github.com/opencontainers/runtime-spec/specs-go"
@@ -260,7 +260,7 @@ func buildCmd(c *cliconfig.BuildValues) error {
if err != nil {
return err
}
- if conf != nil && conf.CgroupManager == libpod.SystemdCgroupsManager {
+ if conf != nil && conf.CgroupManager == define.SystemdCgroupsManager {
runtimeFlags = append(runtimeFlags, "--systemd-cgroup")
}
// end from buildah
diff --git a/cmd/podman/cp.go b/cmd/podman/cp.go
index 75a23afd6..c53a97df3 100644
--- a/cmd/podman/cp.go
+++ b/cmd/podman/cp.go
@@ -257,8 +257,15 @@ func parsePath(runtime *libpod.Runtime, path string) (*libpod.Container, string)
return nil, path
}
+func evalSymlinks(path string) (string, error) {
+ if path == os.Stdin.Name() {
+ return path, nil
+ }
+ return filepath.EvalSymlinks(path)
+}
+
func getPathInfo(path string) (string, os.FileInfo, error) {
- path, err := filepath.EvalSymlinks(path)
+ path, err := evalSymlinks(path)
if err != nil {
return "", nil, errors.Wrapf(err, "error evaluating symlinks %q", path)
}
@@ -270,7 +277,7 @@ func getPathInfo(path string) (string, os.FileInfo, error) {
}
func copy(src, destPath, dest string, idMappingOpts storage.IDMappingOptions, chownOpts *idtools.IDPair, extract, isFromHostToCtr bool) error {
- srcPath, err := filepath.EvalSymlinks(src)
+ srcPath, err := evalSymlinks(src)
if err != nil {
return errors.Wrapf(err, "error evaluating symlinks %q", srcPath)
}
diff --git a/cmd/podman/main_local.go b/cmd/podman/main_local.go
index 202d93b35..6057eeec3 100644
--- a/cmd/podman/main_local.go
+++ b/cmd/podman/main_local.go
@@ -16,7 +16,8 @@ import (
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/cmd/podman/libpodruntime"
- "github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/libpod/config"
+ "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/tracing"
@@ -32,8 +33,8 @@ import (
const remote = false
func init() {
- cgroupManager := libpod.SystemdCgroupsManager
- if runtimeConfig, err := libpod.DefaultRuntimeConfig(); err == nil {
+ cgroupManager := define.SystemdCgroupsManager
+ if runtimeConfig, err := config.NewConfig(""); err == nil {
cgroupManager = runtimeConfig.CgroupManager
}
cgroupHelp := "Cgroup manager to use (cgroupfs or systemd)"
@@ -181,7 +182,7 @@ func setupRootless(cmd *cobra.Command, args []string) error {
if !ownsCgroup {
unitName := fmt.Sprintf("podman-%d.scope", os.Getpid())
if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil {
- if conf.CgroupManager == libpod.SystemdCgroupsManager {
+ if conf.CgroupManager == define.SystemdCgroupsManager {
logrus.Warnf("Failed to add podman to systemd sandbox cgroup: %v", err)
} else {
logrus.Debugf("Failed to add podman to systemd sandbox cgroup: %v", err)
@@ -225,7 +226,7 @@ func setupRootless(cmd *cobra.Command, args []string) error {
if err != nil {
return err
}
- if conf.CgroupManager == libpod.SystemdCgroupsManager {
+ if conf.CgroupManager == define.SystemdCgroupsManager {
logrus.Warnf("Failed to add pause process to systemd sandbox cgroup: %v", err)
} else {
logrus.Debugf("Failed to add pause process to systemd sandbox cgroup: %v", err)
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index 051157702..297ed49ce 100644
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -238,34 +238,46 @@ ircmsg() {
# there is at least one release tag not having any '-' characters (return 0)
# or otherwise (return non-0).
is_release() {
- req_env_var CIRRUS_BASE_SHA CIRRUS_CHANGE_IN_REPO
- local range="${CIRRUS_BASE_SHA}..${CIRRUS_CHANGE_IN_REPO}"
- # Easy check first, default non-useful values
- if echo "${range}$CIRRUS_TAG" | grep -iq 'unknown'; then
- die 11 "is_release() unusable range ${range} or tag $CIRRUS_TAG"
- fi
- # Next easy check, is CIRRUS_TAG set
unset RELVER
+ local ret
+ req_env_var CIRRUS_CHANGE_IN_REPO
if [[ -n "$CIRRUS_TAG" ]]; then
RELVER="$CIRRUS_TAG"
- else # Lastly, look through the range for tags
- git fetch --all --tags &> /dev/null|| \
- die 12 "is_release() failed to fetch tags"
- RELVER=$(git log --pretty='format:%d' $range | \
- grep '(tag:' | sed -r -e 's/\s+[(]tag:\s+(v[0-9].*)[)]/\1/' | \
- sort -uV | tail -1)
- [[ "$?" -eq "0" ]] || \
+ elif [[ ! "$CIRRUS_BASE_SHA" =~ "unknown" ]]
+ then
+ # Normally not possible for this to be empty, except when unittesting.
+ req_env_var CIRRUS_BASE_SHA
+ local range="${CIRRUS_BASE_SHA}..${CIRRUS_CHANGE_IN_REPO}"
+ if echo "${range}$CIRRUS_TAG" | grep -iq 'unknown'; then
+ die 11 "is_release() unusable range ${range} or tag $CIRRUS_TAG"
+ fi
+
+ if type -P git &> /dev/null
+ then
+ git fetch --all --tags &> /dev/null|| \
+ die 12 "is_release() failed to fetch tags"
+ RELVER=$(git log --pretty='format:%d' $range | \
+ grep '(tag:' | sed -r -e 's/\s+[(]tag:\s+(v[0-9].*)[)]/\1/' | \
+ sort -uV | tail -1)
+ ret=$?
+ else
+ warn -1 "Git command not found while checking for release"
+ ret="-1"
+ fi
+ [[ "$ret" -eq "0" ]] || \
die 13 "is_release() failed to parse tags"
+ else # Not testing a PR, but neither CIRRUS_BASE_SHA or CIRRUS_TAG are set
+ return 1
fi
- echo "Found \$RELVER $RELVER"
if [[ -n "$RELVER" ]]; then
+ echo "Found \$RELVER $RELVER"
if echo "$RELVER" | grep -q '-'; then
- return 2
+ return 2 # development tag
else
return 0
fi
else
- return 1
+ return 1 # not a release
fi
}
diff --git a/contrib/cirrus/lib.sh.t b/contrib/cirrus/lib.sh.t
index 9915b42a4..8f4080dd5 100755
--- a/contrib/cirrus/lib.sh.t
+++ b/contrib/cirrus/lib.sh.t
@@ -138,16 +138,19 @@ function test_is_release() {
}
# FROM TO TAG RET MSG
-#test_is_release "" "" "" "" ""
-
-test_is_release "" "" "" "9" "FATAL: is_release() requires \$CIRRUS_BASE_SHA to be non-empty"
+test_is_release "" "" "" "9" "FATAL: is_release() requires \$CIRRUS_CHANGE_IN_REPO to be non-empty"
test_is_release "x" "" "" "9" "FATAL: is_release() requires \$CIRRUS_CHANGE_IN_REPO to be non-empty"
-test_is_release "unknown" "x" "" "11" "is_release() unusable range unknown..x or tag "
-test_is_release "x" "unknown" "" "11" "is_release() unusable range x..unknown or tag "
-test_is_release "x" "x" "unknown" "11" "is_release() unusable range x..x or tag unknown"
+# post-merge / tag-push testing, FROM will be set 'unknown' by (lib.sh default)
+test_is_release "unknown" "x" "" "1" ""
+# post-merge / tag-push testing, oddball tag is set, FROM will be set 'unknown'
+test_is_release "unknown" "unknown" "test-tag" "2" "Found \$RELVER test-tag"
+# post-merge / tag-push testing, sane tag is set, FROM will be set 'unknown'
+test_is_release "unknown" "unknown" "0.0.0" "0" "Found \$RELVER 0.0.0"
+# hack/get_ci_vm or PR testing, FROM and TO are set, no tag is set
+test_is_release "x" "x" "" "1" ""
-# Negative-testing git with this function is very difficult, assume it works
+# Negative-testing git with this function is very difficult, assume git works
# test_is_release ... "is_release() failed to fetch tags"
# test_is_release ... "is_release() failed to parse tags"
diff --git a/docs/Makefile b/docs/Makefile
new file mode 100644
index 000000000..fb67e266c
--- /dev/null
+++ b/docs/Makefile
@@ -0,0 +1,23 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line, and also
+# from the environment for the first two.
+SPHINXOPTS ?=
+SPHINXBUILD ?= sphinx-build
+SOURCEDIR = source
+BUILDDIR = build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+ @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+clean:
+ rm -fr build/
+
+.PHONY: help Makefile
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile
+ @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
diff --git a/docs/Readme.md b/docs/Readme.md
new file mode 100644
index 000000000..4514afa77
--- /dev/null
+++ b/docs/Readme.md
@@ -0,0 +1,21 @@
+# Build the Docs
+
+## Directory Structure
+
+| | Directory |
+| ------------------------------------ | --------------------------- |
+| Markdown source for man pages | docs/source/markdown/ |
+| man pages aliases as .so files | docs/source/markdown/links/ |
+| restructured text for readthedocs.io | docs/rst/ |
+| target for output | docs/build |
+| man pages | docs/build/man |
+| remote linux man pages | docs/build/remote/linux |
+| remote darwin man pages | docs/build/remote/darwin |
+| remote windows html pages | docs/build/remote/windows |
+
+## Support files
+
+| | |
+| ------------------------------------ | --------------------------- |
+| docs/remote-docs.sh | Read the docs/source/markdown files and format for each platform |
+| docs/links-to-html.lua | pandoc filter to do aliases for html files | \ No newline at end of file
diff --git a/docs/rtd/make.bat b/docs/make.bat
index 6247f7e23..6247f7e23 100644
--- a/docs/rtd/make.bat
+++ b/docs/make.bat
diff --git a/docs/podman-remote.sh b/docs/remote-docs.sh
index 2f8e76d1b..1440b0926 100755
--- a/docs/podman-remote.sh
+++ b/docs/remote-docs.sh
@@ -1,17 +1,17 @@
#!/bin/bash -e
# Assemble remote man pages for darwin or windows from markdown files
-PLATFORM=$1 ## windows or darwin
-TARGET=$2 ## where to output files
+PLATFORM=$1 ## linux, windows or darwin
+TARGET=${2} ## where to output files
SOURCES=${@:3} ## directories to find markdown files
PODMAN=${PODMAN:-bin/podman-remote} ## location overridden for testing
function usage() {
echo >&2 "$0 PLATFORM TARGET SOURCES..."
- echo >&2 "PLATFORM: Is either darwin or windows."
- echo >&2 "TARGET: Is the directory where files will be staged."
- echo >&2 "SOURCES: Are the directories to source markdown files."
+ echo >&2 "PLATFORM: Is either linux, darwin or windows."
+ echo >&2 "TARGET: Is the directory where files will be staged. eg, docs/build/remote/linux"
+ echo >&2 "SOURCES: Are the directories of source files. eg, docs/markdown"
}
function fail() {
@@ -21,19 +21,17 @@ function fail() {
}
case $PLATFORM in
-'darwin')
- EXT=1
- PUBLISHER=darwin_fn
+darwin|linux)
+ PUBLISHER=man_fn
;;
-'windows')
- EXT=1.md
- PUBLISHER=windows_fn
+windows)
+ PUBLISHER=html_fn
;;
-'-help')
+-help)
usage
exit 0
;;
-*) fail '"darwin" and "windows" are currently the only supported platforms.' ;;
+*) fail '"linux", "darwin" and "windows" are the only supported platforms.' ;;
esac
if [[ -z $TARGET ]]; then
@@ -48,20 +46,20 @@ if [[ ! -x $PODMAN ]]; then
fail "$PODMAN does not exist"
fi
-## darwin_fn copies the markdown page or link to flattened directory
-function darwin_fn() {
- local markdown=$1
- local file=$(basename $markdown)
- local dir=$(dirname $markdown)
+## man_fn copies the man page or link to flattened directory
+function man_fn() {
+ local page=$1
+ local file=$(basename $page)
+ local dir=$(dirname $page)
- if [[ -f $dir/links/$file ]]; then
- markdown=$dir/links/$file
+ if [[ ! -f $page ]]; then
+ page=$dir/links/${file%.*}.1
fi
- install $markdown $TARGET
+ install $page $TARGET/${file%%.*}.1
}
-## windows_fn converts the markdown page or link to HTML
-function windows_fn() {
+## html_fn converts the markdown page or link to HTML
+function html_fn() {
local markdown=$1
local file=$(basename $markdown)
local dir=$(dirname $markdown)
@@ -70,21 +68,26 @@ function windows_fn() {
local link=$(sed -e 's?.so man1/\(.*\)?\1?' <$dir/links/${file%.md})
markdown=$dir/$link.md
fi
- pandoc --ascii --lua-filter=$dir/links-to-html.lua -o $TARGET/${file%.$EXT}.html $markdown
+ pandoc --ascii --lua-filter=docs/links-to-html.lua -o $TARGET/${file%%.*}.html $markdown
}
## pub_pages finds and publishes the remote manual pages
function pub_pages() {
local source=$1
local publisher=$2
- for f in $(ls $source/podman-remote*$EXT); do
+ for f in $(ls $source/podman-remote*); do
$publisher $f
done
+ # rename podman-remote.ext to podman.ext and copy
+ local remote=$(echo $TARGET/podman-remote.*)
+ local ext=${remote##*.}
+ cp -f $remote $TARGET/podman.$ext
+
for c in "container" "image" "pod" "volume" ""; do
local cmd=${c:+-$c}
for s in $($PODMAN $c --help | sed -n '/^Available Commands:/,/^Flags:/p' | sed -e '1d;$d' -e '/^$/d' | awk '{print $1}'); do
- $publisher $source/podman$cmd-$s.$EXT
+ $publisher $(echo $source/podman$cmd-$s.*)
done
done
}
diff --git a/docs/rtd/requirements.txt b/docs/requirements.txt
index 44af373ac..44af373ac 100644
--- a/docs/rtd/requirements.txt
+++ b/docs/requirements.txt
diff --git a/docs/rtd/Makefile b/docs/rtd/Makefile
deleted file mode 100644
index 50af6490a..000000000
--- a/docs/rtd/Makefile
+++ /dev/null
@@ -1,123 +0,0 @@
-# Minimal makefile for Sphinx documentation
-#
-
-# You can set these variables from the command line, and also
-# from the environment for the first two.
-SPHINXOPTS ?=
-SPHINXBUILD ?= sphinx-build
-SOURCEDIR = source
-BUILDDIR = build
-
-# Put it first so that "make" without argument is like "make help".
-help:
- @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
-
-clean:
- rm -fr build/
- rm -f source/man/podman-*.1.md
-
-copy:
- cp -v ../podman-attach.1.md source/man/
- cp -v ../podman-build.1.md source/man/
- cp -v ../podman-commit.1.md source/man/
- # container
- cp -v ../podman-container-checkpoint.1.md source/man/
- cp -v ../podman-container-exists.1.md source/man/
- cp -v ../podman-container-restore.1.md source/man/
- cp -v ../podman-container-cleanup.1.md source/man/
- cp -v ../podman-container-prune.1.md source/man/
- cp -v ../podman-container-runlabel.1.md source/man/
- cp -v ../podman-cp.1.md source/man/
- cp -v ../podman-create.1.md source/man/
- cp -v ../podman-diff.1.md source/man/
- cp -v ../podman-events.1.md source/man/
- cp -v ../podman-exec.1.md source/man/
- cp -v ../podman-export.1.md source/man/
- # generate
- cp -v ../podman-generate-systemd.1.md source/man/
- cp -v ../podman-generate-kube.1.md source/man/
- # healthcheck
- cp -v ../podman-healthcheck-run.1.md source/man/
- #cp -v ../podman-help.1.md source/
- cp -v ../podman-history.1.md source/man/
- # image
- cp -v ../podman-image-prune.1.md source/man/
- cp -v ../podman-image-tree.1.md source/man/
- cp -v ../podman-image-trust.1.md source/man/
- cp -v ../podman-image-exists.1.md source/man/
- cp -v ../podman-image-sign.1.md source/man/
- cp -v ../podman-images.1.md source/man/
- cp -v ../podman-import.1.md source/man/
- cp -v ../podman-info.1.md source/man/
- cp -v ../podman-init.1.md source/man/
- cp -v ../podman-inspect.1.md source/man/
- cp -v ../podman-kill.1.md source/man/
- cp -v ../podman-load.1.md source/man/
- cp -v ../podman-login.1.md source/man/
- cp -v ../podman-logout.1.md source/man/
- cp -v ../podman-logs.1.md source/man/
- cp -v ../podman-mount.1.md source/man/
- # network
- cp -v ../podman-network-create.1.md source/man/
- cp -v ../podman-network-ls.1.md source/man/
- cp -v ../podman-network-inspect.1.md source/man/
- cp -v ../podman-network-rm.1.md source/man/
- cp -v ../podman-pause.1.md source/man/
- # play
- cp -v ../podman-play-kube.1.md source/man/
- # pod
- cp -v ../podman-pod-create.1.md source/man/
- cp -v ../podman-pod-pause.1.md source/man/
- cp -v ../podman-pod-rm.1.md source/man/
- cp -v ../podman-pod-top.1.md source/man/
- cp -v ../podman-pod-exists.1.md source/man/
- cp -v ../podman-pod-prune.1.md source/man/
- cp -v ../podman-pod-start.1.md source/man/
- cp -v ../podman-pod-unpause.1.md source/man/
- cp -v ../podman-pod-inspect.1.md source/man/
- cp -v ../podman-pod-ps.1.md source/man/
- cp -v ../podman-pod-stats.1.md source/man/
- cp -v ../podman-pod-kill.1.md source/man/
- cp -v ../podman-pod-restart.1.md source/man/
- cp -v ../podman-pod-stop.1.md source/man/
- cp -v ../podman-port.1.md source/man/
- cp -v ../podman-ps.1.md source/man/
- cp -v ../podman-pull.1.md source/man/
- cp -v ../podman-push.1.md source/man/
- cp -v ../podman-restart.1.md source/man/
- cp -v ../podman-rm.1.md source/man/
- cp -v ../podman-rmi.1.md source/man/
- cp -v ../podman-run.1.md source/man/
- cp -v ../podman-save.1.md source/man/
- cp -v ../podman-search.1.md source/man/
- cp -v ../podman-start.1.md source/man/
- cp -v ../podman-stats.1.md source/man/
- cp -v ../podman-stop.1.md source/man/
- # system
- cp -v ../podman-system-migrate.1.md source/man/
- cp -v ../podman-system-renumber.1.md source/man/
- cp -v ../podman-system-df.1.md source/man/
- cp -v ../podman-system-prune.1.md source/man/
- cp -v ../podman-top.1.md source/man/
- cp -v ../podman-umount.1.md source/man/
- cp -v ../podman-unpause.1.md source/man/
- cp -v ../podman-unshare.1.md source/man/
- cp -v ../podman-varlink.1.md source/man/
- cp -v ../podman-version.1.md source/man/
- # volume
- cp -v ../podman-volume-inspect.1.md source/man/
- cp -v ../podman-volume-prune.1.md source/man/
- cp -v ../podman-volume-create.1.md source/man/
- cp -v ../podman-volume-ls.1.md source/man/
- cp -v ../podman-volume-rm.1.md source/man/
- cp -v ../podman-wait.1.md source/man/
-
-.PHONY: help Makefile copy
-
-html: copy
- @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
-
-# Catch-all target: route all unknown targets to Sphinx using the new
-# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
-%: Makefile
- @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
diff --git a/docs/rtd/source/Commands.rst b/docs/rtd/source/Commands.rst
deleted file mode 100644
index f6ba5b20d..000000000
--- a/docs/rtd/source/Commands.rst
+++ /dev/null
@@ -1,107 +0,0 @@
-Commands
-========
-
-
-:doc:`attach <man/podman-attach.1>` Attach to a running container
-
-:doc:`build <man/podman-build.1>` Build an image using instructions from Containerfiles
-
-:doc:`commit <man/podman-commit.1>` Create new image based on the changed container
-
-:doc:`containers <man/managecontainers>` Manage Containers
-
-:doc:`cp <man/podman-cp.1>` Copy files/folders between a container and the local filesystem
-
-:doc:`create <man/podman-create.1>` Create but do not start a container
-
-:doc:`diff <man/podman-diff.1>` Inspect changes on container's file systems
-
-:doc:`events <man/podman-events.1>` Show podman events
-
-:doc:`exec <man/podman-exec.1>` Run a process in a running container
-
-:doc:`export <man/podman-export.1>` Export container's filesystem contents as a tar archive
-
-:doc:`generate <man/generate>` Generated structured data
-
-:doc:`healthcheck <man/healthcheck>` Manage Healthcheck
-
-:doc:`history <man/podman-history.1>` Show history of a specified image
-
-:doc:`image <man/image>` Manage images
-
-:doc:`images <man/podman-images.1>` List images in local storage
-
-:doc:`import <man/podman-import.1>` Import a tarball to create a filesystem image
-
-:doc:`info <man/podman-info.1>` Display podman system information
-
-:doc:`init <man/podman-init.1>` Initialize one or more containers
-
-:doc:`inspect <man/podman-inspect.1>` Display the configuration of a container or image
-
-:doc:`kill <man/podman-kill.1>` Kill one or more running containers with a specific signal
-
-:doc:`load <man/podman-load.1>` Load an image from container archive
-
-:doc:`login <man/podman-login.1>` Login to a container registry
-
-:doc:`logout <man/podman-logout.1>` Logout of a container registry
-
-:doc:`logs <man/podman-logs.1>` Fetch the logs of a container
-
-:doc:`mount <man/podman-mount.1>` Mount a working container's root filesystem
-
-:doc:`network <man/network>` Manage Networks
-
-:doc:`pause <man/podman-pause.1>` Pause all the processes in one or more containers
-
-:doc:`play <man/play>` Play a pod
-
-:doc:`pod <man/pod>` Manage pods
-
-:doc:`port <man/podman-port.1>` List port mappings or a specific mapping for the container
-
-:doc:`ps <man/podman-ps.1>` List containers
-
-:doc:`pull <man/podman-pull.1>` Pull an image from a registry
-
-:doc:`push <man/podman-push.1>` Push an image to a specified destination
-
-:doc:`restart <man/podman-restart.1>` Restart one or more containers
-
-:doc:`rm <man/podman-rm.1>` Remove one or more containers
-
-:doc:`rmi <man/podman-rmi.1>` Removes one or more images from local storage
-
-:doc:`run <man/podman-run.1>` Run a command in a new container
-
-:doc:`save <man/podman-save.1>` Save image to an archive
-
-:doc:`search <man/podman-search.1>` Search registry for image
-
-:doc:`start <man/podman-start.1>` Start one or more containers
-
-:doc:`stats <man/podman-stats.1>` Display a live stream of container resource usage statistics
-
-:doc:`stop <man/podman-stop.1>` Stop one or more containers
-
-:doc:`system <man/system>` Manage podman
-
-:doc:`tag <man/podman-tag.1>` Add an additional name to a local image
-
-:doc:`top <man/podman-top.1>` Display the running processes of a container
-
-:doc:`umount <man/podman-umount.1>` Unmounts working container's root filesystem
-
-:doc:`unpause <man/podman-unpause.1>` Unpause the processes in one or more containers
-
-:doc:`unshare <man/podman-unshare.1>` Run a command in a modified user namespace
-
-:doc:`varlink <man/podman-varlink.1>` Run varlink interface
-
-:doc:`version <man/podman-version.1>` Display the Podman Version Information
-
-:doc:`volume <man/volume>` Manage volumes
-
-:doc:`wait <man/podman-wait.1>` Block on one or more containers \ No newline at end of file
diff --git a/docs/rtd/source/man/generate.rst b/docs/rtd/source/man/generate.rst
deleted file mode 100644
index e82a15735..000000000
--- a/docs/rtd/source/man/generate.rst
+++ /dev/null
@@ -1,6 +0,0 @@
-Generate
-========
-
-:doc:`kube <podman-generate-kube.1>` Generate Kubernetes pod YAML from a container or pod
-
-:doc:`systemd <podman-generate-systemd.1>` Generate a systemd unit file for a Podman container
diff --git a/docs/rtd/source/man/healthcheck.rst b/docs/rtd/source/man/healthcheck.rst
deleted file mode 100644
index 697c1358b..000000000
--- a/docs/rtd/source/man/healthcheck.rst
+++ /dev/null
@@ -1,4 +0,0 @@
-HealthCheck
-===========
-
-:doc:`run <podman-healthcheck-run.1>` run the health check of a container
diff --git a/docs/rtd/source/man/image.rst b/docs/rtd/source/man/image.rst
deleted file mode 100644
index ad963cd41..000000000
--- a/docs/rtd/source/man/image.rst
+++ /dev/null
@@ -1,35 +0,0 @@
-Image
-=====
-
-
-:doc:`build <podman-build.1>` Build an image using instructions from Containerfiles
-
-:doc:`exists <podman-image-exists.1>` Check if an image exists in local storage
-
-:doc:`history <podman-history.1>` Show history of a specified image
-
-:doc:`import <podman-import.1>` Import a tarball to create a filesystem image
-
-:doc:`inspect <podman-inspect.1>` Display the configuration of an image
