diff options
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | RELEASE_NOTES.md | 12 | ||||
-rw-r--r-- | docs/tutorials/podman_tutorial.md | 4 | ||||
-rw-r--r-- | libpod/container_internal_linux.go | 16 | ||||
-rw-r--r-- | libpod/container_internal_linux_test.go | 29 | ||||
-rw-r--r-- | pkg/cgroups/cgroups.go | 5 | ||||
-rw-r--r-- | pkg/machine/libvirt/config.go | 6 | ||||
-rw-r--r-- | pkg/machine/libvirt/machine.go | 17 | ||||
-rw-r--r-- | pkg/machine/libvirt/machine_unsupported.go | 3 | ||||
-rw-r--r-- | pkg/machine/qemu/options_darwin_arm64.go | 1 |
10 files changed, 65 insertions, 30 deletions
@@ -5,7 +5,7 @@ Podman (the POD MANager) is a tool for managing containers and images, volumes mounted into those containers, and pods made from groups of containers. Podman is based on libpod, a library for container lifecycle management that is also contained in this repository. The libpod library provides APIs for managing containers, pods, container images, and volumes. -* [Latest Version: 3.3.0](https://github.com/containers/podman/releases/latest) +* [Latest Version: 3.3.1](https://github.com/containers/podman/releases/latest) * Latest Remote client for Windows * Latest Remote client for macOS * Latest Static Remote client for Linux diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 9649e7abb..b9b94dbb3 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,5 +1,17 @@ # Release Notes +## 3.3.1 +### Bugfixes +- Fixed a bug where unit files created by `podman generate systemd` could not cleanup shut down containers when stopped by `systemctl stop` ([#11304](https://github.com/containers/podman/issues/11304)). +- Fixed a bug where `podman machine` commands would not properly locate the `gvproxy` binary in some circumstances. +- Fixed a bug where containers created as part of a pod using the `--pod-id-file` option would not join the pod's network namespace ([#11303](https://github.com/containers/podman/issues/11303)). +- Fixed a bug where Podman, when using the systemd cgroups driver, could sometimes leak dbus sessions. +- Fixed a bug where the `until` filter to `podman logs` and `podman events` was improperly handled, requiring input to be negated ([#11158](https://github.com/containers/podman/issues/11158)). +- Fixed a bug where rootless containers using CNI networking run on systems using `systemd-resolved` for DNS would fail to start if resolved symlinked `/etc/resolv.conf` to an absolute path ([#11358](https://github.com/containers/podman/issues/11358)). + +### API +- A large number of potential file descriptor leaks from improperly closing client connections have been fixed. + ## 3.3.0 ### Features - Containers inside VMs created by `podman machine` will now automatically handle port forwarding - containers in `podman machine` VMs that publish ports via `--publish` or `--publish-all` will have these ports not just forwarded on the VM, but also on the host system. diff --git a/docs/tutorials/podman_tutorial.md b/docs/tutorials/podman_tutorial.md index 7419f445e..92d0c41b1 100644 --- a/docs/tutorials/podman_tutorial.md +++ b/docs/tutorials/podman_tutorial.md @@ -50,11 +50,11 @@ Note: The -l is a convenience argument for **latest container**. You can also u of -l. ### Testing the httpd server -Now that we have the IP address of the container, we can test the network communication between the host +As we do not have the IP address of the container, we can test the network communication between the host operating system and the container using curl. The following command should display the index page of our containerized httpd server. ```console -curl http://<IP_address>:8080 +curl http://localhost:8080 ``` ### Viewing the container's logs diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 847122929..cafa3c642 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -1,3 +1,4 @@ +//go:build linux // +build linux package libpod @@ -1942,9 +1943,24 @@ func (c *Container) generateHosts(path string) (string, error) { } hosts := string(orig) hosts += c.getHosts() + + hosts = c.appendLocalhost(hosts) + return c.writeStringToRundir("hosts", hosts) } +// based on networking mode we may want to append the localhost +// if there isn't any record for it and also this shoud happen +// in slirp4netns and similar network modes. +func (c *Container) appendLocalhost(hosts string) string { + if !strings.Contains(hosts, "localhost") && + !c.config.NetMode.IsHost() { + hosts += "127.0.0.1\tlocalhost\n::1\tlocalhost\n" + } + + return hosts +} + // appendHosts appends a container's config and state pertaining to hosts to a container's // local hosts file. netCtr is the container from which the netNS information is // taken. diff --git a/libpod/container_internal_linux_test.go b/libpod/container_internal_linux_test.go index 1465ffbea..899f9bffd 100644 --- a/libpod/container_internal_linux_test.go +++ b/libpod/container_internal_linux_test.go @@ -1,3 +1,4 @@ +//go:build linux // +build linux package libpod @@ -7,6 +8,7 @@ import ( "os" "testing" + "github.com/containers/podman/v3/pkg/namespaces" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/stretchr/testify/assert" ) @@ -68,3 +70,30 @@ func TestGenerateUserGroupEntry(t *testing.T) { } assert.Equal(t, group, "567:x:567:567\n") } + +func TestAppendLocalhost(t *testing.T) { + { + c := Container{ + config: &ContainerConfig{ + ContainerNetworkConfig: ContainerNetworkConfig{ + NetMode: namespaces.NetworkMode("slirp4netns"), + }, + }, + } + + assert.Equal(t, "127.0.0.1\tlocalhost\n::1\tlocalhost\n", c.appendLocalhost("")) + assert.Equal(t, "127.0.0.1\tlocalhost", c.appendLocalhost("127.0.0.1\tlocalhost")) + } + { + c := Container{ + config: &ContainerConfig{ + ContainerNetworkConfig: ContainerNetworkConfig{ + NetMode: namespaces.NetworkMode("host"), + }, + }, + } + + assert.Equal(t, "", c.appendLocalhost("")) + assert.Equal(t, "127.0.0.1\tlocalhost", c.appendLocalhost("127.0.0.1\tlocalhost")) + } +} diff --git a/pkg/cgroups/cgroups.go b/pkg/cgroups/cgroups.go index 9cb32a364..4bb8de69b 100644 --- a/pkg/cgroups/cgroups.go +++ b/pkg/cgroups/cgroups.go @@ -231,7 +231,10 @@ func getCgroupPathForCurrentProcess() (string, error) { for s.Scan() { text := s.Text() procEntries := strings.SplitN(text, "::", 2) - cgroupPath = procEntries[1] + // set process cgroupPath only if entry is valid + if len(procEntries) > 1 { + cgroupPath = procEntries[1] + } } if err := s.Err(); err != nil { return cgroupPath, err diff --git a/pkg/machine/libvirt/config.go b/pkg/machine/libvirt/config.go deleted file mode 100644 index 1ce5ab154..000000000 --- a/pkg/machine/libvirt/config.go +++ /dev/null @@ -1,6 +0,0 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin - -package libvirt - -type MachineVM struct { -} diff --git a/pkg/machine/libvirt/machine.go b/pkg/machine/libvirt/machine.go deleted file mode 100644 index e1aa1569b..000000000 --- a/pkg/machine/libvirt/machine.go +++ /dev/null @@ -1,17 +0,0 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin - -package libvirt - -import "github.com/containers/podman/v3/pkg/machine" - -func (v *MachineVM) Init(name string, opts machine.InitOptions) error { - return nil -} - -func (v *MachineVM) Start(name string) error { - return nil -} - -func (v *MachineVM) Stop(name string) error { - return nil -} diff --git a/pkg/machine/libvirt/machine_unsupported.go b/pkg/machine/libvirt/machine_unsupported.go deleted file mode 100644 index 8b54440fe..000000000 --- a/pkg/machine/libvirt/machine_unsupported.go +++ /dev/null @@ -1,3 +0,0 @@ -// +build !amd64 amd64,windows - -package libvirt diff --git a/pkg/machine/qemu/options_darwin_arm64.go b/pkg/machine/qemu/options_darwin_arm64.go index 7513b3048..8c651584e 100644 --- a/pkg/machine/qemu/options_darwin_arm64.go +++ b/pkg/machine/qemu/options_darwin_arm64.go @@ -13,6 +13,7 @@ func (v *MachineVM) addArchOptions() []string { ovmfDir := getOvmfDir(v.ImagePath, v.Name) opts := []string{ "-accel", "hvf", + "-accel", "tcg", "-cpu", "cortex-a57", "-M", "virt,highmem=off", "-drive", "file=/usr/local/share/qemu/edk2-aarch64-code.fd,if=pflash,format=raw,readonly=on", |