-
-:doc:`list <podman-images.1>` List images in local storage
-
-:doc:`load <podman-load.1>` Load an image from container archive
-
-:doc:`prune <podman-image-prune.1>` Remove unused images
-
-:doc:`pull <podman-pull.1>` Pull an image from a registry
-
-:doc:`push <podman-push.1>` Push an image to a specified destination
-
-:doc:`rm <podman-rmi.1>` Removes one or more images from local storage
-
-:doc:`save <podman-save.1>` Save image to an archive
-
-:doc:`sign <podman-image-sign.1>` Sign an image
-
-:doc:`tag <podman-tag.1>` Add an additional name to a local image
-
-:doc:`tree <podman-image-tree.1>` Prints layer hierarchy of an image in a tree format
-
-:doc:`trust <podman-image-trust.1>` Manage container image trust policy
diff --git a/docs/rtd/source/man/managecontainers.rst b/docs/rtd/source/man/managecontainers.rst
deleted file mode 100644
index 20e8c0679..000000000
--- a/docs/rtd/source/man/managecontainers.rst
+++ /dev/null
@@ -1,64 +0,0 @@
-Manage Containers
-=================
-
-:doc:`attach <podman-attach.1>` Attach to a running container
-
-:doc:`checkpoint <podman-container-checkpoint.1>` Checkpoints one or more containers
-
-:doc:`cleanup <podman-container-cleanup.1>` Cleanup network and mountpoints of one or more containers
-
-:doc:`commit <podman-commit.1>` Create new image based on the changed container
-
-:doc:`cp <podman-cp.1>` Copy files/folders between a container and the local filesystem
-
-:doc:`create <podman-create.1>` Create but do not start a container
-
-:doc:`diff <podman-diff.1>` Inspect changes on container's file systems
-
-:doc:`exec <podman-exec.1>` Run a process in a running container
-
-:doc:`exists <podman-exists.1>` Check if a container exists in local storage
-
-:doc:`export <podman-export.1>` Export container's filesystem contents as a tar archive
-
-:doc:`init <podman-init.1>` Initialize one or more containers
-
-:doc:`inspect <podman-inspect.1>` Display the configuration of a container or image
-
-:doc:`kill <podman-kill.1>` Kill one or more running containers with a specific signal
-
-:doc:`list <podman-ps.1>` List containers
-
-:doc:`logs <podman-logs.1>` Fetch the logs of a container
-
-:doc:`mount <podman-mount.1>` Mount a working container's root filesystem
-
-:doc:`pause <podman-pause.1>` Pause all the processes in one or more containers
-
-:doc:`port <podman-port.1>` List port mappings or a specific mapping for the container
-
-:doc:`restart <podman-restart.1>` Restart one or more containers
-
-:doc:`prune <podman-container-prune.1>` Remove all stopped containers
-
-:doc:`restore <podman-container-restore.1>` Restores one or more containers from a checkpoint
-
-:doc:`rm <podman-rm.1>` Remove one or more containers
-
-:doc:`run <podman-run.1>` Run a command in a new container
-
-:doc:`runlabel <podman-container-runlabel.1>` Execute the command described by an image label
-
-:doc:`start <podman-start.1>` Start one or more containers
-
-:doc:`stats <podman-stats.1>` Display a live stream of container resource usage statistics
-
-:doc:`stop <podman-stop.1>` Stop one or more containers
-
-:doc:`top <podman-top.1>` Display the running processes of a container
-
-:doc:`umount <podman-umount.1>` Unmounts working container's root filesystem
-
-:doc:`unpause <podman-unpause.1>` Unpause the processes in one or more containers
-
-:doc:`wait <podman-wait.1>` Block on one or more containers
diff --git a/docs/rtd/source/man/network.rst b/docs/rtd/source/man/network.rst
deleted file mode 100644
index 6d6a4c022..000000000
--- a/docs/rtd/source/man/network.rst
+++ /dev/null
@@ -1,10 +0,0 @@
-Network
-=====
-
-:doc:`create <podman-network-create.1>` network create
-
-:doc:`inspect <podman-network-inspect.1>` network inspect
-
-:doc:`ls <podman-network-ls.1>` network list
-
-:doc:`rm <podman-network-rm.1>` network rm \ No newline at end of file
diff --git a/docs/rtd/source/man/play.rst b/docs/rtd/source/man/play.rst
deleted file mode 100644
index 93e1a9a1e..000000000
--- a/docs/rtd/source/man/play.rst
+++ /dev/null
@@ -1,4 +0,0 @@
-Play
-====
-
-:doc:`kube <podman-play-kube.1>` Play a pod based on Kubernetes YAML
diff --git a/docs/rtd/source/man/pod.rst b/docs/rtd/source/man/pod.rst
deleted file mode 100644
index 13c1740f8..000000000
--- a/docs/rtd/source/man/pod.rst
+++ /dev/null
@@ -1,30 +0,0 @@
-Pod
-===
-
-:doc:`create <podman-pod-create.1>` Create a new empty pod
-
-:doc:`exists <podman-pod-exists.1>` Check if a pod exists in local storage
-
-:doc:`inspect <podman-pod-inspect.1>` Displays a pod configuration
-
-:doc:`kill <podman-pod-kill.1>` Send the specified signal or SIGKILL to containers in pod
-
-:doc:`pause <podman-pause.1>` Pause one or more pods
-
-:doc:`prune <podman-pod-prune.1>` Remove all stopped pods
-
-:doc:`ps <podman-pod-ps.1>` List pods
-
-:doc:`restart <podman-pod-restart.1>` Restart one or more pods
-
-:doc:`rm <podman-pod-rm.1>` Remove one or more pods
-
-:doc:`start <podman-pod-start.1>` Start one or more pods
-
-:doc:`stats <podman-pod-stats.1>` Display a live stream of resource usage statistics for the containers in one or more pods
-
-:doc:`stop <podman-pod-stop.1>` Stop one or more pods
-
-:doc:`top <podman-pod-top.1>` Display the running processes of containers in a pod
-
-:doc:`unpause <podman-pod-unpause.1>` Unpause one or more pods
diff --git a/docs/rtd/source/man/system.rst b/docs/rtd/source/man/system.rst
deleted file mode 100644
index 764ec01c1..000000000
--- a/docs/rtd/source/man/system.rst
+++ /dev/null
@@ -1,12 +0,0 @@
-System
-======
-
-:doc:`df <podman-system-df.1>` Show podman disk usage
-
-:doc:`info <podman-info.1>` Display podman system information
-
-:doc:`migrate <podman-system-migrate.1>` Migrate containers
-
-:doc:`prune <podman-system-prune.1>` Remove unused data
-
-:doc:`renumber <podman-system-renumber.1>` Migrate lock numbers
diff --git a/docs/rtd/source/man/volume.rst b/docs/rtd/source/man/volume.rst
deleted file mode 100644
index ee18e4b2e..000000000
--- a/docs/rtd/source/man/volume.rst
+++ /dev/null
@@ -1,11 +0,0 @@
-Volume
-======
-:doc:`create <podman-volume-create.1>` Create a new volume
-
-:doc:`inspect <podman-volume-inspect.1>` Display detailed information on one or more volumes
-
-:doc:`ls <podman-volume-ls.1>` List volumes
-
-:doc:`prune <podman-volume-prune.1>` Remove all unused volumes
-
-:doc:`rm <podman-volume-rm.1>` Remove one or more volumes \ No newline at end of file
diff --git a/docs/source/Commands.rst b/docs/source/Commands.rst
new file mode 100644
index 000000000..276a9c4fb
--- /dev/null
+++ b/docs/source/Commands.rst
@@ -0,0 +1,107 @@
+Commands
+========
+
+
+:doc:`attach <markdown/podman-attach.1>` Attach to a running container
+
+:doc:`build <markdown/podman-build.1>` Build an image using instructions from Containerfiles
+
+:doc:`commit <markdown/podman-commit.1>` Create new image based on the changed container
+
+:doc:`containers <managecontainers>` Manage Containers
+
+:doc:`cp <markdown/podman-cp.1>` Copy files/folders between a container and the local filesystem
+
+:doc:`create <markdown/podman-create.1>` Create but do not start a container
+
+:doc:`diff <markdown/podman-diff.1>` Inspect changes on container's file systems
+
+:doc:`events <markdown/podman-events.1>` Show podman events
+
+:doc:`exec <markdown/podman-exec.1>` Run a process in a running container
+
+:doc:`export <markdown/podman-export.1>` Export container's filesystem contents as a tar archive
+
+:doc:`generate <generate>` Generated structured data
+
+:doc:`healthcheck <healthcheck>` Manage Healthcheck
+
+:doc:`history <markdown/podman-history.1>` Show history of a specified image
+
+:doc:`image <image>` Manage images
+
+:doc:`images <markdown/podman-images.1>` List images in local storage
+
+:doc:`import <markdown/podman-import.1>` Import a tarball to create a filesystem image
+
+:doc:`info <markdown/podman-info.1>` Display podman system information
+
+:doc:`init <markdown/podman-init.1>` Initialize one or more containers
+
+:doc:`inspect <markdown/podman-inspect.1>` Display the configuration of a container or image
+
+:doc:`kill <markdown/podman-kill.1>` Kill one or more running containers with a specific signal
+
+:doc:`load <markdown/podman-load.1>` Load an image from container archive
+
+:doc:`login <markdown/podman-login.1>` Login to a container registry
+
+:doc:`logout <markdown/podman-logout.1>` Logout of a container registry
+
+:doc:`logs <markdown/podman-logs.1>` Fetch the logs of a container
+
+:doc:`mount <markdown/podman-mount.1>` Mount a working container's root filesystem
+
+:doc:`network <network>` Manage Networks
+
+:doc:`pause <markdown/podman-pause.1>` Pause all the processes in one or more containers
+
+:doc:`play <play>` Play a pod
+
+:doc:`pod <pod>` Manage pods
+
+:doc:`port <markdown/podman-port.1>` List port mappings or a specific mapping for the container
+
+:doc:`ps <markdown/podman-ps.1>` List containers
+
+:doc:`pull <markdown/podman-pull.1>` Pull an image from a registry
+
+:doc:`push <markdown/podman-push.1>` Push an image to a specified destination
+
+:doc:`restart <markdown/podman-restart.1>` Restart one or more containers
+
+:doc:`rm <markdown/podman-rm.1>` Remove one or more containers
+
+:doc:`rmi <markdown/podman-rmi.1>` Removes one or more images from local storage
+
+:doc:`run <markdown/podman-run.1>` Run a command in a new container
+
+:doc:`save <markdown/podman-save.1>` Save image to an archive
+
+:doc:`search <markdown/podman-search.1>` Search registry for image
+
+:doc:`start <markdown/podman-start.1>` Start one or more containers
+
+:doc:`stats <markdown/podman-stats.1>` Display a live stream of container resource usage statistics
+
+:doc:`stop <markdown/podman-stop.1>` Stop one or more containers
+
+:doc:`system <system>` Manage podman
+
+:doc:`tag <markdown/podman-tag.1>` Add an additional name to a local image
+
+:doc:`top <markdown/podman-top.1>` Display the running processes of a container
+
+:doc:`umount <markdown/podman-umount.1>` Unmounts working container's root filesystem
+
+:doc:`unpause <markdown/podman-unpause.1>` Unpause the processes in one or more containers
+
+:doc:`unshare <markdown/podman-unshare.1>` Run a command in a modified user namespace
+
+:doc:`varlink <markdown/podman-varlink.1>` Run varlink interface
+
+:doc:`version <markdown/podman-version.1>` Display the Podman Version Information
+
+:doc:`volume <volume>` Manage volumes
+
+:doc:`wait <markdown/podman-wait.1>` Block on one or more containers \ No newline at end of file
diff --git a/docs/rtd/source/Introduction.rst b/docs/source/Introduction.rst
index c516b3317..c516b3317 100644
--- a/docs/rtd/source/Introduction.rst
+++ b/docs/source/Introduction.rst
diff --git a/docs/rtd/source/Reference.rst b/docs/source/Reference.rst
index 9a771c87f..9a771c87f 100644
--- a/docs/rtd/source/Reference.rst
+++ b/docs/source/Reference.rst
diff --git a/docs/rtd/source/Tutorials.rst b/docs/source/Tutorials.rst
index 0c7e28c3b..0c7e28c3b 100644
--- a/docs/rtd/source/Tutorials.rst
+++ b/docs/source/Tutorials.rst
diff --git a/docs/rtd/source/conf.py b/docs/source/conf.py
index d95290f72..d95290f72 100644
--- a/docs/rtd/source/conf.py
+++ b/docs/source/conf.py
diff --git a/docs/source/generate.rst b/docs/source/generate.rst
new file mode 100644
index 000000000..fd267ce62
--- /dev/null
+++ b/docs/source/generate.rst
@@ -0,0 +1,6 @@
+Generate
+========
+
+:doc:`kube <markdown/podman-generate-kube.1>` Generate Kubernetes pod YAML from a container or pod
+
+:doc:`systemd <markdown/podman-generate-systemd.1>` Generate a systemd unit file for a Podman container
diff --git a/docs/source/healthcheck.rst b/docs/source/healthcheck.rst
new file mode 100644
index 000000000..2e2f88fbc
--- /dev/null
+++ b/docs/source/healthcheck.rst
@@ -0,0 +1,4 @@
+HealthCheck
+===========
+
+:doc:`run <markdown/podman-healthcheck-run.1>` run the health check of a container
diff --git a/docs/source/image.rst b/docs/source/image.rst
new file mode 100644
index 000000000..a8c6171e1
--- /dev/null
+++ b/docs/source/image.rst
@@ -0,0 +1,35 @@
+Image
+=====
+
+
+:doc:`build <markdown/podman-build.1>` Build an image using instructions from Containerfiles
+
+:doc:`exists <markdown/podman-image-exists.1>` Check if an image exists in local storage
+
+:doc:`history <markdown/podman-history.1>` Show history of a specified image
+
+:doc:`import <markdown/podman-import.1>` Import a tarball to create a filesystem image
+
+:doc:`inspect <markdown/podman-inspect.1>` Display the configuration of an image
+
+:doc:`list <markdown/podman-images.1>` List images in local storage
+
+:doc:`load <markdown/podman-load.1>` Load an image from container archive
+
+:doc:`prune <markdown/podman-image-prune.1>` Remove unused images
+
+:doc:`pull <markdown/podman-pull.1>` Pull an image from a registry
+
+:doc:`push <markdown/podman-push.1>` Push an image to a specified destination
+
+:doc:`rm <markdown/podman-rmi.1>` Removes one or more images from local storage
+
+:doc:`save <markdown/podman-save.1>` Save image to an archive
+
+:doc:`sign <markdown/podman-image-sign.1>` Sign an image
+
+:doc:`tag <markdown/podman-tag.1>` Add an additional name to a local image
+
+:doc:`tree <markdown/podman-image-tree.1>` Prints layer hierarchy of an image in a tree format
+
+:doc:`trust <markdown/podman-image-trust.1>` Manage container image trust policy
diff --git a/docs/rtd/source/index.rst b/docs/source/index.rst
index 9dd61a6a6..9dd61a6a6 100644
--- a/docs/rtd/source/index.rst
+++ b/docs/source/index.rst
diff --git a/docs/source/managecontainers.rst b/docs/source/managecontainers.rst
new file mode 100644
index 000000000..5c5a83a82
--- /dev/null
+++ b/docs/source/managecontainers.rst
@@ -0,0 +1,64 @@
+Manage Containers
+=================
+
+:doc:`attach <markdown/podman-attach.1>` Attach to a running container
+
+:doc:`checkpoint <markdown/podman-container-checkpoint.1>` Checkpoints one or more containers
+
+:doc:`cleanup <markdown/podman-container-cleanup.1>` Cleanup network and mountpoints of one or more containers
+
+:doc:`commit <markdown/podman-commit.1>` Create new image based on the changed container
+
+:doc:`cp <markdown/podman-cp.1>` Copy files/folders between a container and the local filesystem
+
+:doc:`create <markdown/podman-create.1>` Create but do not start a container
+
+:doc:`diff <markdown/podman-diff.1>` Inspect changes on container's file systems
+
+:doc:`exec <markdown/podman-exec.1>` Run a process in a running container
+
+:doc:`exists <markdown/podman-container-exists.1>` Check if a container exists in local storage
+
+:doc:`export <markdown/podman-export.1>` Export container's filesystem contents as a tar archive
+
+:doc:`init <markdown/podman-init.1>` Initialize one or more containers
+
+:doc:`inspect <markdown/podman-inspect.1>` Display the configuration of a container or image
+
+:doc:`kill <markdown/podman-kill.1>` Kill one or more running containers with a specific signal
+
+:doc:`list <markdown/podman-ps.1>` List containers
+
+:doc:`logs <markdown/podman-logs.1>` Fetch the logs of a container
+
+:doc:`mount <markdown/podman-mount.1>` Mount a working container's root filesystem
+
+:doc:`pause <markdown/podman-pause.1>` Pause all the processes in one or more containers
+
+:doc:`port <markdown/podman-port.1>` List port mappings or a specific mapping for the container
+
+:doc:`restart <markdown/podman-restart.1>` Restart one or more containers
+
+:doc:`prune <markdown/podman-container-prune.1>` Remove all stopped containers
+
+:doc:`restore <markdown/podman-container-restore.1>` Restores one or more containers from a checkpoint
+
+:doc:`rm <markdown/podman-rm.1>` Remove one or more containers
+
+:doc:`run <markdown/podman-run.1>` Run a command in a new container
+
+:doc:`runlabel <markdown/podman-container-runlabel.1>` Execute the command described by an image label
+
+:doc:`start <markdown/podman-start.1>` Start one or more containers
+
+:doc:`stats <markdown/podman-stats.1>` Display a live stream of container resource usage statistics
+
+:doc:`stop <markdown/podman-stop.1>` Stop one or more containers
+
+:doc:`top <markdown/podman-top.1>` Display the running processes of a container
+
+:doc:`umount <markdown/podman-umount.1>` Unmounts working container's root filesystem
+
+:doc:`unpause <markdown/podman-unpause.1>` Unpause the processes in one or more containers
+
+:doc:`wait <markdown/podman-wait.1>` Block on one or more containers
diff --git a/docs/links/podman-container-attach.1 b/docs/source/markdown/links/podman-container-attach.1
index be3b5efd3..be3b5efd3 100644
--- a/docs/links/podman-container-attach.1
+++ b/docs/source/markdown/links/podman-container-attach.1
diff --git a/docs/links/podman-container-commit.1 b/docs/source/markdown/links/podman-container-commit.1
index cdff06766..cdff06766 100644
--- a/docs/links/podman-container-commit.1
+++ b/docs/source/markdown/links/podman-container-commit.1
diff --git a/docs/links/podman-container-cp.1 b/docs/source/markdown/links/podman-container-cp.1
index 6ad859c84..6ad859c84 100644
--- a/docs/links/podman-container-cp.1
+++ b/docs/source/markdown/links/podman-container-cp.1
diff --git a/docs/links/podman-container-create.1 b/docs/source/markdown/links/podman-container-create.1
index f6b07d946..f6b07d946 100644
--- a/docs/links/podman-container-create.1
+++ b/docs/source/markdown/links/podman-container-create.1
diff --git a/docs/links/podman-container-diff.1 b/docs/source/markdown/links/podman-container-diff.1
index ac4881f98..ac4881f98 100644
--- a/docs/links/podman-container-diff.1
+++ b/docs/source/markdown/links/podman-container-diff.1
diff --git a/docs/links/podman-container-exec.1 b/docs/source/markdown/links/podman-container-exec.1
index 6bb98ec75..6bb98ec75 100644
--- a/docs/links/podman-container-exec.1
+++ b/docs/source/markdown/links/podman-container-exec.1
diff --git a/docs/links/podman-container-export.1 b/docs/source/markdown/links/podman-container-export.1
index 85b1d5438..85b1d5438 100644
--- a/docs/links/podman-container-export.1
+++ b/docs/source/markdown/links/podman-container-export.1
diff --git a/docs/links/podman-container-init.1 b/docs/source/markdown/links/podman-container-init.1
index 3a8bee249..3a8bee249 100644
--- a/docs/links/podman-container-init.1
+++ b/docs/source/markdown/links/podman-container-init.1
diff --git a/docs/links/podman-container-inspect.1 b/docs/source/markdown/links/podman-container-inspect.1
index 261043845..261043845 100644
--- a/docs/links/podman-container-inspect.1
+++ b/docs/source/markdown/links/podman-container-inspect.1
diff --git a/docs/links/podman-container-kill.1 b/docs/source/markdown/links/podman-container-kill.1
index 71960113d..71960113d 100644
--- a/docs/links/podman-container-kill.1
+++ b/docs/source/markdown/links/podman-container-kill.1
diff --git a/docs/links/podman-container-list.1 b/docs/source/markdown/links/podman-container-list.1
index f7f44c704..f7f44c704 100644
--- a/docs/links/podman-container-list.1
+++ b/docs/source/markdown/links/podman-container-list.1
diff --git a/docs/links/podman-container-logs.1 b/docs/source/markdown/links/podman-container-logs.1
index 7e0ce6307..7e0ce6307 100644
--- a/docs/links/podman-container-logs.1
+++ b/docs/source/markdown/links/podman-container-logs.1
diff --git a/docs/links/podman-container-ls.1 b/docs/source/markdown/links/podman-container-ls.1
index f7f44c704..f7f44c704 100644
--- a/docs/links/podman-container-ls.1
+++ b/docs/source/markdown/links/podman-container-ls.1
diff --git a/docs/links/podman-container-mount.1 b/docs/source/markdown/links/podman-container-mount.1
index b14e594a4..b14e594a4 100644
--- a/docs/links/podman-container-mount.1
+++ b/docs/source/markdown/links/podman-container-mount.1
diff --git a/docs/links/podman-container-pause.1 b/docs/source/markdown/links/podman-container-pause.1
index 3ed8d7cef..3ed8d7cef 100644
--- a/docs/links/podman-container-pause.1
+++ b/docs/source/markdown/links/podman-container-pause.1
diff --git a/docs/links/podman-container-port.1 b/docs/source/markdown/links/podman-container-port.1
index adfeda201..adfeda201 100644
--- a/docs/links/podman-container-port.1
+++ b/docs/source/markdown/links/podman-container-port.1
diff --git a/docs/links/podman-container-ps.1 b/docs/source/markdown/links/podman-container-ps.1
index f7f44c704..f7f44c704 100644
--- a/docs/links/podman-container-ps.1
+++ b/docs/source/markdown/links/podman-container-ps.1
diff --git a/docs/links/podman-container-restart.1 b/docs/source/markdown/links/podman-container-restart.1
index 9fb09ae50..9fb09ae50 100644
--- a/docs/links/podman-container-restart.1
+++ b/docs/source/markdown/links/podman-container-restart.1
diff --git a/docs/links/podman-container-rm.1 b/docs/source/markdown/links/podman-container-rm.1
index 6dfc6e98c..6dfc6e98c 100644
--- a/docs/links/podman-container-rm.1
+++ b/docs/source/markdown/links/podman-container-rm.1
diff --git a/docs/links/podman-container-run.1 b/docs/source/markdown/links/podman-container-run.1
index 6c70caa37..6c70caa37 100644
--- a/docs/links/podman-container-run.1
+++ b/docs/source/markdown/links/podman-container-run.1
diff --git a/docs/links/podman-container-start.1 b/docs/source/markdown/links/podman-container-start.1
index aa042cbfe..aa042cbfe 100644
--- a/docs/links/podman-container-start.1
+++ b/docs/source/markdown/links/podman-container-start.1
diff --git a/docs/links/podman-container-stats.1 b/docs/source/markdown/links/podman-container-stats.1
index 5f2e2e7d6..5f2e2e7d6 100644
--- a/docs/links/podman-container-stats.1
+++ b/docs/source/markdown/links/podman-container-stats.1
diff --git a/docs/links/podman-container-stop.1 b/docs/source/markdown/links/podman-container-stop.1
index 6b7e87c69..6b7e87c69 100644
--- a/docs/links/podman-container-stop.1
+++ b/docs/source/markdown/links/podman-container-stop.1
diff --git a/docs/links/podman-container-top.1 b/docs/source/markdown/links/podman-container-top.1
index ddcf7b5ec..ddcf7b5ec 100644
--- a/docs/links/podman-container-top.1
+++ b/docs/source/markdown/links/podman-container-top.1
diff --git a/docs/links/podman-container-umount.1 b/docs/source/markdown/links/podman-container-umount.1
index 789dabbb0..789dabbb0 100644
--- a/docs/links/podman-container-umount.1
+++ b/docs/source/markdown/links/podman-container-umount.1
diff --git a/docs/links/podman-container-unmount.1 b/docs/source/markdown/links/podman-container-unmount.1
index 789dabbb0..789dabbb0 100644
--- a/docs/links/podman-container-unmount.1
+++ b/docs/source/markdown/links/podman-container-unmount.1
diff --git a/docs/links/podman-container-unpause.1 b/docs/source/markdown/links/podman-container-unpause.1
index b8d970744..b8d970744 100644
--- a/docs/links/podman-container-unpause.1
+++ b/docs/source/markdown/links/podman-container-unpause.1
diff --git a/docs/links/podman-container-wait.1 b/docs/source/markdown/links/podman-container-wait.1
index bd2505dde..bd2505dde 100644
--- a/docs/links/podman-container-wait.1
+++ b/docs/source/markdown/links/podman-container-wait.1
diff --git a/docs/links/podman-help.1 b/docs/source/markdown/links/podman-help.1
index 6b7954b0d..6b7954b0d 100644
--- a/docs/links/podman-help.1
+++ b/docs/source/markdown/links/podman-help.1
diff --git a/docs/links/podman-image-build.1 b/docs/source/markdown/links/podman-image-build.1
index 27c751cf6..27c751cf6 100644
--- a/docs/links/podman-image-build.1
+++ b/docs/source/markdown/links/podman-image-build.1
diff --git a/docs/links/podman-image-history.1 b/docs/source/markdown/links/podman-image-history.1
index 6b6dc17e1..6b6dc17e1 100644
--- a/docs/links/podman-image-history.1
+++ b/docs/source/markdown/links/podman-image-history.1
diff --git a/docs/links/podman-image-import.1 b/docs/source/markdown/links/podman-image-import.1
index 4564fc6c9..4564fc6c9 100644
--- a/docs/links/podman-image-import.1
+++ b/docs/source/markdown/links/podman-image-import.1
diff --git a/docs/links/podman-image-inspect.1 b/docs/source/markdown/links/podman-image-inspect.1
index 261043845..261043845 100644
--- a/docs/links/podman-image-inspect.1
+++ b/docs/source/markdown/links/podman-image-inspect.1
diff --git a/docs/links/podman-image-list.1 b/docs/source/markdown/links/podman-image-list.1
index 17d6ca880..17d6ca880 100644
--- a/docs/links/podman-image-list.1
+++ b/docs/source/markdown/links/podman-image-list.1
diff --git a/docs/links/podman-image-load.1 b/docs/source/markdown/links/podman-image-load.1
index 21b6d8e9c..21b6d8e9c 100644
--- a/docs/links/podman-image-load.1
+++ b/docs/source/markdown/links/podman-image-load.1
diff --git a/docs/links/podman-image-ls.1 b/docs/source/markdown/links/podman-image-ls.1
index 17d6ca880..17d6ca880 100644
--- a/docs/links/podman-image-ls.1
+++ b/docs/source/markdown/links/podman-image-ls.1
diff --git a/docs/links/podman-image-pull.1 b/docs/source/markdown/links/podman-image-pull.1
index d14519be3..d14519be3 100644
--- a/docs/links/podman-image-pull.1
+++ b/docs/source/markdown/links/podman-image-pull.1
diff --git a/docs/links/podman-image-push.1 b/docs/source/markdown/links/podman-image-push.1
index 51d52ad11..51d52ad11 100644
--- a/docs/links/podman-image-push.1
+++ b/docs/source/markdown/links/podman-image-push.1
diff --git a/docs/links/podman-image-rm.1 b/docs/source/markdown/links/podman-image-rm.1
index 1007ad150..1007ad150 100644
--- a/docs/links/podman-image-rm.1
+++ b/docs/source/markdown/links/podman-image-rm.1
diff --git a/docs/links/podman-image-save.1 b/docs/source/markdown/links/podman-image-save.1
index 715d7d6ee..715d7d6ee 100644
--- a/docs/links/podman-image-save.1
+++ b/docs/source/markdown/links/podman-image-save.1
diff --git a/docs/links/podman-image-tag.1 b/docs/source/markdown/links/podman-image-tag.1
index e41c50de9..e41c50de9 100644
--- a/docs/links/podman-image-tag.1
+++ b/docs/source/markdown/links/podman-image-tag.1
diff --git a/docs/links/podman-list.1 b/docs/source/markdown/links/podman-list.1
index f7f44c704..f7f44c704 100644
--- a/docs/links/podman-list.1
+++ b/docs/source/markdown/links/podman-list.1
diff --git a/docs/links/podman-ls.1 b/docs/source/markdown/links/podman-ls.1
index f7f44c704..f7f44c704 100644
--- a/docs/links/podman-ls.1
+++ b/docs/source/markdown/links/podman-ls.1
diff --git a/docs/links/podman-system-info.1 b/docs/source/markdown/links/podman-system-info.1
index 809a71b8b..809a71b8b 100644
--- a/docs/links/podman-system-info.1
+++ b/docs/source/markdown/links/podman-system-info.1
diff --git a/docs/links/podman-unmount.1 b/docs/source/markdown/links/podman-unmount.1
index 789dabbb0..789dabbb0 100644
--- a/docs/links/podman-unmount.1
+++ b/docs/source/markdown/links/podman-unmount.1
diff --git a/docs/podman-attach.1.md b/docs/source/markdown/podman-attach.1.md
index cef01f0f6..cef01f0f6 100644
--- a/docs/podman-attach.1.md
+++ b/docs/source/markdown/podman-attach.1.md
diff --git a/docs/podman-build.1.md b/docs/source/markdown/podman-build.1.md
index 567d0ead3..567d0ead3 100644
--- a/docs/podman-build.1.md
+++ b/docs/source/markdown/podman-build.1.md
diff --git a/docs/podman-commit.1.md b/docs/source/markdown/podman-commit.1.md
index 07a885ae2..07a885ae2 100644
--- a/docs/podman-commit.1.md
+++ b/docs/source/markdown/podman-commit.1.md
diff --git a/docs/podman-container-checkpoint.1.md b/docs/source/markdown/podman-container-checkpoint.1.md
index 034d338bb..034d338bb 100644
--- a/docs/podman-container-checkpoint.1.md
+++ b/docs/source/markdown/podman-container-checkpoint.1.md
diff --git a/docs/podman-container-cleanup.1.md b/docs/source/markdown/podman-container-cleanup.1.md
index 69e21ce9f..69e21ce9f 100644
--- a/docs/podman-container-cleanup.1.md
+++ b/docs/source/markdown/podman-container-cleanup.1.md
diff --git a/docs/podman-container-exists.1.md b/docs/source/markdown/podman-container-exists.1.md
index 4d988132b..4d988132b 100644
--- a/docs/podman-container-exists.1.md
+++ b/docs/source/markdown/podman-container-exists.1.md
diff --git a/docs/podman-container-prune.1.md b/docs/source/markdown/podman-container-prune.1.md
index d8a4b7f4e..d8a4b7f4e 100644
--- a/docs/podman-container-prune.1.md
+++ b/docs/source/markdown/podman-container-prune.1.md
diff --git a/docs/podman-container-restore.1.md b/docs/source/markdown/podman-container-restore.1.md
index 1d2cf0b3e..1d2cf0b3e 100644
--- a/docs/podman-container-restore.1.md
+++ b/docs/source/markdown/podman-container-restore.1.md
diff --git a/docs/podman-container-runlabel.1.md b/docs/source/markdown/podman-container-runlabel.1.md
index 8511dd5cd..8511dd5cd 100644
--- a/docs/podman-container-runlabel.1.md
+++ b/docs/source/markdown/podman-container-runlabel.1.md
diff --git a/docs/podman-container.1.md b/docs/source/markdown/podman-container.1.md
index 4ea7c7acc..4ea7c7acc 100644
--- a/docs/podman-container.1.md
+++ b/docs/source/markdown/podman-container.1.md
diff --git a/docs/podman-cp.1.md b/docs/source/markdown/podman-cp.1.md
index 0f54b2e8b..0f54b2e8b 100644
--- a/docs/podman-cp.1.md
+++ b/docs/source/markdown/podman-cp.1.md
diff --git a/docs/podman-create.1.md b/docs/source/markdown/podman-create.1.md
index 6617850fd..6617850fd 100644
--- a/docs/podman-create.1.md
+++ b/docs/source/markdown/podman-create.1.md
diff --git a/docs/podman-diff.1.md b/docs/source/markdown/podman-diff.1.md
index 5b0434a07..5b0434a07 100644
--- a/docs/podman-diff.1.md
+++ b/docs/source/markdown/podman-diff.1.md
diff --git a/docs/podman-events.1.md b/docs/source/markdown/podman-events.1.md
index bb1923574..bb1923574 100644
--- a/docs/podman-events.1.md
+++ b/docs/source/markdown/podman-events.1.md
diff --git a/docs/podman-exec.1.md b/docs/source/markdown/podman-exec.1.md
index 4c17c056a..4c17c056a 100644
--- a/docs/podman-exec.1.md
+++ b/docs/source/markdown/podman-exec.1.md
diff --git a/docs/podman-export.1.md b/docs/source/markdown/podman-export.1.md
index 4286d0e2f..4286d0e2f 100644
--- a/docs/podman-export.1.md
+++ b/docs/source/markdown/podman-export.1.md
diff --git a/docs/podman-generate-kube.1.md b/docs/source/markdown/podman-generate-kube.1.md
index f4b4cd482..f4b4cd482 100644
--- a/docs/podman-generate-kube.1.md
+++ b/docs/source/markdown/podman-generate-kube.1.md
diff --git a/docs/podman-generate-systemd.1.md b/docs/source/markdown/podman-generate-systemd.1.md
index b81e68a46..b81e68a46 100644
--- a/docs/podman-generate-systemd.1.md
+++ b/docs/source/markdown/podman-generate-systemd.1.md
diff --git a/docs/podman-generate.1.md b/docs/source/markdown/podman-generate.1.md
index 50050f2c1..50050f2c1 100644
--- a/docs/podman-generate.1.md
+++ b/docs/source/markdown/podman-generate.1.md
diff --git a/docs/podman-healthcheck-run.1.md b/docs/source/markdown/podman-healthcheck-run.1.md
index 21f2d9b20..21f2d9b20 100644
--- a/docs/podman-healthcheck-run.1.md
+++ b/docs/source/markdown/podman-healthcheck-run.1.md
diff --git a/docs/podman-healthcheck.1.md b/docs/source/markdown/podman-healthcheck.1.md
index 91c3e4345..91c3e4345 100644
--- a/docs/podman-healthcheck.1.md
+++ b/docs/source/markdown/podman-healthcheck.1.md
diff --git a/docs/podman-history.1.md b/docs/source/markdown/podman-history.1.md
index a67cb0286..a67cb0286 100644
--- a/docs/podman-history.1.md
+++ b/docs/source/markdown/podman-history.1.md
diff --git a/docs/podman-image-exists.1.md b/docs/source/markdown/podman-image-exists.1.md
index f6a89e2aa..f6a89e2aa 100644
--- a/docs/podman-image-exists.1.md
+++ b/docs/source/markdown/podman-image-exists.1.md
diff --git a/docs/podman-image-prune.1.md b/docs/source/markdown/podman-image-prune.1.md
index b844a9f63..b844a9f63 100644
--- a/docs/podman-image-prune.1.md
+++ b/docs/source/markdown/podman-image-prune.1.md
diff --git a/docs/podman-image-sign.1.md b/docs/source/markdown/podman-image-sign.1.md
index 62845e715..62845e715 100644
--- a/docs/podman-image-sign.1.md
+++ b/docs/source/markdown/podman-image-sign.1.md
diff --git a/docs/podman-image-tree.1.md b/docs/source/markdown/podman-image-tree.1.md
index c4624e05c..c4624e05c 100644
--- a/docs/podman-image-tree.1.md
+++ b/docs/source/markdown/podman-image-tree.1.md
diff --git a/docs/podman-image-trust.1.md b/docs/source/markdown/podman-image-trust.1.md
index 3fe4f7f52..3fe4f7f52 100644
--- a/docs/podman-image-trust.1.md
+++ b/docs/source/markdown/podman-image-trust.1.md
diff --git a/docs/podman-image.1.md b/docs/source/markdown/podman-image.1.md
index 339a531dd..339a531dd 100644
--- a/docs/podman-image.1.md
+++ b/docs/source/markdown/podman-image.1.md
diff --git a/docs/podman-images.1.md b/docs/source/markdown/podman-images.1.md
index 3ac07fc43..3ac07fc43 100644
--- a/docs/podman-images.1.md
+++ b/docs/source/markdown/podman-images.1.md
diff --git a/docs/podman-import.1.md b/docs/source/markdown/podman-import.1.md
index 946b680dd..946b680dd 100644
--- a/docs/podman-import.1.md
+++ b/docs/source/markdown/podman-import.1.md
diff --git a/docs/podman-info.1.md b/docs/source/markdown/podman-info.1.md
index 9721755ef..9721755ef 100644
--- a/docs/podman-info.1.md
+++ b/docs/source/markdown/podman-info.1.md
diff --git a/docs/podman-init.1.md b/docs/source/markdown/podman-init.1.md
index 3b49cfb99..3b49cfb99 100644
--- a/docs/podman-init.1.md
+++ b/docs/source/markdown/podman-init.1.md
diff --git a/docs/podman-inspect.1.md b/docs/source/markdown/podman-inspect.1.md
index f1630c713..f1630c713 100644
--- a/docs/podman-inspect.1.md
+++ b/docs/source/markdown/podman-inspect.1.md
diff --git a/docs/podman-kill.1.md b/docs/source/markdown/podman-kill.1.md
index 617d25b85..617d25b85 100644
--- a/docs/podman-kill.1.md
+++ b/docs/source/markdown/podman-kill.1.md
diff --git a/docs/podman-load.1.md b/docs/source/markdown/podman-load.1.md
index deb4fb5ec..deb4fb5ec 100644
--- a/docs/podman-load.1.md
+++ b/docs/source/markdown/podman-load.1.md
diff --git a/docs/podman-login.1.md b/docs/source/markdown/podman-login.1.md
index 9d368e9f2..9d368e9f2 100644
--- a/docs/podman-login.1.md
+++ b/docs/source/markdown/podman-login.1.md
diff --git a/docs/podman-logout.1.md b/docs/source/markdown/podman-logout.1.md
index 01dc52ecd..01dc52ecd 100644
--- a/docs/podman-logout.1.md
+++ b/docs/source/markdown/podman-logout.1.md
diff --git a/docs/podman-logs.1.md b/docs/source/markdown/podman-logs.1.md
index 405f180d9..405f180d9 100644
--- a/docs/podman-logs.1.md
+++ b/docs/source/markdown/podman-logs.1.md
diff --git a/docs/podman-mount.1.md b/docs/source/markdown/podman-mount.1.md
index 8f4deeca6..8f4deeca6 100644
--- a/docs/podman-mount.1.md
+++ b/docs/source/markdown/podman-mount.1.md
diff --git a/docs/podman-network-create.1.md b/docs/source/markdown/podman-network-create.1.md
index c281d50d9..c281d50d9 100644
--- a/docs/podman-network-create.1.md
+++ b/docs/source/markdown/podman-network-create.1.md
diff --git a/docs/podman-network-inspect.1.md b/docs/source/markdown/podman-network-inspect.1.md
index dfa7e4b0c..dfa7e4b0c 100644
--- a/docs/podman-network-inspect.1.md
+++ b/docs/source/markdown/podman-network-inspect.1.md
diff --git a/docs/podman-network-ls.1.md b/docs/source/markdown/podman-network-ls.1.md
index 46e424593..46e424593 100644
--- a/docs/podman-network-ls.1.md
+++ b/docs/source/markdown/podman-network-ls.1.md
diff --git a/docs/podman-network-rm.1.md b/docs/source/markdown/podman-network-rm.1.md
index c71f0d8fd..c71f0d8fd 100644
--- a/docs/podman-network-rm.1.md
+++ b/docs/source/markdown/podman-network-rm.1.md
diff --git a/docs/podman-network.1.md b/docs/source/markdown/podman-network.1.md
index f05b2b78f..f05b2b78f 100644
--- a/docs/podman-network.1.md
+++ b/docs/source/markdown/podman-network.1.md
diff --git a/docs/podman-pause.1.md b/docs/source/markdown/podman-pause.1.md
index dfd4da416..dfd4da416 100644
--- a/docs/podman-pause.1.md
+++ b/docs/source/markdown/podman-pause.1.md
diff --git a/docs/podman-play-kube.1.md b/docs/source/markdown/podman-play-kube.1.md
index 2ac860a32..2ac860a32 100644
--- a/docs/podman-play-kube.1.md
+++ b/docs/source/markdown/podman-play-kube.1.md
diff --git a/docs/podman-play.1.md b/docs/source/markdown/podman-play.1.md
index 364baad60..364baad60 100644
--- a/docs/podman-play.1.md
+++ b/docs/source/markdown/podman-play.1.md
diff --git a/docs/podman-pod-create.1.md b/docs/source/markdown/podman-pod-create.1.md
index cd1de6401..cd1de6401 100644
--- a/docs/podman-pod-create.1.md
+++ b/docs/source/markdown/podman-pod-create.1.md
diff --git a/docs/podman-pod-exists.1.md b/docs/source/markdown/podman-pod-exists.1.md
index cf2852934..cf2852934 100644
--- a/docs/podman-pod-exists.1.md
+++ b/docs/source/markdown/podman-pod-exists.1.md
diff --git a/docs/podman-pod-inspect.1.md b/docs/source/markdown/podman-pod-inspect.1.md
index 831d28259..831d28259 100644
--- a/docs/podman-pod-inspect.1.md
+++ b/docs/source/markdown/podman-pod-inspect.1.md
diff --git a/docs/podman-pod-kill.1.md b/docs/source/markdown/podman-pod-kill.1.md
index 596e15cea..596e15cea 100644
--- a/docs/podman-pod-kill.1.md
+++ b/docs/source/markdown/podman-pod-kill.1.md
diff --git a/docs/podman-pod-pause.1.md b/docs/source/markdown/podman-pod-pause.1.md
index 9533ed4a1..9533ed4a1 100644
--- a/docs/podman-pod-pause.1.md
+++ b/docs/source/markdown/podman-pod-pause.1.md
diff --git a/docs/podman-pod-prune.1.md b/docs/source/markdown/podman-pod-prune.1.md
index f79961b2f..f79961b2f 100644
--- a/docs/podman-pod-prune.1.md
+++ b/docs/source/markdown/podman-pod-prune.1.md
diff --git a/docs/podman-pod-ps.1.md b/docs/source/markdown/podman-pod-ps.1.md
index 65a7072ab..65a7072ab 100644
--- a/docs/podman-pod-ps.1.md
+++ b/docs/source/markdown/podman-pod-ps.1.md
diff --git a/docs/podman-pod-restart.1.md b/docs/source/markdown/podman-pod-restart.1.md
index 57f479102..57f479102 100644
--- a/docs/podman-pod-restart.1.md
+++ b/docs/source/markdown/podman-pod-restart.1.md
diff --git a/docs/podman-pod-rm.1.md b/docs/source/markdown/podman-pod-rm.1.md
index 6659534b4..6659534b4 100644
--- a/docs/podman-pod-rm.1.md
+++ b/docs/source/markdown/podman-pod-rm.1.md
diff --git a/docs/podman-pod-start.1.md b/docs/source/markdown/podman-pod-start.1.md
index 29960d6aa..29960d6aa 100644
--- a/docs/podman-pod-start.1.md
+++ b/docs/source/markdown/podman-pod-start.1.md
diff --git a/docs/podman-pod-stats.1.md b/docs/source/markdown/podman-pod-stats.1.md
index 962edbda0..962edbda0 100644
--- a/docs/podman-pod-stats.1.md
+++ b/docs/source/markdown/podman-pod-stats.1.md
diff --git a/docs/podman-pod-stop.1.md b/docs/source/markdown/podman-pod-stop.1.md
index b3ce47d72..b3ce47d72 100644
--- a/docs/podman-pod-stop.1.md
+++ b/docs/source/markdown/podman-pod-stop.1.md
diff --git a/docs/podman-pod-top.1.md b/docs/source/markdown/podman-pod-top.1.md
index 48f10055a..48f10055a 100644
--- a/docs/podman-pod-top.1.md
+++ b/docs/source/markdown/podman-pod-top.1.md
diff --git a/docs/podman-pod-unpause.1.md b/docs/source/markdown/podman-pod-unpause.1.md
index e0a88c2e3..e0a88c2e3 100644
--- a/docs/podman-pod-unpause.1.md
+++ b/docs/source/markdown/podman-pod-unpause.1.md
diff --git a/docs/podman-pod.1.md b/docs/source/markdown/podman-pod.1.md
index b3d002a06..b3d002a06 100644
--- a/docs/podman-pod.1.md
+++ b/docs/source/markdown/podman-pod.1.md
diff --git a/docs/podman-port.1.md b/docs/source/markdown/podman-port.1.md
index c9833f447..c9833f447 100644
--- a/docs/podman-port.1.md
+++ b/docs/source/markdown/podman-port.1.md
diff --git a/docs/podman-ps.1.md b/docs/source/markdown/podman-ps.1.md
index 298de0b2b..298de0b2b 100644
--- a/docs/podman-ps.1.md
+++ b/docs/source/markdown/podman-ps.1.md
diff --git a/docs/podman-pull.1.md b/docs/source/markdown/podman-pull.1.md
index de9688f5e..de9688f5e 100644
--- a/docs/podman-pull.1.md
+++ b/docs/source/markdown/podman-pull.1.md
diff --git a/docs/podman-push.1.md b/docs/source/markdown/podman-push.1.md
index 3f0350bcd..3f0350bcd 100644
--- a/docs/podman-push.1.md
+++ b/docs/source/markdown/podman-push.1.md
diff --git a/docs/podman-remote.1.md b/docs/source/markdown/podman-remote.1.md
index 04010abaf..04010abaf 100644
--- a/docs/podman-remote.1.md
+++ b/docs/source/markdown/podman-remote.1.md
diff --git a/docs/podman-restart.1.md b/docs/source/markdown/podman-restart.1.md
index 08fa29244..08fa29244 100644
--- a/docs/podman-restart.1.md
+++ b/docs/source/markdown/podman-restart.1.md
diff --git a/docs/podman-rm.1.md b/docs/source/markdown/podman-rm.1.md
index 207d9d61d..207d9d61d 100644
--- a/docs/podman-rm.1.md
+++ b/docs/source/markdown/podman-rm.1.md
diff --git a/docs/podman-rmi.1.md b/docs/source/markdown/podman-rmi.1.md
index d911ee6cb..d911ee6cb 100644
--- a/docs/podman-rmi.1.md
+++ b/docs/source/markdown/podman-rmi.1.md
diff --git a/docs/podman-run.1.md b/docs/source/markdown/podman-run.1.md
index d6d8f4c1e..d6d8f4c1e 100644
--- a/docs/podman-run.1.md
+++ b/docs/source/markdown/podman-run.1.md
diff --git a/docs/podman-save.1.md b/docs/source/markdown/podman-save.1.md
index b2b0995d3..b2b0995d3 100644
--- a/docs/podman-save.1.md
+++ b/docs/source/markdown/podman-save.1.md
diff --git a/docs/podman-search.1.md b/docs/source/markdown/podman-search.1.md
index 31de6f839..31de6f839 100644
--- a/docs/podman-search.1.md
+++ b/docs/source/markdown/podman-search.1.md
diff --git a/docs/podman-start.1.md b/docs/source/markdown/podman-start.1.md
index 4c81d17bd..4c81d17bd 100644
--- a/docs/podman-start.1.md
+++ b/docs/source/markdown/podman-start.1.md
diff --git a/docs/podman-stats.1.md b/docs/source/markdown/podman-stats.1.md
index 741873c3f..741873c3f 100644
--- a/docs/podman-stats.1.md
+++ b/docs/source/markdown/podman-stats.1.md
diff --git a/docs/podman-stop.1.md b/docs/source/markdown/podman-stop.1.md
index b5ea670b0..b5ea670b0 100644
--- a/docs/podman-stop.1.md
+++ b/docs/source/markdown/podman-stop.1.md
diff --git a/docs/podman-system-df.1.md b/docs/source/markdown/podman-system-df.1.md
index d0b1755ee..d0b1755ee 100644
--- a/docs/podman-system-df.1.md
+++ b/docs/source/markdown/podman-system-df.1.md
diff --git a/docs/podman-system-migrate.1.md b/docs/source/markdown/podman-system-migrate.1.md
index d5e3bcb95..d5e3bcb95 100644
--- a/docs/podman-system-migrate.1.md
+++ b/docs/source/markdown/podman-system-migrate.1.md
diff --git a/docs/podman-system-prune.1.md b/docs/source/markdown/podman-system-prune.1.md
index e6297dc0b..e6297dc0b 100644
--- a/docs/podman-system-prune.1.md
+++ b/docs/source/markdown/podman-system-prune.1.md
diff --git a/docs/podman-system-renumber.1.md b/docs/source/markdown/podman-system-renumber.1.md
index 071eefe29..071eefe29 100644
--- a/docs/podman-system-renumber.1.md
+++ b/docs/source/markdown/podman-system-renumber.1.md
diff --git a/docs/podman-system.1.md b/docs/source/markdown/podman-system.1.md
index bbd541066..bbd541066 100644
--- a/docs/podman-system.1.md
+++ b/docs/source/markdown/podman-system.1.md
diff --git a/docs/podman-tag.1.md b/docs/source/markdown/podman-tag.1.md
index 291d95228..291d95228 100644
--- a/docs/podman-tag.1.md
+++ b/docs/source/markdown/podman-tag.1.md
diff --git a/docs/podman-top.1.md b/docs/source/markdown/podman-top.1.md
index 1410aa651..1410aa651 100644
--- a/docs/podman-top.1.md
+++ b/docs/source/markdown/podman-top.1.md
diff --git a/docs/podman-umount.1.md b/docs/source/markdown/podman-umount.1.md
index 100c47b32..100c47b32 100644
--- a/docs/podman-umount.1.md
+++ b/docs/source/markdown/podman-umount.1.md
diff --git a/docs/podman-unpause.1.md b/docs/source/markdown/podman-unpause.1.md
index f5538d6d5..f5538d6d5 100644
--- a/docs/podman-unpause.1.md
+++ b/docs/source/markdown/podman-unpause.1.md
diff --git a/docs/podman-unshare.1.md b/docs/source/markdown/podman-unshare.1.md
index 9052b97ab..9052b97ab 100644
--- a/docs/podman-unshare.1.md
+++ b/docs/source/markdown/podman-unshare.1.md
diff --git a/docs/podman-varlink.1.md b/docs/source/markdown/podman-varlink.1.md
index 0d2ab1668..0d2ab1668 100644
--- a/docs/podman-varlink.1.md
+++ b/docs/source/markdown/podman-varlink.1.md
diff --git a/docs/podman-version.1.md b/docs/source/markdown/podman-version.1.md
index 4499f6338..4499f6338 100644
--- a/docs/podman-version.1.md
+++ b/docs/source/markdown/podman-version.1.md
diff --git a/docs/podman-volume-create.1.md b/docs/source/markdown/podman-volume-create.1.md
index b354f396f..b354f396f 100644
--- a/docs/podman-volume-create.1.md
+++ b/docs/source/markdown/podman-volume-create.1.md
diff --git a/docs/podman-volume-inspect.1.md b/docs/source/markdown/podman-volume-inspect.1.md
index ac5b6c977..ac5b6c977 100644
--- a/docs/podman-volume-inspect.1.md
+++ b/docs/source/markdown/podman-volume-inspect.1.md
diff --git a/docs/podman-volume-ls.1.md b/docs/source/markdown/podman-volume-ls.1.md
index d431c7c6e..d431c7c6e 100644
--- a/docs/podman-volume-ls.1.md
+++ b/docs/source/markdown/podman-volume-ls.1.md
diff --git a/docs/podman-volume-prune.1.md b/docs/source/markdown/podman-volume-prune.1.md
index 25ea701a3..25ea701a3 100644
--- a/docs/podman-volume-prune.1.md
+++ b/docs/source/markdown/podman-volume-prune.1.md
diff --git a/docs/podman-volume-rm.1.md b/docs/source/markdown/podman-volume-rm.1.md
index 9a2fe8c99..9a2fe8c99 100644
--- a/docs/podman-volume-rm.1.md
+++ b/docs/source/markdown/podman-volume-rm.1.md
diff --git a/docs/podman-volume.1.md b/docs/source/markdown/podman-volume.1.md
index 288e57b82..288e57b82 100644
--- a/docs/podman-volume.1.md
+++ b/docs/source/markdown/podman-volume.1.md
diff --git a/docs/podman-wait.1.md b/docs/source/markdown/podman-wait.1.md
index ce1c70a5f..ce1c70a5f 100644
--- a/docs/podman-wait.1.md
+++ b/docs/source/markdown/podman-wait.1.md
diff --git a/docs/podman.1.md b/docs/source/markdown/podman.1.md
index f6fa1a457..f6fa1a457 100644
--- a/docs/podman.1.md
+++ b/docs/source/markdown/podman.1.md
diff --git a/docs/source/network.rst b/docs/source/network.rst
new file mode 100644
index 000000000..c1c53bc34
--- /dev/null
+++ b/docs/source/network.rst
@@ -0,0 +1,10 @@
+Network
+=====
+
+:doc:`create <markdown/podman-network-create.1>` network create
+
+:doc:`inspect <markdown/podman-network-inspect.1>` network inspect
+
+:doc:`ls <markdown/podman-network-ls.1>` network list
+
+:doc:`rm <markdown/podman-network-rm.1>` network rm \ No newline at end of file
diff --git a/docs/source/play.rst b/docs/source/play.rst
new file mode 100644
index 000000000..8f00d2f45
--- /dev/null
+++ b/docs/source/play.rst
@@ -0,0 +1,4 @@
+Play
+====
+
+:doc:`kube <markdown/podman-play-kube.1>` Play a pod based on Kubernetes YAML
diff --git a/docs/source/pod.rst b/docs/source/pod.rst
new file mode 100644
index 000000000..391686ce5
--- /dev/null
+++ b/docs/source/pod.rst
@@ -0,0 +1,30 @@
+Pod
+===
+
+:doc:`create <markdown/podman-pod-create.1>` Create a new empty pod
+
+:doc:`exists <markdown/podman-pod-exists.1>` Check if a pod exists in local storage
+
+:doc:`inspect <markdown/podman-pod-inspect.1>` Displays a pod configuration
+
+:doc:`kill <markdown/podman-pod-kill.1>` Send the specified signal or SIGKILL to containers in pod
+
+:doc:`pause <markdown/podman-pause.1>` Pause one or more pods
+
+:doc:`prune <markdown/podman-pod-prune.1>` Remove all stopped pods
+
+:doc:`ps <markdown/podman-pod-ps.1>` List pods
+
+:doc:`restart <markdown/podman-pod-restart.1>` Restart one or more pods
+
+:doc:`rm <markdown/podman-pod-rm.1>` Remove one or more pods
+
+:doc:`start <markdown/podman-pod-start.1>` Start one or more pods
+
+:doc:`stats <markdown/podman-pod-stats.1>` Display a live stream of resource usage statistics for the containers in one or more pods
+
+:doc:`stop <markdown/podman-pod-stop.1>` Stop one or more pods
+
+:doc:`top <markdown/podman-pod-top.1>` Display the running processes of containers in a pod
+
+:doc:`unpause <markdown/podman-pod-unpause.1>` Unpause one or more pods
diff --git a/docs/source/system.rst b/docs/source/system.rst
new file mode 100644
index 000000000..2f2b7ea8f
--- /dev/null
+++ b/docs/source/system.rst
@@ -0,0 +1,12 @@
+System
+======
+
+:doc:`df <markdown/podman-system-df.1>` Show podman disk usage
+
+:doc:`info <markdown/podman-info.1>` Display podman system information
+
+:doc:`migrate <markdown/podman-system-migrate.1>` Migrate containers
+
+:doc:`prune <markdown/podman-system-prune.1>` Remove unused data
+
+:doc:`renumber <markdown/podman-system-renumber.1>` Migrate lock numbers
diff --git a/docs/source/volume.rst b/docs/source/volume.rst
new file mode 100644
index 000000000..43fe87054
--- /dev/null
+++ b/docs/source/volume.rst
@@ -0,0 +1,11 @@
+Volume
+======
+:doc:`create <markdown/podman-volume-create.1>` Create a new volume
+
+:doc:`inspect <markdown/podman-volume-inspect.1>` Display detailed information on one or more volumes
+
+:doc:`ls <markdown/podman-volume-ls.1>` List volumes
+
+:doc:`prune <markdown/podman-volume-prune.1>` Remove all unused volumes
+
+:doc:`rm <markdown/podman-volume-rm.1>` Remove one or more volumes \ No newline at end of file
diff --git a/go.sum b/go.sum
index f5d5635aa..1743f3758 100644
--- a/go.sum
+++ b/go.sum
@@ -55,12 +55,8 @@ github.com/containernetworking/cni v0.7.1 h1:fE3r16wpSEyaqY4Z4oFrLMmIGfBYIKpPrHK
github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY=
github.com/containernetworking/plugins v0.8.2 h1:5lnwfsAYO+V7yXhysJKy3E1A2Gy9oVut031zfdOzI9w=
github.com/containernetworking/plugins v0.8.2/go.mod h1:TxALKWZpWL79BC3GOYKJzzXr7U8R23PdhwaLp6F3adc=
-github.com/containers/buildah v1.11.3 h1:L5vFj+ao58IGq3G30jN94vRQrIgMU/uTOEKduDr3Nyg=
-github.com/containers/buildah v1.11.3/go.mod h1:jqZmSU/PhFwTHHlOotnw4bbs1JbkRQLh8dut5DF4Qek=
github.com/containers/buildah v1.11.4-0.20191028173731-21b4778b359e h1:iDavHEx5Yr7o+0l6495Ya6N0YEPplIUZuWC2e14baDM=
github.com/containers/buildah v1.11.4-0.20191028173731-21b4778b359e/go.mod h1:Igrk75FAxLnzDaHUbtpWB8pwL+Bv+cnakWMvqAXW2v8=
-github.com/containers/image/v4 v4.0.1 h1:idNGHChj0Pyv3vLrxul2oSVMZLeFqpoq3CjLeVgapSQ=
-github.com/containers/image/v4 v4.0.1/go.mod h1:0ASJH1YgJiX/eqFZObqepgsvIA4XjCgpyfwn9pDGafA=
github.com/containers/image/v5 v5.0.0 h1:arnXgbt1ucsC/ndtSpiQY87rA0UjhF+/xQnPzqdBDn4=
github.com/containers/image/v5 v5.0.0/go.mod h1:MgiLzCfIeo8lrHi+4Lb8HP+rh513sm0Mlk6RrhjFOLY=
github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b h1:Q8ePgVfHDplZ7U33NwHZkrVELsZP5fYj9pM5WBZB2GE=
@@ -102,8 +98,6 @@ github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BU
github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/docker v0.0.0-20171019062838-86f080cff091/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/docker v0.0.0-20180522102801-da99009bbb11/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v1.4.2-0.20190710153559-aa8249ae1b8b h1:+Ga+YpCDpcY1fln6GI0fiiirpqHGcob5/Vk3oKNuGdU=
-github.com/docker/docker v1.4.2-0.20190710153559-aa8249ae1b8b/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/docker v1.4.2-0.20190927142053-ada3c14355ce h1:H3csZuxZESJeeEiOxq4YXPNmLFbjl7u2qVBrAAGX/sA=
github.com/docker/docker v1.4.2-0.20190927142053-ada3c14355ce/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/docker-credential-helpers v0.6.0/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y=
@@ -139,8 +133,6 @@ github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8
github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc=
github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/fsouza/go-dockerclient v1.4.4 h1:Sd5nD4wdAgiPxvrbYUzT2ZZNmPk3z+GGnZ+frvw8z04=
-github.com/fsouza/go-dockerclient v1.4.4/go.mod h1:PrwszSL5fbmsESocROrOGq/NULMXRw+bajY0ltzD6MA=
github.com/fsouza/go-dockerclient v1.5.0 h1:7OtayOe5HnoG+KWMHgyyPymwaodnB2IDYuVfseKyxbA=
github.com/fsouza/go-dockerclient v1.5.0/go.mod h1:AqZZK/zFO3phxYxlTsAaeAMSdQ9mgHuhy+bjN034Qds=
github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
@@ -210,8 +202,6 @@ github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
-github.com/ijc/Gotty v0.0.0-20170406111628-a8b993ba6abd h1:anPrsicrIi2ColgWTVPk+TrN42hJIWlfPHSBP9S0ZkM=
-github.com/ijc/Gotty v0.0.0-20170406111628-a8b993ba6abd/go.mod h1:3LVOLeyx9XVvwPgrt2be44XgSqndprz1G18rSk8KD84=
github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28=
github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
@@ -322,8 +312,6 @@ github.com/opencontainers/selinux v1.3.0 h1:xsI95WzPZu5exzA6JzkLSfdr/DilzOhCJOqG
github.com/opencontainers/selinux v1.3.0/go.mod h1:+BLncwf63G4dgOzykXAxcmnFlUaOlkDdmw/CqsW6pjs=
github.com/openshift/api v3.9.1-0.20190810003144-27fb16909b15+incompatible h1:s55wx8JIG/CKnewev892HifTBrtKzMdvgB3rm4rxC2s=
github.com/openshift/api v3.9.1-0.20190810003144-27fb16909b15+incompatible/go.mod h1:dh9o4Fs58gpFXGSYfnVxGR9PnV53I8TW84pQaJDdGiY=
-github.com/openshift/imagebuilder v1.1.0 h1:oT704SkwMEzmIMU/+Uv1Wmvt+p10q3v2WuYMeFI18c4=
-github.com/openshift/imagebuilder v1.1.0/go.mod h1:9aJRczxCH0mvT6XQ+5STAQaPWz7OsWcU5/mRkt8IWeo=
github.com/openshift/imagebuilder v1.1.1 h1:KAUR31p8UBJdfVO42azWgb+LeMAed2zaKQ19e0C0X2I=
github.com/openshift/imagebuilder v1.1.1/go.mod h1:9aJRczxCH0mvT6XQ+5STAQaPWz7OsWcU5/mRkt8IWeo=
github.com/opentracing/opentracing-go v1.1.0 h1:pWlfV3Bxv7k65HYwkikxat0+s3pV4bsqf19k25Ur8rU=
@@ -444,8 +432,6 @@ golang.org/x/crypto v0.0.0-20181025213731-e84da0312774/go.mod h1:6SG95UA2DQfeDnf
golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc=
-golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190927123631-a832865fa7ad h1:5E5raQxcv+6CZ11RrBYQe5WRbUIWpScjh0kvHZkZIrQ=
golang.org/x/crypto v0.0.0-20190927123631-a832865fa7ad/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -495,7 +481,6 @@ golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb h1:fgwFCsaw9buMuxNd6+DQfAuSFqbNiQZpcgJQAgJsK6k=
golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190710143415-6ec70d6a5542/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190902133755-9109b7679e13 h1:tdsQdquKbTNMsSZLqnLELJGzCANp9oXhu6zFBW6ODx4=
golang.org/x/sys v0.0.0-20190902133755-9109b7679e13/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
diff --git a/hack/man-page-checker b/hack/man-page-checker
index 30d0b2113..99d280539 100755
--- a/hack/man-page-checker
+++ b/hack/man-page-checker
@@ -18,7 +18,7 @@ die() {
exit 1
}
-cd $(dirname $0)/../docs || die "Please run me from top-level libpod dir"
+cd $(dirname $0)/../docs/source/markdown || die "Please run me from top-level libpod dir"
rc=0
diff --git a/hack/podman-commands.sh b/hack/podman-commands.sh
index 7530e20d0..32f94fc7b 100755
--- a/hack/podman-commands.sh
+++ b/hack/podman-commands.sh
@@ -34,7 +34,7 @@ function podman_man() {
# This md file has a table of the form:
# | [podman-cmd(1)\[(podman-cmd.1.md) | Description ... |
# For all such, print the 'cmd' portion (the one in brackets).
- sed -ne 's/^|\s\+\[podman-\([a-z]\+\)(1.*/\1/p' <docs/$1.1.md
+ sed -ne 's/^|\s\+\[podman-\([a-z]\+\)(1.*/\1/p' <docs/source/markdown/$1.1.md
# Special case: there is no podman-help man page, nor need for such.
echo "help"
@@ -48,7 +48,7 @@ function podman_man() {
# | cmd | [podman-cmd(1)](podman-cmd.1.md) | Description ... |
# For all such we find, with 'podman- in the second column, print the
# first column (with whitespace trimmed)
- awk -F\| '$3 ~ /podman-/ { gsub(" ","",$2); print $2 }' < docs/$1.1.md
+ awk -F\| '$3 ~ /podman-/ { gsub(" ","",$2); print $2 }' < docs/source/markdown/$1.1.md
fi
}
@@ -93,7 +93,7 @@ if [ $rc -ne 0 ]; then
* podman man pages.
*
* The 'checking:' header indicates the specific command (and possibly
-* subcommand) being tested, e.g. podman --help vs docs/podman.1.md.
+* subcommand) being tested, e.g. podman --help vs docs/source/podman.1.md.
*
* A '-' indicates a subcommand present in 'podman --help' but not the
* corresponding man page.
diff --git a/libpod/boltdb_state.go b/libpod/boltdb_state.go
index 0bb1df7b8..608a279c3 100644
--- a/libpod/boltdb_state.go
+++ b/libpod/boltdb_state.go
@@ -6,6 +6,7 @@ import (
"strings"
"sync"
+ "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
bolt "github.com/etcd-io/bbolt"
jsoniter "github.com/json-iterator/go"
@@ -291,12 +292,12 @@ func (s *BoltState) Refresh() error {
// GetDBConfig retrieves runtime configuration fields that were created when
// the database was first initialized
-func (s *BoltState) GetDBConfig() (*DBConfig, error) {
+func (s *BoltState) GetDBConfig() (*config.DBConfig, error) {
if !s.valid {
return nil, define.ErrDBClosed
}
- cfg := new(DBConfig)
+ cfg := new(config.DBConfig)
db, err := s.getDBCon()
if err != nil {
diff --git a/libpod/common_test.go b/libpod/common_test.go
index 93ca7bc71..83b162c8a 100644
--- a/libpod/common_test.go
+++ b/libpod/common_test.go
@@ -7,6 +7,7 @@ import (
"testing"
"time"
+ "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/lock"
"github.com/cri-o/ocicni/pkg/ocicni"
@@ -74,7 +75,7 @@ func getTestContainer(id, name string, manager lock.Manager) (*Container, error)
},
},
runtime: &Runtime{
- config: &RuntimeConfig{
+ config: &config.Config{
VolumePath: "/does/not/exist/tmp/volumes",
},
},
diff --git a/libpod/config/config.go b/libpod/config/config.go
new file mode 100644
index 000000000..5b4b57f3a
--- /dev/null
+++ b/libpod/config/config.go
@@ -0,0 +1,549 @@
+package config
+
+import (
+ "bytes"
+ "io/ioutil"
+ "os"
+ "os/exec"
+ "path/filepath"
+ "regexp"
+ "strconv"
+ "strings"
+
+ "github.com/BurntSushi/toml"
+ "github.com/containers/libpod/libpod/define"
+ "github.com/containers/libpod/pkg/rootless"
+ "github.com/containers/libpod/pkg/util"
+ "github.com/containers/storage"
+ "github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
+)
+
+const (
+ // _defaultTransport is a prefix that we apply to an image name to check
+ // docker hub first for the image.
+ _defaultTransport = "docker://"
+
+ // _rootlessConfigPath is the path to the rootless libpod.conf in $HOME.
+ _rootlessConfigPath = ".config/containers/libpod.conf"
+
+ // _conmonMinMajorVersion is the major version required for conmon.
+ _conmonMinMajorVersion = 2
+
+ // _conmonMinMinorVersion is the minor version required for conmon.
+ _conmonMinMinorVersion = 0
+
+ // _conmonMinPatchVersion is the sub-minor version required for conmon.
+ _conmonMinPatchVersion = 1
+
+ // _conmonVersionFormatErr is used when the expected versio-format of conmon
+ // has changed.
+ _conmonVersionFormatErr = "conmon version changed format"
+
+ // InstallPrefix is the prefix where podman will be installed.
+ // It can be overridden at build time.
+ _installPrefix = "/usr"
+
+ // EtcDir is the sysconfdir where podman should look for system config files.
+ // It can be overridden at build time.
+ _etcDir = "/etc"
+
+ // SeccompDefaultPath defines the default seccomp path.
+ SeccompDefaultPath = _installPrefix + "/share/containers/seccomp.json"
+
+ // SeccompOverridePath if this exists it overrides the default seccomp path.
+ SeccompOverridePath = _etcDir + "/crio/seccomp.json"
+
+ // _rootConfigPath is the path to the libpod configuration file
+ // This file is loaded to replace the builtin default config before
+ // runtime options (e.g. WithStorageConfig) are applied.
+ // If it is not present, the builtin default config is used instead
+ // This path can be overridden when the runtime is created by using
+ // NewRuntimeFromConfig() instead of NewRuntime().
+ _rootConfigPath = _installPrefix + "/share/containers/libpod.conf"
+
+ // _rootOverrideConfigPath is the path to an override for the default libpod
+ // configuration file. If OverrideConfigPath exists, it will be used in
+ // place of the configuration file pointed to by ConfigPath.
+ _rootOverrideConfigPath = _etcDir + "/containers/libpod.conf"
+)
+
+// SetOptions contains a subset of options in a Config. It's used to indicate if
+// a given option has either been set by the user or by a parsed libpod
+// configuration file. If not, the corresponding option might be overwritten by
+// values from the database. This behavior guarantess backwards compat with
+// older version of libpod and Podman.
+type SetOptions struct {
+ // StorageConfigRunRootSet indicates if the RunRoot has been explicitly set
+ // by the config or by the user. It's required to guarantee backwards
+ // compatibility with older versions of libpod for which we must query the
+ // database configuration. Not included in the on-disk config.
+ StorageConfigRunRootSet bool `toml:"-"`
+
+ // StorageConfigGraphRootSet indicates if the RunRoot has been explicitly
+ // set by the config or by the user. It's required to guarantee backwards
+ // compatibility with older versions of libpod for which we must query the
+ // database configuration. Not included in the on-disk config.
+ StorageConfigGraphRootSet bool `toml:"-"`
+
+ // StorageConfigGraphDriverNameSet indicates if the GraphDriverName has been
+ // explicitly set by the config or by the user. It's required to guarantee
+ // backwards compatibility with older versions of libpod for which we must
+ // query the database configuration. Not included in the on-disk config.
+ StorageConfigGraphDriverNameSet bool `toml:"-"`
+
+ // VolumePathSet indicates if the VolumePath has been explicitly set by the
+ // config or by the user. It's required to guarantee backwards compatibility
+ // with older versions of libpod for which we must query the database
+ // configuration. Not included in the on-disk config.
+ VolumePathSet bool `toml:"-"`
+
+ // StaticDirSet indicates if the StaticDir has been explicitly set by the
+ // config or by the user. It's required to guarantee backwards compatibility
+ // with older versions of libpod for which we must query the database
+ // configuration. Not included in the on-disk config.
+ StaticDirSet bool `toml:"-"`
+
+ // TmpDirSet indicates if the TmpDir has been explicitly set by the config
+ // or by the user. It's required to guarantee backwards compatibility with
+ // older versions of libpod for which we must query the database
+ // configuration. Not included in the on-disk config.
+ TmpDirSet bool `toml:"-"`
+}
+
+// Config contains configuration options used to set up a libpod runtime
+type Config struct {
+ // NOTE: when changing this struct, make sure to update (*Config).Merge().
+
+ // SetOptions contains a subset of config options. It's used to indicate if
+ // a given option has either been set by the user or by a parsed libpod
+ // configuration file. If not, the corresponding option might be
+ // overwritten by values from the database. This behavior guarantess
+ // backwards compat with older version of libpod and Podman.
+ SetOptions
+
+ // StateType is the type of the backing state store. Avoid using multiple
+ // values for this with the same containers/storage configuration on the
+ // same system. Different state types do not interact, and each will see a
+ // separate set of containers, which may cause conflicts in
+ // containers/storage. As such this is not exposed via the config file.
+ StateType define.RuntimeStateStore `toml:"-"`
+
+ // StorageConfig is the configuration used by containers/storage Not
+ // included in the on-disk config, use the dedicated containers/storage
+ // configuration file instead.
+ StorageConfig storage.StoreOptions `toml:"-"`
+
+ // VolumePath is the default location that named volumes will be created
+ // under. This convention is followed by the default volume driver, but
+ // may not be by other drivers.
+ VolumePath string `toml:"volume_path"`
+
+ // ImageDefaultTransport is the default transport method used to fetch
+ // images.
+ ImageDefaultTransport string `toml:"image_default_transport"`
+
+ // SignaturePolicyPath is the path to a signature policy to use for
+ // validating images. If left empty, the containers/image default signature
+ // policy will be used.
+ SignaturePolicyPath string `toml:"signature_policy_path,omitempty"`
+
+ // OCIRuntime is the OCI runtime to use.
+ OCIRuntime string `toml:"runtime"`
+
+ // OCIRuntimes are the set of configured OCI runtimes (default is runc).
+ OCIRuntimes map[string][]string `toml:"runtimes"`
+
+ // RuntimeSupportsJSON is the list of the OCI runtimes that support
+ // --format=json.
+ RuntimeSupportsJSON []string `toml:"runtime_supports_json"`
+
+ // RuntimeSupportsNoCgroups is a list of OCI runtimes that support
+ // running containers without CGroups.
+ RuntimeSupportsNoCgroups []string `toml:"runtime_supports_nocgroups"`
+
+ // RuntimePath is the path to OCI runtime binary for launching containers.
+ // The first path pointing to a valid file will be used This is used only
+ // when there are no OCIRuntime/OCIRuntimes defined. It is used only to be
+ // backward compatible with older versions of Podman.
+ RuntimePath []string `toml:"runtime_path"`
+
+ // ConmonPath is the path to the Conmon binary used for managing containers.
+ // The first path pointing to a valid file will be used.
+ ConmonPath []string `toml:"conmon_path"`
+
+ // ConmonEnvVars are environment variables to pass to the Conmon binary
+ // when it is launched.
+ ConmonEnvVars []string `toml:"conmon_env_vars"`
+
+ // CGroupManager is the CGroup Manager to use Valid values are "cgroupfs"
+ // and "systemd".
+ CgroupManager string `toml:"cgroup_manager"`
+
+ // InitPath is the path to the container-init binary.
+ InitPath string `toml:"init_path"`
+
+ // StaticDir is the path to a persistent directory to store container
+ // files.
+ StaticDir string `toml:"static_dir"`
+
+ // TmpDir is the path to a temporary directory to store per-boot container
+ // files. Must be stored in a tmpfs.
+ TmpDir string `toml:"tmp_dir"`
+
+ // MaxLogSize is the maximum size of container logfiles.
+ MaxLogSize int64 `toml:"max_log_size,omitempty"`
+
+ // NoPivotRoot sets whether to set no-pivot-root in the OCI runtime.
+ NoPivotRoot bool `toml:"no_pivot_root"`
+
+ // CNIConfigDir sets the directory where CNI configuration files are
+ // stored.
+ CNIConfigDir string `toml:"cni_config_dir"`
+
+ // CNIPluginDir sets a number of directories where the CNI network
+ // plugins can be located.
+ CNIPluginDir []string `toml:"cni_plugin_dir"`
+
+ // CNIDefaultNetwork is the network name of the default CNI network
+ // to attach pods to.
+ CNIDefaultNetwork string `toml:"cni_default_network,omitempty"`
+
+ // HooksDir holds paths to the directories containing hooks
+ // configuration files. When the same filename is present in in
+ // multiple directories, the file in the directory listed last in
+ // this slice takes precedence.
+ HooksDir []string `toml:"hooks_dir"`
+
+ // DefaultMountsFile is the path to the default mounts file for testing
+ // purposes only.
+ DefaultMountsFile string `toml:"-"`
+
+ // Namespace is the libpod namespace to use. Namespaces are used to create
+ // scopes to separate containers and pods in the state. When namespace is
+ // set, libpod will only view containers and pods in the same namespace. All
+ // containers and pods created will default to the namespace set here. A
+ // namespace of "", the empty string, is equivalent to no namespace, and all
+ // containers and pods will be visible. The default namespace is "".
+ Namespace string `toml:"namespace,omitempty"`
+
+ // InfraImage is the image a pod infra container will use to manage
+ // namespaces.
+ InfraImage string `toml:"infra_image"`
+
+ // InfraCommand is the command run to start up a pod infra container.
+ InfraCommand string `toml:"infra_command"`
+
+ // EnablePortReservation determines whether libpod will reserve ports on the
+ // host when they are forwarded to containers. When enabled, when ports are
+ // forwarded to containers, they are held open by conmon as long as the
+ // container is running, ensuring that they cannot be reused by other
+ // programs on the host. However, this can cause significant memory usage if
+ // a container has many ports forwarded to it. Disabling this can save
+ // memory.
+ EnablePortReservation bool `toml:"enable_port_reservation"`
+
+ // EnableLabeling indicates whether libpod will support container labeling.
+ EnableLabeling bool `toml:"label"`
+
+ // NetworkCmdPath is the path to the slirp4netns binary.
+ NetworkCmdPath string `toml:"network_cmd_path"`
+
+ // NumLocks is the number of locks to make available for containers and
+ // pods.
+ NumLocks uint32 `toml:"num_locks,omitempty"`
+
+ // LockType is the type of locking to use.
+ LockType string `toml:"lock_type,omitempty"`
+
+ // EventsLogger determines where events should be logged.
+ EventsLogger string `toml:"events_logger"`
+
+ // EventsLogFilePath is where the events log is stored.
+ EventsLogFilePath string `toml:"events_logfile_path"`
+
+ //DetachKeys is the sequence of keys used to detach a container.
+ DetachKeys string `toml:"detach_keys"`
+
+ // SDNotify tells Libpod to allow containers to notify the host systemd of
+ // readiness using the SD_NOTIFY mechanism.
+ SDNotify bool
+}
+
+// DBConfig is a set of Libpod runtime configuration settings that are saved in
+// a State when it is first created, and can subsequently be retrieved.
+type DBConfig struct {
+ LibpodRoot string
+ LibpodTmp string
+ StorageRoot string
+ StorageTmp string
+ GraphDriver string
+ VolumePath string
+}
+
+// readConfigFromFile reads the specified config file at `path` and attempts to
+// unmarshal its content into a Config.
+func readConfigFromFile(path string) (*Config, error) {
+ var config Config
+
+ configBytes, err := ioutil.ReadFile(path)
+ if err != nil {
+ return nil, err
+ }
+
+ logrus.Debugf("Reading configuration file %q", path)
+ err = toml.Unmarshal(configBytes, &config)
+
+ // For the sake of backwards compat we need to check if the config fields
+ // with *Set suffix are set in the config. Note that the storage-related
+ // fields are NOT set in the config here but in the storage.conf OR directly
+ // by the user.
+ if config.VolumePath != "" {
+ config.VolumePathSet = true
+ }
+ if config.StaticDir != "" {
+ config.StaticDirSet = true
+ }
+ if config.TmpDir != "" {
+ config.TmpDirSet = true
+ }
+
+ return &config, err
+}
+
+// Write decodes the config as TOML and writes it to the specified path.
+func (c *Config) Write(path string) error {
+ f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE, 0666)
+ if err != nil {
+ return errors.Wrapf(err, "error opening config file %q", path)
+ }
+
+ buffer := new(bytes.Buffer)
+ if err := toml.NewEncoder(buffer).Encode(c); err != nil {
+ return errors.Wrapf(err, "error encoding config")
+ }
+
+ if _, err := f.WriteString(buffer.String()); err != nil {
+ return errors.Wrapf(err, "error writing config %q", path)
+ }
+ return err
+}
+
+// FindConmon iterates over (*Config).ConmonPath and returns the path to first
+// (version) matching conmon binary. If non is found, we try to do a path lookup
+// of "conmon".
+func (c *Config) FindConmon() (string, error) {
+ foundOutdatedConmon := false
+ for _, path := range c.ConmonPath {
+ stat, err := os.Stat(path)
+ if err != nil {
+ continue
+ }
+ if stat.IsDir() {
+ continue
+ }
+ if err := probeConmon(path); err != nil {
+ logrus.Warnf("Conmon at %s invalid: %v", path, err)
+ foundOutdatedConmon = true
+ continue
+ }
+ logrus.Debugf("Using conmon: %q", path)
+ return path, nil
+ }
+
+ // Search the $PATH as last fallback
+ if path, err := exec.LookPath("conmon"); err == nil {
+ if err := probeConmon(path); err != nil {
+ logrus.Warnf("Conmon at %s is invalid: %v", path, err)
+ foundOutdatedConmon = true
+ } else {
+ logrus.Debugf("Using conmon from $PATH: %q", path)
+ return path, nil
+ }
+ }
+
+ if foundOutdatedConmon {
+ return "", errors.Wrapf(define.ErrConmonOutdated,
+ "please update to v%d.%d.%d or later",
+ _conmonMinMajorVersion, _conmonMinMinorVersion, _conmonMinPatchVersion)
+ }
+
+ return "", errors.Wrapf(define.ErrInvalidArg,
+ "could not find a working conmon binary (configured options: %v)",
+ c.ConmonPath)
+}
+
+// probeConmon calls conmon --version and verifies it is a new enough version for
+// the runtime expectations podman currently has.
+func probeConmon(conmonBinary string) error {
+ cmd := exec.Command(conmonBinary, "--version")
+ var out bytes.Buffer
+ cmd.Stdout = &out
+ err := cmd.Run()
+ if err != nil {
+ return err
+ }
+ r := regexp.MustCompile(`^conmon version (?P<Major>\d+).(?P<Minor>\d+).(?P<Patch>\d+)`)
+
+ matches := r.FindStringSubmatch(out.String())
+ if len(matches) != 4 {
+ return errors.Wrap(err, _conmonVersionFormatErr)
+ }
+ major, err := strconv.Atoi(matches[1])
+ if err != nil {
+ return errors.Wrap(err, _conmonVersionFormatErr)
+ }
+ if major < _conmonMinMajorVersion {
+ return define.ErrConmonOutdated
+ }
+ if major > _conmonMinMajorVersion {
+ return nil
+ }
+
+ minor, err := strconv.Atoi(matches[2])
+ if err != nil {
+ return errors.Wrap(err, _conmonVersionFormatErr)
+ }
+ if minor < _conmonMinMinorVersion {
+ return define.ErrConmonOutdated
+ }
+ if minor > _conmonMinMinorVersion {
+ return nil
+ }
+
+ patch, err := strconv.Atoi(matches[3])
+ if err != nil {
+ return errors.Wrap(err, _conmonVersionFormatErr)
+ }
+ if patch < _conmonMinPatchVersion {
+ return define.ErrConmonOutdated
+ }
+ if patch > _conmonMinPatchVersion {
+ return nil
+ }
+
+ return nil
+}
+
+// NewConfig creates a new Config. It starts with an empty config and, if
+// specified, merges the config at `userConfigPath` path. Depending if we're
+// running as root or rootless, we then merge the system configuration followed
+// by merging the default config (hard-coded default in memory).
+//
+// Note that the OCI runtime is hard-set to `crun` if we're running on a system
+// with cgroupsv2. Other OCI runtimes are not yet supporting cgroupsv2. This
+// might change in the future.
+func NewConfig(userConfigPath string) (*Config, error) {
+ config := &Config{} // start with an empty config
+
+ // First, try to read the user-specified config
+ if userConfigPath != "" {
+ var err error
+ config, err = readConfigFromFile(userConfigPath)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error reading user config %q", userConfigPath)
+ }
+ }
+
+ // Now, check if the user can access system configs and merge them if needed.
+ if configs, err := systemConfigs(); err != nil {
+ return nil, errors.Wrapf(err, "error finding config on system")
+ } else {
+ for _, path := range configs {
+ systemConfig, err := readConfigFromFile(path)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error reading system config %q", path)
+ }
+ // Merge the it into the config. Any unset field in config will be
+ // over-written by the systemConfig.
+ if err := config.mergeConfig(systemConfig); err != nil {
+ return nil, errors.Wrapf(err, "error merging system config")
+ }
+ logrus.Debugf("Merged system config %q: %v", path, config)
+ }
+ }
+
+ // Finally, create a default config from memory and forcefully merge it into
+ // the config. This way we try to make sure that all fields are properly set
+ // and that user AND system config can partially set.
+ if defaultConfig, err := defaultConfigFromMemory(); err != nil {
+ return nil, errors.Wrapf(err, "error generating default config from memory")
+ } else {
+ if err := config.mergeConfig(defaultConfig); err != nil {
+ return nil, errors.Wrapf(err, "error merging default config from memory")
+ }
+ }
+
+ // Relative paths can cause nasty bugs, because core paths we use could
+ // shift between runs (or even parts of the program - the OCI runtime
+ // uses a different working directory than we do, for example.
+ if !filepath.IsAbs(config.StaticDir) {
+ return nil, errors.Wrapf(define.ErrInvalidArg, "static directory must be an absolute path - instead got %q", config.StaticDir)
+ }
+ if !filepath.IsAbs(config.TmpDir) {
+ return nil, errors.Wrapf(define.ErrInvalidArg, "temporary directory must be an absolute path - instead got %q", config.TmpDir)
+ }
+ if !filepath.IsAbs(config.VolumePath) {
+ return nil, errors.Wrapf(define.ErrInvalidArg, "volume path must be an absolute path - instead got %q", config.VolumePath)
+ }
+
+ // Check if we need to switch to cgroupfs on rootless.
+ config.checkCgroupsAndAdjustConfig()
+
+ return config, nil
+}
+
+func rootlessConfigPath() (string, error) {
+ home, err := util.HomeDir()
+ if err != nil {
+ return "", err
+ }
+
+ return filepath.Join(home, _rootlessConfigPath), nil
+}
+
+func systemConfigs() ([]string, error) {
+ if rootless.IsRootless() {
+ path, err := rootlessConfigPath()
+ if err != nil {
+ return nil, err
+ }
+ if _, err := os.Stat(path); err == nil {
+ return []string{path}, nil
+ }
+ return nil, err
+ }
+
+ configs := []string{}
+ if _, err := os.Stat(_rootOverrideConfigPath); err == nil {
+ configs = append(configs, _rootOverrideConfigPath)
+ }
+ if _, err := os.Stat(_rootConfigPath); err == nil {
+ configs = append(configs, _rootConfigPath)
+ }
+ return configs, nil
+}
+
+// checkCgroupsAndAdjustConfig checks if we're running rootless with the systemd
+// cgroup manager. In case the user session isn't available, we're switching the
+// cgroup manager to cgroupfs. Note, this only applies to rootless.
+func (c *Config) checkCgroupsAndAdjustConfig() {
+ if !rootless.IsRootless() || c.CgroupManager != define.SystemdCgroupsManager {
+ return
+ }
+
+ session := os.Getenv("DBUS_SESSION_BUS_ADDRESS")
+ hasSession := session != ""
+ if hasSession && strings.HasPrefix(session, "unix:path=") {
+ _, err := os.Stat(strings.TrimPrefix(session, "unix:path="))
+ hasSession = err == nil
+ }
+
+ if !hasSession {
+ logrus.Warningf("The cgroups manager is set to systemd but there is no systemd user session available")
+ logrus.Warningf("For using systemd, you may need to login using an user session")
+ logrus.Warningf("Alternatively, you can enable lingering with: `loginctl enable-linger %d` (possibly as root)", rootless.GetRootlessUID())
+ logrus.Warningf("Falling back to --cgroup-manager=cgroupfs")
+ c.CgroupManager = define.CgroupfsCgroupsManager
+ }
+}
diff --git a/libpod/config/config_test.go b/libpod/config/config_test.go
new file mode 100644
index 000000000..47c092440
--- /dev/null
+++ b/libpod/config/config_test.go
@@ -0,0 +1,64 @@
+package config
+
+import (
+ "reflect"
+ "testing"
+
+ "github.com/containers/libpod/libpod/define"
+ "github.com/containers/storage"
+ "github.com/stretchr/testify/assert"
+)
+
+func TestEmptyConfig(t *testing.T) {
+ // Make sure that we can read empty configs
+ config, err := readConfigFromFile("testdata/empty.conf")
+ assert.NotNil(t, config)
+ assert.Nil(t, err)
+}
+
+func TestDefaultLibpodConf(t *testing.T) {
+ // Make sure that we can read the default libpod.conf
+ config, err := readConfigFromFile("testdata/libpod.conf")
+ assert.NotNil(t, config)
+ assert.Nil(t, err)
+}
+
+func TestMergeEmptyAndDefaultMemoryConfig(t *testing.T) {
+ // Make sure that when we merge the default config into an empty one that we
+ // effectively get the default config.
+ defaultConfig, err := defaultConfigFromMemory()
+ assert.NotNil(t, defaultConfig)
+ assert.Nil(t, err)
+ defaultConfig.StateType = define.InvalidStateStore
+ defaultConfig.StorageConfig = storage.StoreOptions{}
+
+ emptyConfig, err := readConfigFromFile("testdata/empty.conf")
+ assert.NotNil(t, emptyConfig)
+ assert.Nil(t, err)
+
+ err = emptyConfig.mergeConfig(defaultConfig)
+ assert.Nil(t, err)
+
+ equal := reflect.DeepEqual(emptyConfig, defaultConfig)
+ assert.True(t, equal)
+}
+
+func TestMergeEmptyAndLibpodConfig(t *testing.T) {
+ // Make sure that when we merge the default config into an empty one that we
+ // effectively get the default config.
+ libpodConfig, err := readConfigFromFile("testdata/libpod.conf")
+ assert.NotNil(t, libpodConfig)
+ assert.Nil(t, err)
+ libpodConfig.StateType = define.InvalidStateStore
+ libpodConfig.StorageConfig = storage.StoreOptions{}
+
+ emptyConfig, err := readConfigFromFile("testdata/empty.conf")
+ assert.NotNil(t, emptyConfig)
+ assert.Nil(t, err)
+
+ err = emptyConfig.mergeConfig(libpodConfig)
+ assert.Nil(t, err)
+
+ equal := reflect.DeepEqual(emptyConfig, libpodConfig)
+ assert.True(t, equal)
+}
diff --git a/libpod/config/default.go b/libpod/config/default.go
new file mode 100644
index 000000000..17574c059
--- /dev/null
+++ b/libpod/config/default.go
@@ -0,0 +1,137 @@
+package config
+
+import (
+ "os"
+ "path/filepath"
+
+ "github.com/containers/libpod/libpod/define"
+ "github.com/containers/libpod/libpod/events"
+ "github.com/containers/libpod/pkg/rootless"
+ "github.com/containers/libpod/pkg/util"
+ "github.com/containers/storage"
+ "github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
+)
+
+const (
+ // _defaultGraphRoot points to the default path of the graph root.
+ _defaultGraphRoot = "/var/lib/containers/storage"
+ // _defaultRootlessSignaturePolicyPath points to the default path of the
+ // rootless policy.json file.
+ _defaultRootlessSignaturePolicyPath = ".config/containers/policy.json"
+)
+
+// defaultConfigFromMemory returns a default libpod configuration. Note that the
+// config is different for root and rootless. It also parses the storage.conf.
+func defaultConfigFromMemory() (*Config, error) {
+ c := new(Config)
+ if tmp, err := defaultTmpDir(); err != nil {
+ return nil, err
+ } else {
+ c.TmpDir = tmp
+ }
+ c.EventsLogFilePath = filepath.Join(c.TmpDir, "events", "events.log")
+
+ storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID())
+ if err != nil {
+ return nil, err
+ }
+ if storeOpts.GraphRoot == "" {
+ logrus.Warnf("Storage configuration is unset - using hardcoded default graph root %q", _defaultGraphRoot)
+ storeOpts.GraphRoot = _defaultGraphRoot
+ }
+ c.StaticDir = filepath.Join(storeOpts.GraphRoot, "libpod")
+ c.VolumePath = filepath.Join(storeOpts.GraphRoot, "volumes")
+ c.StorageConfig = storeOpts
+
+ c.ImageDefaultTransport = _defaultTransport
+ c.StateType = define.BoltDBStateStore
+ c.OCIRuntime = "runc"
+ c.OCIRuntimes = map[string][]string{
+ "runc": {
+ "/usr/bin/runc",
+ "/usr/sbin/runc",
+ "/usr/local/bin/runc",
+ "/usr/local/sbin/runc",
+ "/sbin/runc",
+ "/bin/runc",
+ "/usr/lib/cri-o-runc/sbin/runc",
+ "/run/current-system/sw/bin/runc",
+ },
+ // TODO - should we add "crun" defaults here as well?
+ }
+ c.ConmonPath = []string{
+ "/usr/libexec/podman/conmon",
+ "/usr/local/libexec/podman/conmon",
+ "/usr/local/lib/podman/conmon",
+ "/usr/bin/conmon",
+ "/usr/sbin/conmon",
+ "/usr/local/bin/conmon",
+ "/usr/local/sbin/conmon",
+ "/run/current-system/sw/bin/conmon",
+ }
+ c.ConmonEnvVars = []string{
+ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+ }
+ c.RuntimeSupportsJSON = []string{
+ "crun",
+ "runc",
+ }
+ c.RuntimeSupportsNoCgroups = []string{"crun"}
+ c.InitPath = define.DefaultInitPath
+ c.CgroupManager = define.SystemdCgroupsManager
+ c.MaxLogSize = -1
+ c.NoPivotRoot = false
+ c.CNIConfigDir = _etcDir + "/cni/net.d/"
+ c.CNIPluginDir = []string{
+ "/usr/libexec/cni",
+ "/usr/lib/cni",
+ "/usr/local/lib/cni",
+ "/opt/cni/bin",
+ }
+ c.CNIDefaultNetwork = "podman"
+ c.InfraCommand = define.DefaultInfraCommand
+ c.InfraImage = define.DefaultInfraImage
+ c.EnablePortReservation = true
+ c.EnableLabeling = true
+ c.NumLocks = 2048
+ c.EventsLogger = events.DefaultEventerType.String()
+ c.DetachKeys = define.DefaultDetachKeys
+ // TODO - ideally we should expose a `type LockType string` along with
+ // constants.
+ c.LockType = "shm"
+
+ if rootless.IsRootless() {
+ home, err := util.HomeDir()
+ if err != nil {
+ return nil, err
+ }
+ sigPath := filepath.Join(home, _defaultRootlessSignaturePolicyPath)
+ if _, err := os.Stat(sigPath); err == nil {
+ c.SignaturePolicyPath = sigPath
+ }
+ }
+ return c, nil
+}
+
+func defaultTmpDir() (string, error) {
+ if !rootless.IsRootless() {
+ return "/var/run/libpod", nil
+ }
+
+ runtimeDir, err := util.GetRuntimeDir()
+ if err != nil {
+ return "", err
+ }
+ libpodRuntimeDir := filepath.Join(runtimeDir, "libpod")
+
+ if err := os.Mkdir(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
+ if !os.IsExist(err) {
+ return "", errors.Wrapf(err, "cannot mkdir %s", libpodRuntimeDir)
+ } else if err := os.Chmod(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
+ // The directory already exist, just set the sticky bit
+ return "", errors.Wrapf(err, "could not set sticky bit on %s", libpodRuntimeDir)
+ }
+ }
+ return filepath.Join(libpodRuntimeDir, "tmp"), nil
+}
diff --git a/libpod/config/merge.go b/libpod/config/merge.go
new file mode 100644
index 000000000..798a63da7
--- /dev/null
+++ b/libpod/config/merge.go
@@ -0,0 +1,183 @@
+package config
+
+import (
+ "path/filepath"
+
+ "github.com/containers/libpod/libpod/define"
+ "github.com/sirupsen/logrus"
+)
+
+// Merge merges the other config into the current one. Note that a field of the
+// other config is only merged when it's not already set in the current one.
+//
+// Note that the StateType and the StorageConfig will NOT be changed.
+func (c *Config) mergeConfig(other *Config) error {
+ // strings
+ c.CgroupManager = mergeStrings(c.CgroupManager, other.CgroupManager)
+ c.CNIConfigDir = mergeStrings(c.CNIConfigDir, other.CNIConfigDir)
+ c.CNIDefaultNetwork = mergeStrings(c.CNIDefaultNetwork, other.CNIDefaultNetwork)
+ c.DefaultMountsFile = mergeStrings(c.DefaultMountsFile, other.DefaultMountsFile)
+ c.DetachKeys = mergeStrings(c.DetachKeys, other.DetachKeys)
+ c.EventsLogFilePath = mergeStrings(c.EventsLogFilePath, other.EventsLogFilePath)
+ c.EventsLogger = mergeStrings(c.EventsLogger, other.EventsLogger)
+ c.ImageDefaultTransport = mergeStrings(c.ImageDefaultTransport, other.ImageDefaultTransport)
+ c.InfraCommand = mergeStrings(c.InfraCommand, other.InfraCommand)
+ c.InfraImage = mergeStrings(c.InfraImage, other.InfraImage)
+ c.InitPath = mergeStrings(c.InitPath, other.InitPath)
+ c.LockType = mergeStrings(c.LockType, other.LockType)
+ c.Namespace = mergeStrings(c.Namespace, other.Namespace)
+ c.NetworkCmdPath = mergeStrings(c.NetworkCmdPath, other.NetworkCmdPath)
+ c.OCIRuntime = mergeStrings(c.OCIRuntime, other.OCIRuntime)
+ c.SignaturePolicyPath = mergeStrings(c.SignaturePolicyPath, other.SignaturePolicyPath)
+ c.StaticDir = mergeStrings(c.StaticDir, other.StaticDir)
+ c.TmpDir = mergeStrings(c.TmpDir, other.TmpDir)
+ c.VolumePath = mergeStrings(c.VolumePath, other.VolumePath)
+
+ // string map of slices
+ c.OCIRuntimes = mergeStringMaps(c.OCIRuntimes, other.OCIRuntimes)
+
+ // string slices
+ c.CNIPluginDir = mergeStringSlices(c.CNIPluginDir, other.CNIPluginDir)
+ c.ConmonEnvVars = mergeStringSlices(c.ConmonEnvVars, other.ConmonEnvVars)
+ c.ConmonPath = mergeStringSlices(c.ConmonPath, other.ConmonPath)
+ c.HooksDir = mergeStringSlices(c.HooksDir, other.HooksDir)
+ c.RuntimePath = mergeStringSlices(c.RuntimePath, other.RuntimePath)
+ c.RuntimeSupportsJSON = mergeStringSlices(c.RuntimeSupportsJSON, other.RuntimeSupportsJSON)
+ c.RuntimeSupportsNoCgroups = mergeStringSlices(c.RuntimeSupportsNoCgroups, other.RuntimeSupportsNoCgroups)
+
+ // int64s
+ c.MaxLogSize = mergeInt64s(c.MaxLogSize, other.MaxLogSize)
+
+ // uint32s
+ c.NumLocks = mergeUint32s(c.NumLocks, other.NumLocks)
+
+ // bools
+ c.EnableLabeling = mergeBools(c.EnableLabeling, other.EnableLabeling)
+ c.EnablePortReservation = mergeBools(c.EnablePortReservation, other.EnablePortReservation)
+ c.NoPivotRoot = mergeBools(c.NoPivotRoot, other.NoPivotRoot)
+ c.SDNotify = mergeBools(c.SDNotify, other.SDNotify)
+
+ // state type
+ if c.StateType == define.InvalidStateStore {
+ c.StateType = other.StateType
+ }
+
+ // store options - need to check all fields since some configs might only
+ // set it partially
+ c.StorageConfig.RunRoot = mergeStrings(c.StorageConfig.RunRoot, other.StorageConfig.RunRoot)
+ c.StorageConfig.GraphRoot = mergeStrings(c.StorageConfig.GraphRoot, other.StorageConfig.GraphRoot)
+ c.StorageConfig.GraphDriverName = mergeStrings(c.StorageConfig.GraphDriverName, other.StorageConfig.GraphDriverName)
+ c.StorageConfig.GraphDriverOptions = mergeStringSlices(c.StorageConfig.GraphDriverOptions, other.StorageConfig.GraphDriverOptions)
+ if c.StorageConfig.UIDMap == nil {
+ c.StorageConfig.UIDMap = other.StorageConfig.UIDMap
+ }
+ if c.StorageConfig.GIDMap == nil {
+ c.StorageConfig.GIDMap = other.StorageConfig.GIDMap
+ }
+
+ // backwards compat *Set fields
+ c.StorageConfigRunRootSet = mergeBools(c.StorageConfigRunRootSet, other.StorageConfigRunRootSet)
+ c.StorageConfigGraphRootSet = mergeBools(c.StorageConfigGraphRootSet, other.StorageConfigGraphRootSet)
+ c.StorageConfigGraphDriverNameSet = mergeBools(c.StorageConfigGraphDriverNameSet, other.StorageConfigGraphDriverNameSet)
+ c.VolumePathSet = mergeBools(c.VolumePathSet, other.VolumePathSet)
+ c.StaticDirSet = mergeBools(c.StaticDirSet, other.StaticDirSet)
+ c.TmpDirSet = mergeBools(c.TmpDirSet, other.TmpDirSet)
+
+ return nil
+}
+
+// MergeDBConfig merges the configuration from the database.
+func (c *Config) MergeDBConfig(dbConfig *DBConfig) error {
+
+ if !c.StorageConfigRunRootSet && dbConfig.StorageTmp != "" {
+ if c.StorageConfig.RunRoot != dbConfig.StorageTmp &&
+ c.StorageConfig.RunRoot != "" {
+ logrus.Debugf("Overriding run root %q with %q from database",
+ c.StorageConfig.RunRoot, dbConfig.StorageTmp)
+ }
+ c.StorageConfig.RunRoot = dbConfig.StorageTmp
+ }
+
+ if !c.StorageConfigGraphRootSet && dbConfig.StorageRoot != "" {
+ if c.StorageConfig.GraphRoot != dbConfig.StorageRoot &&
+ c.StorageConfig.GraphRoot != "" {
+ logrus.Debugf("Overriding graph root %q with %q from database",
+ c.StorageConfig.GraphRoot, dbConfig.StorageRoot)
+ }
+ c.StorageConfig.GraphRoot = dbConfig.StorageRoot
+ }
+
+ if !c.StorageConfigGraphDriverNameSet && dbConfig.GraphDriver != "" {
+ if c.StorageConfig.GraphDriverName != dbConfig.GraphDriver &&
+ c.StorageConfig.GraphDriverName != "" {
+ logrus.Errorf("User-selected graph driver %q overwritten by graph driver %q from database - delete libpod local files to resolve",
+ c.StorageConfig.GraphDriverName, dbConfig.GraphDriver)
+ }
+ c.StorageConfig.GraphDriverName = dbConfig.GraphDriver
+ }
+
+ if !c.StaticDirSet && dbConfig.LibpodRoot != "" {
+ if c.StaticDir != dbConfig.LibpodRoot && c.StaticDir != "" {
+ logrus.Debugf("Overriding static dir %q with %q from database", c.StaticDir, dbConfig.LibpodRoot)
+ }
+ c.StaticDir = dbConfig.LibpodRoot
+ }
+
+ if !c.TmpDirSet && dbConfig.LibpodTmp != "" {
+ if c.TmpDir != dbConfig.LibpodTmp && c.TmpDir != "" {
+ logrus.Debugf("Overriding tmp dir %q with %q from database", c.TmpDir, dbConfig.LibpodTmp)
+ }
+ c.TmpDir = dbConfig.LibpodTmp
+ c.EventsLogFilePath = filepath.Join(dbConfig.LibpodTmp, "events", "events.log")
+ }
+
+ if !c.VolumePathSet && dbConfig.VolumePath != "" {
+ if c.VolumePath != dbConfig.VolumePath && c.VolumePath != "" {
+ logrus.Debugf("Overriding volume path %q with %q from database", c.VolumePath, dbConfig.VolumePath)
+ }
+ c.VolumePath = dbConfig.VolumePath
+ }
+ return nil
+}
+
+func mergeStrings(a, b string) string {
+ if a == "" {
+ return b
+ }
+ return a
+}
+
+func mergeStringSlices(a, b []string) []string {
+ if len(a) == 0 && b != nil {
+ return b
+ }
+ return a
+}
+
+func mergeStringMaps(a, b map[string][]string) map[string][]string {
+ if len(a) == 0 && b != nil {
+ return b
+ }
+ return a
+}
+
+func mergeInt64s(a, b int64) int64 {
+ if a == 0 {
+ return b
+ }
+ return a
+}
+
+func mergeUint32s(a, b uint32) uint32 {
+ if a == 0 {
+ return b
+ }
+ return a
+}
+
+func mergeBools(a, b bool) bool {
+ if !a {
+ return b
+ }
+ return a
+}
diff --git a/libpod/config/merge_test.go b/libpod/config/merge_test.go
new file mode 100644
index 000000000..eb450b273
--- /dev/null
+++ b/libpod/config/merge_test.go
@@ -0,0 +1,157 @@
+package config
+
+import (
+ "testing"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func TestMergeStrings(t *testing.T) {
+ testData := []struct {
+ a string
+ b string
+ res string
+ }{
+ {"", "", ""},
+ {"a", "", "a"},
+ {"a", "b", "a"},
+ {"", "b", "b"},
+ }
+ for _, data := range testData {
+ res := mergeStrings(data.a, data.b)
+ assert.Equal(t, data.res, res)
+ }
+}
+
+func TestMergeStringSlices(t *testing.T) {
+ testData := []struct {
+ a []string
+ b []string
+ res []string
+ }{
+ {
+ nil, nil, nil,
+ },
+ {
+ nil,
+ []string{},
+ []string{},
+ },
+ {
+ []string{},
+ nil,
+ []string{},
+ },
+ {
+ []string{},
+ []string{},
+ []string{},
+ },
+ {
+ []string{"a"},
+ []string{},
+ []string{"a"},
+ },
+ {
+ []string{"a"},
+ []string{"b"},
+ []string{"a"},
+ },
+ {
+ []string{},
+ []string{"b"},
+ []string{"b"},
+ },
+ }
+ for _, data := range testData {
+ res := mergeStringSlices(data.a, data.b)
+ assert.Equal(t, data.res, res)
+ }
+}
+
+func TestMergeStringMaps(t *testing.T) {
+ testData := []struct {
+ a map[string][]string
+ b map[string][]string
+ res map[string][]string
+ }{
+ {
+ nil, nil, nil,
+ },
+ {
+ nil,
+ map[string][]string{},
+ map[string][]string{}},
+ {
+ map[string][]string{"a": {"a"}},
+ nil,
+ map[string][]string{"a": {"a"}},
+ },
+ {
+ nil,
+ map[string][]string{"b": {"b"}},
+ map[string][]string{"b": {"b"}},
+ },
+ {
+ map[string][]string{"a": {"a"}},
+ map[string][]string{"b": {"b"}},
+ map[string][]string{"a": {"a"}},
+ },
+ }
+ for _, data := range testData {
+ res := mergeStringMaps(data.a, data.b)
+ assert.Equal(t, data.res, res)
+ }
+}
+
+func TestMergeInts64(t *testing.T) {
+ testData := []struct {
+ a int64
+ b int64
+ res int64
+ }{
+ {int64(0), int64(0), int64(0)},
+ {int64(1), int64(0), int64(1)},
+ {int64(0), int64(1), int64(1)},
+ {int64(2), int64(1), int64(2)},
+ {int64(-1), int64(1), int64(-1)},
+ {int64(0), int64(-1), int64(-1)},
+ }
+ for _, data := range testData {
+ res := mergeInt64s(data.a, data.b)
+ assert.Equal(t, data.res, res)
+ }
+}
+func TestMergeUint32(t *testing.T) {
+ testData := []struct {
+ a uint32
+ b uint32
+ res uint32
+ }{
+ {uint32(0), uint32(0), uint32(0)},
+ {uint32(1), uint32(0), uint32(1)},
+ {uint32(0), uint32(1), uint32(1)},
+ {uint32(2), uint32(1), uint32(2)},
+ }
+ for _, data := range testData {
+ res := mergeUint32s(data.a, data.b)
+ assert.Equal(t, data.res, res)
+ }
+}
+
+func TestMergeBools(t *testing.T) {
+ testData := []struct {
+ a bool
+ b bool
+ res bool
+ }{
+ {false, false, false},
+ {true, false, true},
+ {false, true, true},
+ {true, true, true},
+ }
+ for _, data := range testData {
+ res := mergeBools(data.a, data.b)
+ assert.Equal(t, data.res, res)
+ }
+}
diff --git a/libpod/config/testdata/empty.conf b/libpod/config/testdata/empty.conf
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/libpod/config/testdata/empty.conf
diff --git a/libpod/config/testdata/libpod.conf b/libpod/config/testdata/libpod.conf
new file mode 120000
index 000000000..17d09fe4a
--- /dev/null
+++ b/libpod/config/testdata/libpod.conf
@@ -0,0 +1 @@
+../../../libpod.conf \ No newline at end of file
diff --git a/libpod/container.go b/libpod/container.go
index 5a7cf202b..8e24391b9 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -1059,9 +1059,9 @@ func (c *Container) NamespacePath(linuxNS LinuxNS) (string, error) { //nolint:in
// CGroupPath returns a cgroups "path" for a given container.
func (c *Container) CGroupPath() (string, error) {
switch c.runtime.config.CgroupManager {
- case CgroupfsCgroupsManager:
+ case define.CgroupfsCgroupsManager:
return filepath.Join(c.config.CgroupParent, fmt.Sprintf("libpod-%s", c.ID())), nil
- case SystemdCgroupsManager:
+ case define.SystemdCgroupsManager:
if rootless.IsRootless() {
uid := rootless.GetRootlessUID()
return filepath.Join(c.config.CgroupParent, fmt.Sprintf("user-%d.slice/user@%d.service/user.slice", uid, uid), createUnitName("libpod", c.ID())), nil
diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go
index d28d37937..66aca23ed 100644
--- a/libpod/container_inspect.go
+++ b/libpod/container_inspect.go
@@ -1322,9 +1322,9 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named
// Need to check if it's the default, and not print if so.
defaultCgroupParent := ""
switch c.runtime.config.CgroupManager {
- case CgroupfsCgroupsManager:
+ case define.CgroupfsCgroupsManager:
defaultCgroupParent = CgroupfsDefaultCgroupParent
- case SystemdCgroupsManager:
+ case define.SystemdCgroupsManager:
defaultCgroupParent = SystemdDefaultCgroupParent
}
if c.config.CgroupParent != defaultCgroupParent {
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 283d38a0f..94184b6eb 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -1326,14 +1326,14 @@ func (c *Container) getOCICgroupPath() (string, error) {
}
if (rootless.IsRootless() && !unified) || c.config.NoCgroups {
return "", nil
- } else if c.runtime.config.CgroupManager == SystemdCgroupsManager {
+ } else if c.runtime.config.CgroupManager == define.SystemdCgroupsManager {
// When runc is set to use Systemd as a cgroup manager, it
// expects cgroups to be passed as follows:
// slice:prefix:name
systemdCgroups := fmt.Sprintf("%s:libpod:%s", path.Base(c.config.CgroupParent), c.ID())
logrus.Debugf("Setting CGroups for container %s to %s", c.ID(), systemdCgroups)
return systemdCgroups, nil
- } else if c.runtime.config.CgroupManager == CgroupfsCgroupsManager {
+ } else if c.runtime.config.CgroupManager == define.CgroupfsCgroupsManager {
cgroupPath, err := c.CGroupPath()
if err != nil {
return "", err
diff --git a/libpod/define/config.go b/libpod/define/config.go
index c66f67feb..8bd59be75 100644
--- a/libpod/define/config.go
+++ b/libpod/define/config.go
@@ -7,11 +7,23 @@ var (
DefaultInfraImage = "k8s.gcr.io/pause:3.1"
// DefaultInfraCommand to be run in an infra container
DefaultInfraCommand = "/pause"
+ // DefaultSHMLockPath is the default path for SHM locks
+ DefaultSHMLockPath = "/libpod_lock"
+ // DefaultRootlessSHMLockPath is the default path for rootless SHM locks
+ DefaultRootlessSHMLockPath = "/libpod_rootless_lock"
+ // DefaultDetachKeys is the default keys sequence for detaching a
+ // container
+ DefaultDetachKeys = "ctrl-p,ctrl-q"
)
-// CtrRemoveTimeout is the default number of seconds to wait after stopping a container
-// before sending the kill signal
-const CtrRemoveTimeout = 10
+const (
+ // CtrRemoveTimeout is the default number of seconds to wait after stopping a container
+ // before sending the kill signal
+ CtrRemoveTimeout = 10
+ // DefaultTransport is a prefix that we apply to an image name
+ // to check docker hub first for the image
+ DefaultTransport = "docker://"
+)
// InfoData holds the info type, i.e store, host etc and the data for each type
type InfoData struct {
diff --git a/libpod/define/runtime.go b/libpod/define/runtime.go
new file mode 100644
index 000000000..4d8c6cb4d
--- /dev/null
+++ b/libpod/define/runtime.go
@@ -0,0 +1,37 @@
+package define
+
+import "time"
+
+// RuntimeStateStore is a constant indicating which state store implementation
+// should be used by libpod
+type RuntimeStateStore int
+
+const (
+ // InvalidStateStore is an invalid state store
+ InvalidStateStore RuntimeStateStore = iota
+ // InMemoryStateStore is an in-memory state that will not persist data
+ // on containers and pods between libpod instances or after system
+ // reboot
+ InMemoryStateStore RuntimeStateStore = iota
+ // SQLiteStateStore is a state backed by a SQLite database
+ // It is presently disabled
+ SQLiteStateStore RuntimeStateStore = iota
+ // BoltDBStateStore is a state backed by a BoltDB database
+ BoltDBStateStore RuntimeStateStore = iota
+ // CgroupfsCgroupsManager represents cgroupfs native cgroup manager
+ CgroupfsCgroupsManager = "cgroupfs"
+ // SystemdCgroupsManager represents systemd native cgroup manager
+ SystemdCgroupsManager = "systemd"
+ // ContainerCreateTimeout is the timeout before we decide we've failed
+ // to create a container.
+ // TODO: Make this generic - all OCI runtime operations should use the
+ // same timeout, this one.
+ // TODO: Consider dropping from 240 to 60 seconds. I don't think waiting
+ // 4 minutes versus 1 minute makes a real difference.
+ ContainerCreateTimeout = 240 * time.Second
+ // DefaultShmSize is the default shm size
+ DefaultShmSize = 64 * 1024 * 1024
+ // NsRunDir is the default directory in which running network namespaces
+ // are stored
+ NsRunDir = "/var/run/netns"
+)
diff --git a/libpod/in_memory_state.go b/libpod/in_memory_state.go
index 5ab258772..2144671a5 100644
--- a/libpod/in_memory_state.go
+++ b/libpod/in_memory_state.go
@@ -3,6 +3,7 @@ package libpod
import (
"strings"
+ "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/registrar"
"github.com/containers/storage/pkg/truncindex"
@@ -80,8 +81,8 @@ func (s *InMemoryState) Refresh() error {
// GetDBConfig is not implemented for in-memory state.
// As we do not store a config, return an empty one.
-func (s *InMemoryState) GetDBConfig() (*DBConfig, error) {
- return &DBConfig{}, nil
+func (s *InMemoryState) GetDBConfig() (*config.DBConfig, error) {
+ return &config.DBConfig{}, nil
}
// ValidateDBConfig is not implemented for the in-memory state.
diff --git a/libpod/oci_attach_linux.go b/libpod/oci_attach_linux.go
index a383f6eab..eeaee6d43 100644
--- a/libpod/oci_attach_linux.go
+++ b/libpod/oci_attach_linux.go
@@ -152,7 +152,7 @@ func (c *Container) attachToExec(streams *AttachStreams, keys string, resize <-c
func processDetachKeys(keys string) ([]byte, error) {
// Check the validity of the provided keys first
if len(keys) == 0 {
- keys = DefaultDetachKeys
+ keys = define.DefaultDetachKeys
}
detachKeys, err := term.ToBytes(keys)
if err != nil {
diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go
index 2798c3043..026b13129 100644
--- a/libpod/oci_conmon_linux.go
+++ b/libpod/oci_conmon_linux.go
@@ -16,6 +16,7 @@ import (
"syscall"
"time"
+ "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/errorhandling"
@@ -58,7 +59,7 @@ type ConmonOCIRuntime struct {
// The first path that points to a valid executable will be used.
// Deliberately private. Someone should not be able to construct this outside of
// libpod.
-func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtimeCfg *RuntimeConfig, supportsJSON, supportsNoCgroups bool) (OCIRuntime, error) {
+func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtimeCfg *config.Config, supportsJSON, supportsNoCgroups bool) (OCIRuntime, error) {
if name == "" {
return nil, errors.Wrapf(define.ErrInvalidArg, "the OCI runtime must be provided a non-empty name")
}
@@ -114,7 +115,7 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime
runtime.exitsDir = filepath.Join(runtime.tmpDir, "exits")
runtime.socketsDir = filepath.Join(runtime.tmpDir, "socket")
- if runtime.cgroupManager != CgroupfsCgroupsManager && runtime.cgroupManager != SystemdCgroupsManager {
+ if runtime.cgroupManager != define.CgroupfsCgroupsManager && runtime.cgroupManager != define.SystemdCgroupsManager {
return nil, errors.Wrapf(define.ErrInvalidArg, "invalid cgroup manager specified: %s", runtime.cgroupManager)
}
@@ -1092,7 +1093,7 @@ func (r *ConmonOCIRuntime) configureConmonEnv(runtimeDir string) ([]string, []*o
env = append(env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir))
env = append(env, fmt.Sprintf("_CONTAINERS_USERNS_CONFIGURED=%s", os.Getenv("_CONTAINERS_USERNS_CONFIGURED")))
env = append(env, fmt.Sprintf("_CONTAINERS_ROOTLESS_UID=%s", os.Getenv("_CONTAINERS_ROOTLESS_UID")))
- home, err := homeDir()
+ home, err := util.HomeDir()
if err != nil {
return nil, nil, err
}
@@ -1118,7 +1119,7 @@ func (r *ConmonOCIRuntime) configureConmonEnv(runtimeDir string) ([]string, []*o
func (r *ConmonOCIRuntime) sharedConmonArgs(ctr *Container, cuuid, bundlePath, pidPath, logPath, exitDir, ociLogPath string) []string {
// set the conmon API version to be able to use the correct sync struct keys
args := []string{"--api-version", "1"}
- if r.cgroupManager == SystemdCgroupsManager && !ctr.config.NoCgroups {
+ if r.cgroupManager == define.SystemdCgroupsManager && !ctr.config.NoCgroups {
args = append(args, "-s")
}
args = append(args, "-c", ctr.ID())
@@ -1220,17 +1221,9 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec
mustCreateCgroup = false
}
- if rootless.IsRootless() {
- ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup()
- if err != nil {
- return err
- }
- mustCreateCgroup = !ownsCgroup
- }
-
if mustCreateCgroup {
cgroupParent := ctr.CgroupParent()
- if r.cgroupManager == SystemdCgroupsManager {
+ if r.cgroupManager == define.SystemdCgroupsManager {
unitName := createUnitName("libpod-conmon", ctr.ID())
realCgroupParent := cgroupParent
@@ -1353,7 +1346,7 @@ func readConmonPipeData(pipe *os.File, ociLog string) (int, error) {
return ss.si.Data, errors.Wrapf(define.ErrInternal, "container create failed")
}
data = ss.si.Data
- case <-time.After(ContainerCreateTimeout):
+ case <-time.After(define.ContainerCreateTimeout):
return -1, errors.Wrapf(define.ErrInternal, "container creation timeout")
}
return data, nil
diff --git a/libpod/oci_conmon_unsupported.go b/libpod/oci_conmon_unsupported.go
index 77b06eed3..a2f52f527 100644
--- a/libpod/oci_conmon_unsupported.go
+++ b/libpod/oci_conmon_unsupported.go
@@ -3,6 +3,7 @@
package libpod
import (
+ "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
)
@@ -15,7 +16,7 @@ type ConmonOCIRuntime struct {
}
// newConmonOCIRuntime is not supported on this OS.
-func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtimeCfg *RuntimeConfig, supportsJSON, supportsNoCgroups bool) (OCIRuntime, error) {
+func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtimeCfg *config.Config, supportsJSON, supportsNoCgroups bool) (OCIRuntime, error) {
return nil, define.ErrNotImplemented
}
diff --git a/libpod/oci_util.go b/libpod/oci_util.go
index cb85b153d..c1a7f1c9a 100644
--- a/libpod/oci_util.go
+++ b/libpod/oci_util.go
@@ -14,29 +14,9 @@ import (
"github.com/sirupsen/logrus"
)
-const (
- // CgroupfsCgroupsManager represents cgroupfs native cgroup manager
- CgroupfsCgroupsManager = "cgroupfs"
- // SystemdCgroupsManager represents systemd native cgroup manager
- SystemdCgroupsManager = "systemd"
-
- // ContainerCreateTimeout is the timeout before we decide we've failed
- // to create a container.
- // TODO: Make this generic - all OCI runtime operations should use the
- // same timeout, this one.
- // TODO: Consider dropping from 240 to 60 seconds. I don't think waiting
- // 4 minutes versus 1 minute makes a real difference.
- ContainerCreateTimeout = 240 * time.Second
-
- // Timeout before declaring that runtime has failed to kill a given
- // container
- killContainerTimeout = 5 * time.Second
- // DefaultShmSize is the default shm size
- DefaultShmSize = 64 * 1024 * 1024
- // NsRunDir is the default directory in which running network namespaces
- // are stored
- NsRunDir = "/var/run/netns"
-)
+// Timeout before declaring that runtime has failed to kill a given
+// container
+const killContainerTimeout = 5 * time.Second
// ociError is used to parse the OCI runtime JSON log. It is not part of the
// OCI runtime specifications, it follows what runc does
diff --git a/libpod/options.go b/libpod/options.go
index f79c75e98..66e8ef93c 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -39,30 +39,30 @@ func WithStorageConfig(config storage.StoreOptions) RuntimeOption {
if config.RunRoot != "" {
rt.config.StorageConfig.RunRoot = config.RunRoot
- rt.configuredFrom.storageRunRootSet = true
+ rt.config.StorageConfigRunRootSet = true
setField = true
}
if config.GraphRoot != "" {
rt.config.StorageConfig.GraphRoot = config.GraphRoot
- rt.configuredFrom.storageGraphRootSet = true
+ rt.config.StorageConfigGraphRootSet = true
// Also set libpod static dir, so we are a subdirectory
// of the c/storage store by default
rt.config.StaticDir = filepath.Join(config.GraphRoot, "libpod")
- rt.configuredFrom.libpodStaticDirSet = true
+ rt.config.StaticDirSet = true
// Also set libpod volume path, so we are a subdirectory
// of the c/storage store by default
rt.config.VolumePath = filepath.Join(config.GraphRoot, "volumes")
- rt.configuredFrom.volPathSet = true
+ rt.config.VolumePathSet = true
setField = true
}
if config.GraphDriverName != "" {
rt.config.StorageConfig.GraphDriverName = config.GraphDriverName
- rt.configuredFrom.storageGraphDriverSet = true
+ rt.config.StorageConfigGraphDriverNameSet = true
setField = true
}
@@ -135,13 +135,13 @@ func WithSignaturePolicy(path string) RuntimeOption {
// Please note that information is not portable between backing states.
// As such, if this differs between two libpods running on the same system,
// they will not share containers, and unspecified behavior may occur.
-func WithStateType(storeType RuntimeStateStore) RuntimeOption {
+func WithStateType(storeType define.RuntimeStateStore) RuntimeOption {
return func(rt *Runtime) error {
if rt.valid {
return define.ErrRuntimeFinalized
}
- if storeType == InvalidStateStore {
+ if storeType == define.InvalidStateStore {
return errors.Wrapf(define.ErrInvalidArg, "must provide a valid state store type")
}
@@ -224,9 +224,9 @@ func WithCgroupManager(manager string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- if manager != CgroupfsCgroupsManager && manager != SystemdCgroupsManager {
+ if manager != define.CgroupfsCgroupsManager && manager != define.SystemdCgroupsManager {
return errors.Wrapf(define.ErrInvalidArg, "CGroup manager must be one of %s and %s",
- CgroupfsCgroupsManager, SystemdCgroupsManager)
+ define.CgroupfsCgroupsManager, define.SystemdCgroupsManager)
}
rt.config.CgroupManager = manager
@@ -244,7 +244,7 @@ func WithStaticDir(dir string) RuntimeOption {
}
rt.config.StaticDir = dir
- rt.configuredFrom.libpodStaticDirSet = true
+ rt.config.StaticDirSet = true
return nil
}
@@ -295,7 +295,7 @@ func WithTmpDir(dir string) RuntimeOption {
return define.ErrRuntimeFinalized
}
rt.config.TmpDir = dir
- rt.configuredFrom.libpodTmpDirSet = true
+ rt.config.TmpDirSet = true
return nil
}
@@ -395,7 +395,7 @@ func WithVolumePath(volPath string) RuntimeOption {
}
rt.config.VolumePath = volPath
- rt.configuredFrom.volPathSet = true
+ rt.config.VolumePathSet = true
return nil
}
diff --git a/libpod/pod_internal.go b/libpod/pod_internal.go
index 7aacda482..b5895d133 100644
--- a/libpod/pod_internal.go
+++ b/libpod/pod_internal.go
@@ -66,13 +66,13 @@ func (p *Pod) refresh() error {
// We need to recreate the pod's cgroup
if p.config.UsePodCgroup {
switch p.runtime.config.CgroupManager {
- case SystemdCgroupsManager:
+ case define.SystemdCgroupsManager:
cgroupPath, err := systemdSliceFromPath(p.config.CgroupParent, fmt.Sprintf("libpod_pod_%s", p.ID()))
if err != nil {
logrus.Errorf("Error creating CGroup for pod %s: %v", p.ID(), err)
}
p.state.CgroupPath = cgroupPath
- case CgroupfsCgroupsManager:
+ case define.CgroupfsCgroupsManager:
p.state.CgroupPath = filepath.Join(p.config.CgroupParent, p.ID())
logrus.Debugf("setting pod cgroup to %s", p.state.CgroupPath)
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 300477c09..42e6782e9 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -1,28 +1,21 @@
package libpod
import (
- "bytes"
"context"
"fmt"
- "io/ioutil"
"os"
- "os/exec"
- "os/user"
"path/filepath"
- "regexp"
- "strconv"
"strings"
"sync"
"syscall"
- "github.com/BurntSushi/toml"
is "github.com/containers/image/v5/storage"
"github.com/containers/image/v5/types"
+ "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/events"
"github.com/containers/libpod/libpod/image"
"github.com/containers/libpod/libpod/lock"
- "github.com/containers/libpod/pkg/cgroups"
sysreg "github.com/containers/libpod/pkg/registries"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/util"
@@ -33,75 +26,13 @@ import (
"github.com/sirupsen/logrus"
)
-// RuntimeStateStore is a constant indicating which state store implementation
-// should be used by libpod
-type RuntimeStateStore int
-
-const (
- // InvalidStateStore is an invalid state store
- InvalidStateStore RuntimeStateStore = iota
- // InMemoryStateStore is an in-memory state that will not persist data
- // on containers and pods between libpod instances or after system
- // reboot
- InMemoryStateStore RuntimeStateStore = iota
- // SQLiteStateStore is a state backed by a SQLite database
- // It is presently disabled
- SQLiteStateStore RuntimeStateStore = iota
- // BoltDBStateStore is a state backed by a BoltDB database
- BoltDBStateStore RuntimeStateStore = iota
-)
-
-var (
- // InstallPrefix is the prefix where podman will be installed.
- // It can be overridden at build time.
- installPrefix = "/usr"
- // EtcDir is the sysconfdir where podman should look for system config files.
- // It can be overridden at build time.
- etcDir = "/etc"
-
- // SeccompDefaultPath defines the default seccomp path
- SeccompDefaultPath = installPrefix + "/share/containers/seccomp.json"
- // SeccompOverridePath if this exists it overrides the default seccomp path
- SeccompOverridePath = etcDir + "/crio/seccomp.json"
-
- // ConfigPath is the path to the libpod configuration file
- // This file is loaded to replace the builtin default config before
- // runtime options (e.g. WithStorageConfig) are applied.
- // If it is not present, the builtin default config is used instead
- // This path can be overridden when the runtime is created by using
- // NewRuntimeFromConfig() instead of NewRuntime()
- ConfigPath = installPrefix + "/share/containers/libpod.conf"
- // OverrideConfigPath is the path to an override for the default libpod
- // configuration file. If OverrideConfigPath exists, it will be used in
- // place of the configuration file pointed to by ConfigPath.
- OverrideConfigPath = etcDir + "/containers/libpod.conf"
-
- // DefaultSHMLockPath is the default path for SHM locks
- DefaultSHMLockPath = "/libpod_lock"
- // DefaultRootlessSHMLockPath is the default path for rootless SHM locks
- DefaultRootlessSHMLockPath = "/libpod_rootless_lock"
-
- // DefaultDetachKeys is the default keys sequence for detaching a
- // container
- DefaultDetachKeys = "ctrl-p,ctrl-q"
-
- // minConmonMajor is the major version required for conmon
- minConmonMajor = 2
-
- // minConmonMinor is the minor version required for conmon
- minConmonMinor = 0
-
- // minConmonPatch is the sub-minor version required for conmon
- minConmonPatch = 1
-)
-
// A RuntimeOption is a functional option which alters the Runtime created by
// NewRuntime
type RuntimeOption func(*Runtime) error
// Runtime is the core libpod runtime
type Runtime struct {
- config *RuntimeConfig
+ config *config.Config
state State
store storage.Store
@@ -113,7 +44,6 @@ type Runtime struct {
conmonPath string
imageRuntime *image.Runtime
lockManager lock.Manager
- configuredFrom *runtimeConfiguredFrom
// doRenumber indicates that the runtime should perform a lock renumber
// during initialization.
@@ -141,223 +71,6 @@ type Runtime struct {
noStore bool
}
-// RuntimeConfig contains configuration options used to set up the runtime
-type RuntimeConfig struct {
- // StorageConfig is the configuration used by containers/storage
- // Not included in on-disk config, use the dedicated containers/storage
- // configuration file instead
- StorageConfig storage.StoreOptions `toml:"-"`
- // VolumePath is the default location that named volumes will be created
- // under. This convention is followed by the default volume driver, but
- // may not be by other drivers.
- VolumePath string `toml:"volume_path"`
- // ImageDefaultTransport is the default transport method used to fetch
- // images
- ImageDefaultTransport string `toml:"image_default_transport"`
- // SignaturePolicyPath is the path to a signature policy to use for
- // validating images
- // If left empty, the containers/image default signature policy will
- // be used
- SignaturePolicyPath string `toml:"signature_policy_path,omitempty"`
- // StateType is the type of the backing state store.
- // Avoid using multiple values for this with the same containers/storage
- // configuration on the same system. Different state types do not
- // interact, and each will see a separate set of containers, which may
- // cause conflicts in containers/storage
- // As such this is not exposed via the config file
- StateType RuntimeStateStore `toml:"-"`
- // OCIRuntime is the OCI runtime to use.
- OCIRuntime string `toml:"runtime"`
- // OCIRuntimes are the set of configured OCI runtimes (default is runc)
- OCIRuntimes map[string][]string `toml:"runtimes"`
- // RuntimeSupportsJSON is the list of the OCI runtimes that support
- // --format=json.
- RuntimeSupportsJSON []string `toml:"runtime_supports_json"`
- // RuntimeSupportsNoCgroups is a list of OCI runtimes that support
- // running containers without CGroups.
- RuntimeSupportsNoCgroups []string `toml:"runtime_supports_nocgroups"`
- // RuntimePath is the path to OCI runtime binary for launching
- // containers.
- // The first path pointing to a valid file will be used
- // This is used only when there are no OCIRuntime/OCIRuntimes defined. It
- // is used only to be backward compatible with older versions of Podman.
- RuntimePath []string `toml:"runtime_path"`
- // ConmonPath is the path to the Conmon binary used for managing
- // containers
- // The first path pointing to a valid file will be used
- ConmonPath []string `toml:"conmon_path"`
- // ConmonEnvVars are environment variables to pass to the Conmon binary
- // when it is launched
- ConmonEnvVars []string `toml:"conmon_env_vars"`
- // CGroupManager is the CGroup Manager to use
- // Valid values are "cgroupfs" and "systemd"
- CgroupManager string `toml:"cgroup_manager"`
- // InitPath is the path to the container-init binary.
- InitPath string `toml:"init_path"`
- // StaticDir is the path to a persistent directory to store container
- // files
- StaticDir string `toml:"static_dir"`
- // TmpDir is the path to a temporary directory to store per-boot
- // container files
- // Must be stored in a tmpfs
- TmpDir string `toml:"tmp_dir"`
- // MaxLogSize is the maximum size of container logfiles
- MaxLogSize int64 `toml:"max_log_size,omitempty"`
- // NoPivotRoot sets whether to set no-pivot-root in the OCI runtime
- NoPivotRoot bool `toml:"no_pivot_root"`
- // CNIConfigDir sets the directory where CNI configuration files are
- // stored
- CNIConfigDir string `toml:"cni_config_dir"`
- // CNIPluginDir sets a number of directories where the CNI network
- // plugins can be located
- CNIPluginDir []string `toml:"cni_plugin_dir"`
- // CNIDefaultNetwork is the network name of the default CNI network
- // to attach pods to
- CNIDefaultNetwork string `toml:"cni_default_network,omitempty"`
- // HooksDir holds paths to the directories containing hooks
- // configuration files. When the same filename is present in in
- // multiple directories, the file in the directory listed last in
- // this slice takes precedence.
- HooksDir []string `toml:"hooks_dir"`
- // DefaultMountsFile is the path to the default mounts file for testing
- // purposes only
- DefaultMountsFile string `toml:"-"`
- // Namespace is the libpod namespace to use.
- // Namespaces are used to create scopes to separate containers and pods
- // in the state.
- // When namespace is set, libpod will only view containers and pods in
- // the same namespace. All containers and pods created will default to
- // the namespace set here.
- // A namespace of "", the empty string, is equivalent to no namespace,
- // and all containers and pods will be visible.
- // The default namespace is "".
- Namespace string `toml:"namespace,omitempty"`
-
- // InfraImage is the image a pod infra container will use to manage namespaces
- InfraImage string `toml:"infra_image"`
- // InfraCommand is the command run to start up a pod infra container
- InfraCommand string `toml:"infra_command"`
- // EnablePortReservation determines whether libpod will reserve ports on
- // the host when they are forwarded to containers.
- // When enabled, when ports are forwarded to containers, they are
- // held open by conmon as long as the container is running, ensuring
- // that they cannot be reused by other programs on the host.
- // However, this can cause significant memory usage if a container has
- // many ports forwarded to it. Disabling this can save memory.
- EnablePortReservation bool `toml:"enable_port_reservation"`
- // EnableLabeling indicates wether libpod will support container labeling
- EnableLabeling bool `toml:"label"`
- // NetworkCmdPath is the path to the slirp4netns binary
- NetworkCmdPath string `toml:"network_cmd_path"`
-
- // NumLocks is the number of locks to make available for containers and
- // pods.
- NumLocks uint32 `toml:"num_locks,omitempty"`
-
- // LockType is the type of locking to use.
- LockType string `toml:"lock_type,omitempty"`
-
- // EventsLogger determines where events should be logged
- EventsLogger string `toml:"events_logger"`
- // EventsLogFilePath is where the events log is stored.
- EventsLogFilePath string `toml:"events_logfile_path"`
- //DetachKeys is the sequence of keys used to detach a container
- DetachKeys string `toml:"detach_keys"`
-
- // SDNotify tells Libpod to allow containers to notify the host
- // systemd of readiness using the SD_NOTIFY mechanism
- SDNotify bool
- // CgroupCheck verifies if the cgroup check for correct OCI runtime has been done.
- CgroupCheck bool `toml:"cgroup_check,omitempty"`
-}
-
-// runtimeConfiguredFrom is a struct used during early runtime init to help
-// assemble the full RuntimeConfig struct from defaults.
-// It indicated whether several fields in the runtime configuration were set
-// explicitly.
-// If they were not, we may override them with information from the database,
-// if it exists and differs from what is present in the system already.
-type runtimeConfiguredFrom struct {
- storageGraphDriverSet bool
- storageGraphRootSet bool
- storageRunRootSet bool
- libpodStaticDirSet bool
- libpodTmpDirSet bool
- volPathSet bool
- conmonPath bool
- conmonEnvVars bool
- initPath bool
- ociRuntimes bool
- runtimePath bool
- cniPluginDir bool
- noPivotRoot bool
- runtimeSupportsJSON bool
- runtimeSupportsNoCgroups bool
- ociRuntime bool
-}
-
-func defaultRuntimeConfig() (RuntimeConfig, error) {
- storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID())
- if err != nil {
- return RuntimeConfig{}, err
- }
- graphRoot := storeOpts.GraphRoot
- if graphRoot == "" {
- logrus.Warnf("Storage configuration is unset - using hardcoded default paths")
- graphRoot = "/var/lib/containers/storage"
- }
- volumePath := filepath.Join(graphRoot, "volumes")
- staticDir := filepath.Join(graphRoot, "libpod")
- return RuntimeConfig{
- // Leave this empty so containers/storage will use its defaults
- StorageConfig: storage.StoreOptions{},
- VolumePath: volumePath,
- ImageDefaultTransport: DefaultTransport,
- StateType: BoltDBStateStore,
- OCIRuntime: "runc",
- OCIRuntimes: map[string][]string{
- "runc": {
- "/usr/bin/runc",
- "/usr/sbin/runc",
- "/usr/local/bin/runc",
- "/usr/local/sbin/runc",
- "/sbin/runc",
- "/bin/runc",
- "/usr/lib/cri-o-runc/sbin/runc",
- "/run/current-system/sw/bin/runc",
- },
- },
- ConmonPath: []string{
- "/usr/libexec/podman/conmon",
- "/usr/local/lib/podman/conmon",
- "/usr/bin/conmon",
- "/usr/sbin/conmon",
- "/usr/local/bin/conmon",
- "/usr/local/sbin/conmon",
- "/run/current-system/sw/bin/conmon",
- },
- ConmonEnvVars: []string{
- "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
- },
- InitPath: define.DefaultInitPath,
- CgroupManager: SystemdCgroupsManager,
- StaticDir: staticDir,
- TmpDir: "",
- MaxLogSize: -1,
- NoPivotRoot: false,
- CNIConfigDir: etcDir + "/cni/net.d/",
- CNIPluginDir: []string{"/usr/libexec/cni", "/usr/lib/cni", "/usr/local/lib/cni", "/opt/cni/bin"},
- InfraCommand: define.DefaultInfraCommand,
- InfraImage: define.DefaultInfraImage,
- EnablePortReservation: true,
- EnableLabeling: true,
- NumLocks: 2048,
- EventsLogger: events.DefaultEventerType.String(),
- DetachKeys: DefaultDetachKeys,
- LockType: "shm",
- }, nil
-}
-
// SetXdgDirs ensures the XDG_RUNTIME_DIR env and XDG_CONFIG_HOME variables are set.
// containers/image uses XDG_RUNTIME_DIR to locate the auth file, XDG_CONFIG_HOME is
// use for the libpod.conf configuration file.
@@ -400,28 +113,6 @@ func SetXdgDirs() error {
return nil
}
-func getDefaultTmpDir() (string, error) {
- if !rootless.IsRootless() {
- return "/var/run/libpod", nil
- }
-
- runtimeDir, err := util.GetRuntimeDir()
- if err != nil {
- return "", err
- }
- libpodRuntimeDir := filepath.Join(runtimeDir, "libpod")
-
- if err := os.Mkdir(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
- if !os.IsExist(err) {
- return "", errors.Wrapf(err, "cannot mkdir %s", libpodRuntimeDir)
- } else if err := os.Chmod(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
- // The directory already exist, just set the sticky bit
- return "", errors.Wrapf(err, "could not set sticky bit on %s", libpodRuntimeDir)
- }
- }
- return filepath.Join(libpodRuntimeDir, "tmp"), nil
-}
-
// NewRuntime creates a new container runtime
// Options can be passed to override the default configuration for the runtime
func NewRuntime(ctx context.Context, options ...RuntimeOption) (runtime *Runtime, err error) {
@@ -440,260 +131,14 @@ func NewRuntimeFromConfig(ctx context.Context, userConfigPath string, options ..
return newRuntimeFromConfig(ctx, userConfigPath, options...)
}
-func homeDir() (string, error) {
- home := os.Getenv("HOME")
- if home == "" {
- usr, err := user.LookupId(fmt.Sprintf("%d", rootless.GetRootlessUID()))
- if err != nil {
- return "", errors.Wrapf(err, "unable to resolve HOME directory")
- }
- home = usr.HomeDir
- }
- return home, nil
-}
-
-func getRootlessConfigPath() (string, error) {
- home, err := homeDir()
- if err != nil {
- return "", err
- }
-
- return filepath.Join(home, ".config/containers/libpod.conf"), nil
-}
-
-func getConfigPath() (string, error) {
- if rootless.IsRootless() {
- path, err := getRootlessConfigPath()
- if err != nil {
- return "", err
- }
- if _, err := os.Stat(path); err == nil {
- return path, nil
- }
- return "", err
- }
- if _, err := os.Stat(OverrideConfigPath); err == nil {
- // Use the override configuration path
- return OverrideConfigPath, nil
- }
- if _, err := os.Stat(ConfigPath); err == nil {
- return ConfigPath, nil
- }
- return "", nil
-}
-
-// DefaultRuntimeConfig reads default config path and returns the RuntimeConfig
-func DefaultRuntimeConfig() (*RuntimeConfig, error) {
- configPath, err := getConfigPath()
- if err != nil {
- return nil, err
- }
-
- contents, err := ioutil.ReadFile(configPath)
- if err != nil {
- return nil, errors.Wrapf(err, "error reading configuration file %s", configPath)
- }
-
- // This is ugly, but we need to decode twice.
- // Once to check if libpod static and tmp dirs were explicitly
- // set (not enough to check if they're not the default value,
- // might have been explicitly configured to the default).
- // A second time to actually get a usable config.
- tmpConfig := new(RuntimeConfig)
- if _, err := toml.Decode(string(contents), tmpConfig); err != nil {
- return nil, errors.Wrapf(err, "error decoding configuration file %s",
- configPath)
- }
- return tmpConfig, nil
-}
-
func newRuntimeFromConfig(ctx context.Context, userConfigPath string, options ...RuntimeOption) (runtime *Runtime, err error) {
runtime = new(Runtime)
- runtime.config = new(RuntimeConfig)
- runtime.configuredFrom = new(runtimeConfiguredFrom)
-
- // Copy the default configuration
- tmpDir, err := getDefaultTmpDir()
- if err != nil {
- return nil, err
- }
-
- // storage.conf
- storageConfFile, err := storage.DefaultConfigFile(rootless.IsRootless())
- if err != nil {
- return nil, err
- }
- createStorageConfFile := false
- if _, err := os.Stat(storageConfFile); os.IsNotExist(err) {
- createStorageConfFile = true
- }
-
- defRunConf, err := defaultRuntimeConfig()
+ conf, err := config.NewConfig(userConfigPath)
if err != nil {
return nil, err
}
- if err := JSONDeepCopy(defRunConf, runtime.config); err != nil {
- return nil, errors.Wrapf(err, "error copying runtime default config")
- }
- runtime.config.TmpDir = tmpDir
-
- storageConf, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID())
- if err != nil {
- return nil, errors.Wrapf(err, "error retrieving storage config")
- }
- runtime.config.StorageConfig = storageConf
- runtime.config.StaticDir = filepath.Join(storageConf.GraphRoot, "libpod")
- runtime.config.VolumePath = filepath.Join(storageConf.GraphRoot, "volumes")
-
- configPath, err := getConfigPath()
- if err != nil {
- return nil, err
- }
- if rootless.IsRootless() {
- home, err := homeDir()
- if err != nil {
- return nil, err
- }
- if runtime.config.SignaturePolicyPath == "" {
- newPath := filepath.Join(home, ".config/containers/policy.json")
- if _, err := os.Stat(newPath); err == nil {
- runtime.config.SignaturePolicyPath = newPath
- }
- }
- }
-
- if userConfigPath != "" {
- configPath = userConfigPath
- if _, err := os.Stat(configPath); err != nil {
- // If the user specified a config file, we must fail immediately
- // when it doesn't exist
- return nil, errors.Wrapf(err, "cannot stat %s", configPath)
- }
- }
-
- // If we have a valid configuration file, load it in
- if configPath != "" {
- contents, err := ioutil.ReadFile(configPath)
- if err != nil {
- return nil, errors.Wrapf(err, "error reading configuration file %s", configPath)
- }
-
- // This is ugly, but we need to decode twice.
- // Once to check if libpod static and tmp dirs were explicitly
- // set (not enough to check if they're not the default value,
- // might have been explicitly configured to the default).
- // A second time to actually get a usable config.
- tmpConfig := new(RuntimeConfig)
- if _, err := toml.Decode(string(contents), tmpConfig); err != nil {
- return nil, errors.Wrapf(err, "error decoding configuration file %s",
- configPath)
- }
-
- if err := cgroupV2Check(configPath, tmpConfig); err != nil {
- return nil, err
- }
-
- if tmpConfig.StaticDir != "" {
- runtime.configuredFrom.libpodStaticDirSet = true
- }
- if tmpConfig.TmpDir != "" {
- runtime.configuredFrom.libpodTmpDirSet = true
- }
- if tmpConfig.VolumePath != "" {
- runtime.configuredFrom.volPathSet = true
- }
- if tmpConfig.ConmonPath != nil {
- runtime.configuredFrom.conmonPath = true
- }
- if tmpConfig.ConmonEnvVars != nil {
- runtime.configuredFrom.conmonEnvVars = true
- }
- if tmpConfig.InitPath != "" {
- runtime.configuredFrom.initPath = true
- }
- if tmpConfig.OCIRuntimes != nil {
- runtime.configuredFrom.ociRuntimes = true
- }
- if tmpConfig.RuntimePath != nil {
- runtime.configuredFrom.runtimePath = true
- }
- if tmpConfig.CNIPluginDir != nil {
- runtime.configuredFrom.cniPluginDir = true
- }
- if tmpConfig.NoPivotRoot {
- runtime.configuredFrom.noPivotRoot = true
- }
- if tmpConfig.RuntimeSupportsJSON != nil {
- runtime.configuredFrom.runtimeSupportsJSON = true
- }
- if tmpConfig.RuntimeSupportsNoCgroups != nil {
- runtime.configuredFrom.runtimeSupportsNoCgroups = true
- }
- if tmpConfig.OCIRuntime != "" {
- runtime.configuredFrom.ociRuntime = true
- }
-
- if _, err := toml.Decode(string(contents), runtime.config); err != nil {
- return nil, errors.Wrapf(err, "error decoding configuration file %s", configPath)
- }
- } else if rootless.IsRootless() {
- // If the configuration file was not found but we are running in rootless, a subset of the
- // global config file is used.
- for _, path := range []string{OverrideConfigPath, ConfigPath} {
- contents, err := ioutil.ReadFile(path)
- if err != nil {
- // Ignore any error, the file might not be readable by us.
- continue
- }
- tmpConfig := new(RuntimeConfig)
- if _, err := toml.Decode(string(contents), tmpConfig); err != nil {
- return nil, errors.Wrapf(err, "error decoding configuration file %s", path)
- }
-
- // Cherry pick the settings we want from the global configuration
- if !runtime.configuredFrom.conmonPath {
- runtime.config.ConmonPath = tmpConfig.ConmonPath
- }
- if !runtime.configuredFrom.conmonEnvVars {
- runtime.config.ConmonEnvVars = tmpConfig.ConmonEnvVars
- }
- if !runtime.configuredFrom.initPath {
- runtime.config.InitPath = tmpConfig.InitPath
- }
- if !runtime.configuredFrom.ociRuntimes {
- runtime.config.OCIRuntimes = tmpConfig.OCIRuntimes
- }
- if !runtime.configuredFrom.runtimePath {
- runtime.config.RuntimePath = tmpConfig.RuntimePath
- }
- if !runtime.configuredFrom.cniPluginDir {
- runtime.config.CNIPluginDir = tmpConfig.CNIPluginDir
- }
- if !runtime.configuredFrom.noPivotRoot {
- runtime.config.NoPivotRoot = tmpConfig.NoPivotRoot
- }
- if !runtime.configuredFrom.runtimeSupportsJSON {
- runtime.config.RuntimeSupportsJSON = tmpConfig.RuntimeSupportsJSON
- }
- if !runtime.configuredFrom.runtimeSupportsNoCgroups {
- runtime.config.RuntimeSupportsNoCgroups = tmpConfig.RuntimeSupportsNoCgroups
- }
- if !runtime.configuredFrom.ociRuntime {
- runtime.config.OCIRuntime = tmpConfig.OCIRuntime
- }
-
- cgroupsV2, err := cgroups.IsCgroup2UnifiedMode()
- if err != nil {
- return nil, err
- }
- if cgroupsV2 {
- runtime.config.CgroupCheck = true
- }
-
- break
- }
- }
+ runtime.config = conf
// Overwrite config with user-given configuration options
for _, opt := range options {
@@ -702,36 +147,6 @@ func newRuntimeFromConfig(ctx context.Context, userConfigPath string, options ..
}
}
- if rootless.IsRootless() && configPath == "" {
- if createStorageConfFile {
- if err := util.WriteStorageConfigFile(&runtime.config.StorageConfig, storageConfFile); err != nil {
- return nil, errors.Wrapf(err, "cannot write config file %s", storageConfFile)
- }
- }
-
- configPath, err := getRootlessConfigPath()
- if err != nil {
- return nil, err
- }
- if configPath != "" {
- if err := os.MkdirAll(filepath.Dir(configPath), 0711); err != nil {
- return nil, err
- }
- file, err := os.OpenFile(configPath, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0600)
- if err != nil && !os.IsExist(err) {
- return nil, errors.Wrapf(err, "cannot open file %s", configPath)
- }
- if err == nil {
- defer file.Close()
- enc := toml.NewEncoder(file)
- if err := enc.Encode(runtime.config); err != nil {
- if removeErr := os.Remove(configPath); removeErr != nil {
- logrus.Debugf("unable to remove %s: %q", configPath, err)
- }
- }
- }
- }
- }
if err := makeRuntime(ctx, runtime); err != nil {
return nil, err
}
@@ -758,9 +173,9 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) {
}
case "", "shm":
- lockPath := DefaultSHMLockPath
+ lockPath := define.DefaultSHMLockPath
if rootless.IsRootless() {
- lockPath = fmt.Sprintf("%s_%d", DefaultRootlessSHMLockPath, rootless.GetRootlessUID())
+ lockPath = fmt.Sprintf("%s_%d", define.DefaultRootlessSHMLockPath, rootless.GetRootlessUID())
}
// Set up the lock manager
manager, err = lock.OpenSHMLockManager(lockPath, runtime.config.NumLocks)
@@ -794,119 +209,14 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) {
return manager, nil
}
-// probeConmon calls conmon --version and verifies it is a new enough version for
-// the runtime expectations podman currently has
-func probeConmon(conmonBinary string) error {
- versionFormatErr := "conmon version changed format"
- cmd := exec.Command(conmonBinary, "--version")
- var out bytes.Buffer
- cmd.Stdout = &out
- err := cmd.Run()
- if err != nil {
- return err
- }
- r := regexp.MustCompile(`^conmon version (?P<Major>\d+).(?P<Minor>\d+).(?P<Patch>\d+)`)
-
- matches := r.FindStringSubmatch(out.String())
- if len(matches) != 4 {
- return errors.Wrapf(err, versionFormatErr)
- }
- major, err := strconv.Atoi(matches[1])
- if err != nil {
- return errors.Wrapf(err, versionFormatErr)
- }
- if major < minConmonMajor {
- return define.ErrConmonOutdated
- }
- if major > minConmonMajor {
- return nil
- }
-
- minor, err := strconv.Atoi(matches[2])
- if err != nil {
- return errors.Wrapf(err, versionFormatErr)
- }
- if minor < minConmonMinor {
- return define.ErrConmonOutdated
- }
- if minor > minConmonMinor {
- return nil
- }
-
- patch, err := strconv.Atoi(matches[3])
- if err != nil {
- return errors.Wrapf(err, versionFormatErr)
- }
- if patch < minConmonPatch {
- return define.ErrConmonOutdated
- }
- if patch > minConmonPatch {
- return nil
- }
-
- return nil
-}
-
// Make a new runtime based on the given configuration
// Sets up containers/storage, state store, OCI runtime
func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
- // Let's sanity-check some paths first.
- // Relative paths can cause nasty bugs, because core paths we use could
- // shift between runs (or even parts of the program - the OCI runtime
- // uses a different working directory than we do, for example.
- if !filepath.IsAbs(runtime.config.StaticDir) {
- return errors.Wrapf(define.ErrInvalidArg, "static directory must be an absolute path - instead got %q", runtime.config.StaticDir)
- }
- if !filepath.IsAbs(runtime.config.TmpDir) {
- return errors.Wrapf(define.ErrInvalidArg, "temporary directory must be an absolute path - instead got %q", runtime.config.TmpDir)
- }
- if !filepath.IsAbs(runtime.config.VolumePath) {
- return errors.Wrapf(define.ErrInvalidArg, "volume path must be an absolute path - instead got %q", runtime.config.VolumePath)
- }
-
// Find a working conmon binary
- foundConmon := false
- foundOutdatedConmon := false
- for _, path := range runtime.config.ConmonPath {
- stat, err := os.Stat(path)
- if err != nil {
- continue
- }
- if stat.IsDir() {
- continue
- }
- if err := probeConmon(path); err != nil {
- logrus.Warnf("conmon at %s invalid: %v", path, err)
- foundOutdatedConmon = true
- continue
- }
- foundConmon = true
- runtime.conmonPath = path
- logrus.Debugf("using conmon: %q", path)
- break
- }
-
- // Search the $PATH as last fallback
- if !foundConmon {
- if conmon, err := exec.LookPath("conmon"); err == nil {
- if err := probeConmon(conmon); err != nil {
- logrus.Warnf("conmon at %s is invalid: %v", conmon, err)
- foundOutdatedConmon = true
- } else {
- foundConmon = true
- runtime.conmonPath = conmon
- logrus.Debugf("using conmon from $PATH: %q", conmon)
- }
- }
- }
-
- if !foundConmon {
- if foundOutdatedConmon {
- return errors.Errorf("please update to v%d.%d.%d or later: %v", minConmonMajor, minConmonMinor, minConmonPatch, define.ErrConmonOutdated)
- }
- return errors.Wrapf(define.ErrInvalidArg,
- "could not find a working conmon binary (configured options: %v)",
- runtime.config.ConmonPath)
+ if cPath, err := runtime.config.FindConmon(); err != nil {
+ return err
+ } else {
+ runtime.conmonPath = cPath
}
// Make the static files directory if it does not exist
@@ -918,17 +228,22 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
}
}
- // Set up the state
+ // Set up the state.
+ //
+ // TODO - if we further break out the state implementation into
+ // libpod/state, the config could take care of the code below. It
+ // would further allow to move the types and consts into a coherent
+ // package.
switch runtime.config.StateType {
- case InMemoryStateStore:
+ case define.InMemoryStateStore:
state, err := NewInMemoryState()
if err != nil {
return err
}
runtime.state = state
- case SQLiteStateStore:
+ case define.SQLiteStateStore:
return errors.Wrapf(define.ErrInvalidArg, "SQLite state is currently disabled")
- case BoltDBStateStore:
+ case define.BoltDBStateStore:
dbPath := filepath.Join(runtime.config.StaticDir, "bolt_state.db")
state, err := NewBoltState(dbPath, runtime)
@@ -937,7 +252,7 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
}
runtime.state = state
default:
- return errors.Wrapf(define.ErrInvalidArg, "unrecognized state type passed")
+ return errors.Wrapf(define.ErrInvalidArg, "unrecognized state type passed (%v)", runtime.config.StateType)
}
// Grab config from the database so we can reset some defaults
@@ -946,51 +261,9 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
return errors.Wrapf(err, "error retrieving runtime configuration from database")
}
- // Reset defaults if they were not explicitly set
- if !runtime.configuredFrom.storageGraphDriverSet && dbConfig.GraphDriver != "" {
- if runtime.config.StorageConfig.GraphDriverName != dbConfig.GraphDriver &&
- runtime.config.StorageConfig.GraphDriverName != "" {
- logrus.Errorf("User-selected graph driver %q overwritten by graph driver %q from database - delete libpod local files to resolve",
- runtime.config.StorageConfig.GraphDriverName, dbConfig.GraphDriver)
- }
- runtime.config.StorageConfig.GraphDriverName = dbConfig.GraphDriver
- }
- if !runtime.configuredFrom.storageGraphRootSet && dbConfig.StorageRoot != "" {
- if runtime.config.StorageConfig.GraphRoot != dbConfig.StorageRoot &&
- runtime.config.StorageConfig.GraphRoot != "" {
- logrus.Debugf("Overriding graph root %q with %q from database",
- runtime.config.StorageConfig.GraphRoot, dbConfig.StorageRoot)
- }
- runtime.config.StorageConfig.GraphRoot = dbConfig.StorageRoot
+ if err := runtime.config.MergeDBConfig(dbConfig); err != nil {
+ return errors.Wrapf(err, "error merging database config into runtime config")
}
- if !runtime.configuredFrom.storageRunRootSet && dbConfig.StorageTmp != "" {
- if runtime.config.StorageConfig.RunRoot != dbConfig.StorageTmp &&
- runtime.config.StorageConfig.RunRoot != "" {
- logrus.Debugf("Overriding run root %q with %q from database",
- runtime.config.StorageConfig.RunRoot, dbConfig.StorageTmp)
- }
- runtime.config.StorageConfig.RunRoot = dbConfig.StorageTmp
- }
- if !runtime.configuredFrom.libpodStaticDirSet && dbConfig.LibpodRoot != "" {
- if runtime.config.StaticDir != dbConfig.LibpodRoot && runtime.config.StaticDir != "" {
- logrus.Debugf("Overriding static dir %q with %q from database", runtime.config.StaticDir, dbConfig.LibpodRoot)
- }
- runtime.config.StaticDir = dbConfig.LibpodRoot
- }
- if !runtime.configuredFrom.libpodTmpDirSet && dbConfig.LibpodTmp != "" {
- if runtime.config.TmpDir != dbConfig.LibpodTmp && runtime.config.TmpDir != "" {
- logrus.Debugf("Overriding tmp dir %q with %q from database", runtime.config.TmpDir, dbConfig.LibpodTmp)
- }
- runtime.config.TmpDir = dbConfig.LibpodTmp
- }
- if !runtime.configuredFrom.volPathSet && dbConfig.VolumePath != "" {
- if runtime.config.VolumePath != dbConfig.VolumePath && runtime.config.VolumePath != "" {
- logrus.Debugf("Overriding volume path %q with %q from database", runtime.config.VolumePath, dbConfig.VolumePath)
- }
- runtime.config.VolumePath = dbConfig.VolumePath
- }
-
- runtime.config.EventsLogFilePath = filepath.Join(runtime.config.TmpDir, "events", "events.log")
logrus.Debugf("Using graph driver %s", runtime.config.StorageConfig.GraphDriverName)
logrus.Debugf("Using graph root %s", runtime.config.StorageConfig.GraphRoot)
@@ -1269,7 +542,7 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
}
// GetConfig returns a copy of the configuration used by the runtime
-func (r *Runtime) GetConfig() (*RuntimeConfig, error) {
+func (r *Runtime) GetConfig() (*config.Config, error) {
r.lock.RLock()
defer r.lock.RUnlock()
@@ -1277,7 +550,7 @@ func (r *Runtime) GetConfig() (*RuntimeConfig, error) {
return nil, define.ErrRuntimeStopped
}
- config := new(RuntimeConfig)
+ config := new(config.Config)
// Copy so the caller won't be able to modify the actual config
if err := JSONDeepCopy(r.config, config); err != nil {
@@ -1499,56 +772,3 @@ func (r *Runtime) SystemContext() *types.SystemContext {
func (r *Runtime) GetOCIRuntimePath() string {
return r.defaultOCIRuntime.Path()
}
-
-// Since runc does not currently support cgroupV2
-// Change to default crun on first running of libpod.conf
-// TODO Once runc has support for cgroups, this function should be removed.
-func cgroupV2Check(configPath string, tmpConfig *RuntimeConfig) error {
- if !tmpConfig.CgroupCheck && rootless.IsRootless() {
- if tmpConfig.CgroupManager == SystemdCgroupsManager {
- // If we are running rootless and the systemd manager is requested, be sure that dbus is accessible
- session := os.Getenv("DBUS_SESSION_BUS_ADDRESS")
- hasSession := session != ""
- if hasSession && strings.HasPrefix(session, "unix:path=") {
- _, err := os.Stat(strings.TrimPrefix(session, "unix:path="))
- hasSession = err == nil
- }
-
- if !hasSession {
- logrus.Warningf("The cgroups manager is set to systemd but there is no systemd user session available")
- logrus.Warningf("For using systemd, you may need to login using an user session")
- logrus.Warningf("Alternatively, you can enable lingering with: `loginctl enable-linger %d` (possibily as root)", rootless.GetRootlessUID())
- logrus.Warningf("Falling back to --cgroup-manager=cgroupfs")
-
- tmpConfig.CgroupManager = CgroupfsCgroupsManager
- }
-
- }
- cgroupsV2, err := cgroups.IsCgroup2UnifiedMode()
- if err != nil {
- return err
- }
- if cgroupsV2 {
- path, err := exec.LookPath("crun")
- if err != nil {
- logrus.Warnf("Can not find crun package on the host, containers might fail to run on cgroup V2 systems without crun: %q", err)
- // Can't find crun path so do nothing
- return nil
- }
- tmpConfig.CgroupCheck = true
- tmpConfig.OCIRuntime = path
- file, err := os.OpenFile(configPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
- if err != nil {
- return errors.Wrapf(err, "cannot open file %s", configPath)
- }
- defer file.Close()
- enc := toml.NewEncoder(file)
- if err := enc.Encode(tmpConfig); err != nil {
- if removeErr := os.Remove(configPath); removeErr != nil {
- logrus.Debugf("unable to remove %s: %q", configPath, err)
- }
- }
- }
- }
- return nil
-}
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 2b214d572..7069d3494 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -75,7 +75,7 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf
if config == nil {
ctr.config.ID = stringid.GenerateNonCryptoID()
- ctr.config.ShmSize = DefaultShmSize
+ ctr.config.ShmSize = define.DefaultShmSize
} else {
// This is a restore from an imported checkpoint
ctr.restoreFromCheckpoint = true
@@ -215,7 +215,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (c *Contai
// Only if we're actually configuring CGroups.
if !ctr.config.NoCgroups {
switch r.config.CgroupManager {
- case CgroupfsCgroupsManager:
+ case define.CgroupfsCgroupsManager:
if ctr.config.CgroupParent == "" {
if pod != nil && pod.config.UsePodCgroup {
podCgroup, err := pod.CgroupPath()
@@ -232,7 +232,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (c *Contai
} else if strings.HasSuffix(path.Base(ctr.config.CgroupParent), ".slice") {
return nil, errors.Wrapf(define.ErrInvalidArg, "systemd slice received as cgroup parent when using cgroupfs")
}
- case SystemdCgroupsManager:
+ case define.SystemdCgroupsManager:
if ctr.config.CgroupParent == "" {
if pod != nil && pod.config.UsePodCgroup {
podCgroup, err := pod.CgroupPath()
diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go
index 05866d05a..704aaf9d0 100644
--- a/libpod/runtime_pod_linux.go
+++ b/libpod/runtime_pod_linux.go
@@ -76,7 +76,7 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
// Check CGroup parent sanity, and set it if it was not set
switch r.config.CgroupManager {
- case CgroupfsCgroupsManager:
+ case define.CgroupfsCgroupsManager:
if pod.config.CgroupParent == "" {
pod.config.CgroupParent = CgroupfsDefaultCgroupParent
} else if strings.HasSuffix(path.Base(pod.config.CgroupParent), ".slice") {
@@ -89,7 +89,7 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
if pod.config.UsePodCgroup {
pod.state.CgroupPath = filepath.Join(pod.config.CgroupParent, pod.ID())
}
- case SystemdCgroupsManager:
+ case define.SystemdCgroupsManager:
if pod.config.CgroupParent == "" {
if rootless.IsRootless() {
pod.config.CgroupParent = SystemdDefaultRootlessCgroupParent
@@ -200,7 +200,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
// the pod and conmon CGroups with a PID limit to prevent them from
// spawning any further processes (particularly cleanup processes) which
// would prevent removing the CGroups.
- if p.runtime.config.CgroupManager == CgroupfsCgroupsManager {
+ if p.runtime.config.CgroupManager == define.CgroupfsCgroupsManager {
// Get the conmon CGroup
conmonCgroupPath := filepath.Join(p.state.CgroupPath, "conmon")
conmonCgroup, err := cgroups.Load(conmonCgroupPath)
@@ -251,7 +251,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
logrus.Debugf("Removing pod cgroup %s", p.state.CgroupPath)
switch p.runtime.config.CgroupManager {
- case SystemdCgroupsManager:
+ case define.SystemdCgroupsManager:
if err := deleteSystemdCgroup(p.state.CgroupPath); err != nil {
if removalErr == nil {
removalErr = errors.Wrapf(err, "error removing pod %s cgroup", p.ID())
@@ -259,7 +259,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
logrus.Errorf("Error deleting pod %s cgroup %s: %v", p.ID(), p.state.CgroupPath, err)
}
}
- case CgroupfsCgroupsManager:
+ case define.CgroupfsCgroupsManager:
// Delete the cgroupfs cgroup
// Make sure the conmon cgroup is deleted first
// Since the pod is almost gone, don't bother failing
diff --git a/libpod/state.go b/libpod/state.go
index e38f820b5..b246b5eac 100644
--- a/libpod/state.go
+++ b/libpod/state.go
@@ -1,15 +1,6 @@
package libpod
-// DBConfig is a set of Libpod runtime configuration settings that are saved
-// in a State when it is first created, and can subsequently be retrieved.
-type DBConfig struct {
- LibpodRoot string
- LibpodTmp string
- StorageRoot string
- StorageTmp string
- GraphDriver string
- VolumePath string
-}
+import "github.com/containers/libpod/libpod/config"
// State is a storage backend for libpod's current state.
// A State is only initialized once per instance of libpod.
@@ -37,7 +28,7 @@ type State interface {
// root and tmp dirs, and c/storage graph driver.
// This is not implemented by the in-memory state, as it has no need to
// validate runtime configuration.
- GetDBConfig() (*DBConfig, error)
+ GetDBConfig() (*config.DBConfig, error)
// ValidateDBConfig validates the config in the given Runtime struct
// against paths stored in the configured database.
diff --git a/libpod/state_test.go b/libpod/state_test.go
index 5db1f301c..d4a4149f9 100644
--- a/libpod/state_test.go
+++ b/libpod/state_test.go
@@ -8,6 +8,7 @@ import (
"testing"
"time"
+ "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/lock"
"github.com/containers/storage"
@@ -52,7 +53,7 @@ func getEmptyBoltState() (s State, p string, m lock.Manager, err error) {
}
runtime := new(Runtime)
- runtime.config = new(RuntimeConfig)
+ runtime.config = new(config.Config)
runtime.config.StorageConfig = storage.StoreOptions{}
runtime.lockManager = lockManager
diff --git a/libpod/util.go b/libpod/util.go
index 5ae5ab491..7bd834e30 100644
--- a/libpod/util.go
+++ b/libpod/util.go
@@ -10,6 +10,7 @@ import (
"strings"
"time"
+ "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/utils"
"github.com/fsnotify/fsnotify"
@@ -19,10 +20,6 @@ import (
// Runtime API constants
const (
- // DefaultTransport is a prefix that we apply to an image name
- // to check docker hub first for the image
- DefaultTransport = "docker://"
-
unknownPackage = "Unknown"
)
@@ -191,18 +188,18 @@ func programVersion(mountProgram string) (string, error) {
}
func DefaultSeccompPath() (string, error) {
- _, err := os.Stat(SeccompOverridePath)
+ _, err := os.Stat(config.SeccompOverridePath)
if err == nil {
- return SeccompOverridePath, nil
+ return config.SeccompOverridePath, nil
}
if !os.IsNotExist(err) {
- return "", errors.Wrapf(err, "can't check if %q exists", SeccompOverridePath)
+ return "", errors.Wrapf(err, "can't check if %q exists", config.SeccompOverridePath)
}
- if _, err := os.Stat(SeccompDefaultPath); err != nil {
+ if _, err := os.Stat(config.SeccompDefaultPath); err != nil {
if !os.IsNotExist(err) {
- return "", errors.Wrapf(err, "can't check if %q exists", SeccompDefaultPath)
+ return "", errors.Wrapf(err, "can't check if %q exists", config.SeccompDefaultPath)
}
return "", nil
}
- return SeccompDefaultPath, nil
+ return config.SeccompDefaultPath, nil
}
diff --git a/libpod/volume_internal_linux.go b/libpod/volume_internal_linux.go
index 4c0332018..70eccbecb 100644
--- a/libpod/volume_internal_linux.go
+++ b/libpod/volume_internal_linux.go
@@ -3,8 +3,8 @@
package libpod
import (
- "io/ioutil"
"os/exec"
+ "strings"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/rootless"
@@ -72,16 +72,10 @@ func (v *Volume) mount() error {
mountArgs = append(mountArgs, volDevice, v.config.MountPoint)
mountCmd := exec.Command(mountPath, mountArgs...)
- errPipe, err := mountCmd.StderrPipe()
- if err != nil {
- return errors.Wrapf(err, "error getting stderr pipe for mount")
- }
- if err := mountCmd.Start(); err != nil {
- out, err2 := ioutil.ReadAll(errPipe)
- if err2 != nil {
- return errors.Wrapf(err2, "error reading mount STDERR")
- }
- return errors.Wrapf(errors.New(string(out)), "error mounting volume %s", v.Name())
+ logrus.Debugf("Running mount command: %s %s", mountPath, strings.Join(mountArgs, " "))
+ if output, err := mountCmd.CombinedOutput(); err != nil {
+ logrus.Debugf("Mount failed with %v", err)
+ return errors.Wrapf(errors.Errorf(string(output)), "error mounting volume %s", v.Name())
}
logrus.Debugf("Mounted volume %s", v.Name())
diff --git a/pkg/adapter/containers.go b/pkg/adapter/containers.go
index 430b6925d..207cf5c64 100644
--- a/pkg/adapter/containers.go
+++ b/pkg/adapter/containers.go
@@ -656,20 +656,25 @@ func (r *LocalRuntime) Start(ctx context.Context, c *cliconfig.StartValues, sigP
return exitCode, nil
}
- if ctrRunning {
- fmt.Println(ctr.ID())
- continue
- }
- // Handle non-attach start
- // If the container is in a pod, also set to recursively start dependencies
- if err := ctr.Start(ctx, ctr.PodID() != ""); err != nil {
- if lastError != nil {
- fmt.Fprintln(os.Stderr, lastError)
+ // Start the container if it's not running already.
+ if !ctrRunning {
+ // Handle non-attach start
+ // If the container is in a pod, also set to recursively start dependencies
+ if err := ctr.Start(ctx, ctr.PodID() != ""); err != nil {
+ if lastError != nil {
+ fmt.Fprintln(os.Stderr, lastError)
+ }
+ lastError = errors.Wrapf(err, "unable to start container %q", container)
+ continue
}
- lastError = errors.Wrapf(err, "unable to start container %q", container)
- continue
}
- fmt.Println(ctr.ID())
+ // Check if the container is referenced by ID or by name and print
+ // it accordingly.
+ if strings.HasPrefix(ctr.ID(), container) {
+ fmt.Println(ctr.ID())
+ } else {
+ fmt.Println(container)
+ }
}
return exitCode, lastError
}
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go
index da5c14948..86d701f7e 100644
--- a/pkg/spec/spec.go
+++ b/pkg/spec/spec.go
@@ -5,6 +5,8 @@ import (
"strings"
"github.com/containers/libpod/libpod"
+ libpodconfig "github.com/containers/libpod/libpod/config"
+ "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/sysinfo"
@@ -300,7 +302,7 @@ func (config *CreateConfig) createConfigToOCISpec(runtime *libpod.Runtime, userM
blockAccessToKernelFilesystems(config, &g)
- var runtimeConfig *libpod.RuntimeConfig
+ var runtimeConfig *libpodconfig.Config
if runtime != nil {
runtimeConfig, err = runtime.GetConfig()
@@ -321,7 +323,7 @@ func (config *CreateConfig) createConfigToOCISpec(runtime *libpod.Runtime, userM
if err != nil {
return nil, err
}
- if (!cgroup2 || (runtimeConfig != nil && runtimeConfig.CgroupManager != libpod.SystemdCgroupsManager)) && config.Resources.PidsLimit == sysinfo.GetDefaultPidsLimit() {
+ if (!cgroup2 || (runtimeConfig != nil && runtimeConfig.CgroupManager != define.SystemdCgroupsManager)) && config.Resources.PidsLimit == sysinfo.GetDefaultPidsLimit() {
setPidLimit = false
}
}
@@ -417,7 +419,7 @@ func (config *CreateConfig) createConfigToOCISpec(runtime *libpod.Runtime, userM
configSpec.Linux.Resources = &spec.LinuxResources{}
}
- canUseResources := cgroup2 && runtimeConfig != nil && (runtimeConfig.CgroupManager == libpod.SystemdCgroupsManager)
+ canUseResources := cgroup2 && runtimeConfig != nil && (runtimeConfig.CgroupManager == define.SystemdCgroupsManager)
if addedResources && !canUseResources {
return nil, errors.New("invalid configuration, cannot specify resource limits without cgroups v2 and --cgroup-manager=systemd")
diff --git a/pkg/util/utils.go b/pkg/util/utils.go
index 71f3e26dc..633d8a124 100644
--- a/pkg/util/utils.go
+++ b/pkg/util/utils.go
@@ -3,6 +3,7 @@ package util
import (
"fmt"
"os"
+ "os/user"
"path/filepath"
"regexp"
"strings"
@@ -440,3 +441,16 @@ func ExitCode(err error) int {
return 126
}
+
+// HomeDir returns the home directory for the current user.
+func HomeDir() (string, error) {
+ home := os.Getenv("HOME")
+ if home == "" {
+ usr, err := user.LookupId(fmt.Sprintf("%d", rootless.GetRootlessUID()))
+ if err != nil {
+ return "", errors.Wrapf(err, "unable to resolve HOME directory")
+ }
+ home = usr.HomeDir
+ }
+ return home, nil
+}
diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go
index ebc36b7f1..358137aa9 100644
--- a/test/e2e/run_selinux_test.go
+++ b/test/e2e/run_selinux_test.go
@@ -170,7 +170,7 @@ var _ = Describe("Podman run", func() {
setup.WaitWithDefaultTimeout()
Expect(setup.ExitCode()).To(Equal(0))
- session := podmanTest.Podman([]string{"exec", "test1", "cat", "/proc/self/attr/current"})
+ session := podmanTest.Podman([]string{"exec", "test1", "cat", "/proc/1/attr/current"})
session.WaitWithDefaultTimeout()
session1 := podmanTest.Podman([]string{"exec", "test1", "cat", "/proc/self/attr/current"})
session1.WaitWithDefaultTimeout()
diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go
index c96059787..8e5de85e4 100644
--- a/test/e2e/run_volume_test.go
+++ b/test/e2e/run_volume_test.go
@@ -364,4 +364,15 @@ var _ = Describe("Podman run with volumes", func() {
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(Not(ContainSubstring("noexec")))
})
+
+ It("podman mount with invalid option fails", func() {
+ volName := "testVol"
+ volCreate := podmanTest.Podman([]string{"volume", "create", "--opt", "type=tmpfs", "--opt", "device=tmpfs", "--opt", "o=invalid", volName})
+ volCreate.WaitWithDefaultTimeout()
+ Expect(volCreate.ExitCode()).To(Equal(0))
+
+ volMount := podmanTest.Podman([]string{"run", "--rm", "-v", fmt.Sprintf("%s:/tmp", volName), ALPINE, "ls"})
+ volMount.WaitWithDefaultTimeout()
+ Expect(volMount.ExitCode()).To(Not(Equal(0)))
+ })
})
diff --git a/test/e2e/start_test.go b/test/e2e/start_test.go
index da581f158..47b058845 100644
--- a/test/e2e/start_test.go
+++ b/test/e2e/start_test.go
@@ -57,15 +57,32 @@ var _ = Describe("Podman start", func() {
session = podmanTest.Podman([]string{"container", "start", cid})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(Equal(cid))
+ })
+
+ It("podman container start single container by short id", func() {
+ session := podmanTest.Podman([]string{"container", "create", "-d", ALPINE, "ls"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ cid := session.OutputToString()
+ session = podmanTest.Podman([]string{"container", "start", cid[0:10]})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(Equal(cid))
})
It("podman start single container by name", func() {
- session := podmanTest.Podman([]string{"create", "-d", "--name", "foobar99", ALPINE, "ls"})
+ name := "foobar99"
+ session := podmanTest.Podman([]string{"create", "-d", "--name", name, ALPINE, "ls"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- session = podmanTest.Podman([]string{"start", "foobar99"})
+ session = podmanTest.Podman([]string{"start", name})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
+ if podmanTest.RemoteTest {
+ Skip("Container-start name check doesn't work on remote client. It always returns the full ID.")
+ }
+ Expect(session.OutputToString()).To(Equal(name))
})
It("podman start multiple containers", func() {