summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* rootless: allow to override policy.json by the userGiuseppe Scrivano2018-08-24
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1336 Approved by: mheon
* add completion for --pod in run and createhaircommander2018-08-24
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1339 Approved by: mheon
* Fixed formatting and lowered verbosity of pod pshaircommander2018-08-24
| | | | | | | | | CtrInfo now is formatted in the way originally intended. s/Number Of Containers/# Of Containers and s/Infra Container ID/Infra ID. Make json camel case. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1338 Approved by: mheon
* Do not try to enable AppArmor in rootless modeMarco Vedovati2018-08-24
| | | | | | | | | | | When in rootless mode it's not possible to load profiles or check which profiles are loaded. Added a few baseline tests to check all possible cases. Signed-off-by: Marco Vedovati <mvedovati@suse.com> Closes: #1250 Approved by: mheon
* exposes tcp port only if no proto specified.Kunal Kushwaha2018-08-24
| | | | | | | | | | Also it fix the issue of exposing both tc/udp port even if only one proto specified. Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp> Closes: #1325 Approved by: mheon
* rpm-spec: use skopeo-containers instead of containers-commonLokesh Mandvekar2018-08-24
| | | | | | | | | skopeo-containers is available everywhere, but not containers-common Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org> Closes: #1332 Approved by: rhatdan
* Reveal information about container capabilitiesDaniel J Walsh2018-08-24
| | | | | | | | | | | I am often asked about the list of capabilities availabel to a container. We should be listing this data in the inspect command for effective capabilities and the bounding set. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1335 Approved by: TomSweeneyRedHat
* Vendor in latest projectatomic/buildahumohnani82018-08-23
| | | | | | | | | | Fixes to podman build for unknown image and ADD with url when doing --layers. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #1330 Approved by: mheon
* Refactor error checking in With*NSFromPod optionshaircommander2018-08-23
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1187 Approved by: mheon
* Fixing network ns segfaulthaircommander2018-08-23
| | | | | | | | | As well as small style corrections, update pod_top_test to use CreatePod, and move handling of adding a container to the pod's namespace from container_internal_linux to libpod/option. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1187 Approved by: mheon
* Change pause container to infra containerhaircommander2018-08-23
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1187 Approved by: mheon
* Support pause containers in varlinkhaircommander2018-08-23
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1187 Approved by: mheon
* Added option to share kernel namespaces in libpod and podmanhaircommander2018-08-23
| | | | | | | | | A pause container is added to the pod if the user opts in. The default pause image and command can be overridden. Pause containers are ignored in ps unless the -a option is present. Pod inspect and pod ps show shared namespaces and pause container. A pause container can't be removed with podman rm, and a pod can be removed if it only has a pause container. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1187 Approved by: mheon
* Changed GetContainerStats to return ErrCtrStateInvalidhaircommander2018-08-23
| | | | | | | | | | | | | | This results in some functionality changes: If a ErrCtrStateInvalid is returned to GetPodStats, the container is ommitted from the stats. As such, if an empty slice of Container stats are returned to GetPodStats in varlink, an error will occur. GetContainerStats will return the ErrCtrStateInvalid as well. Finally, if ErrCtrStateInvalid is returned to the podman stats call, the container will be ommitted from the stats. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1319 Approved by: baude
* Add GetPodStats to varlinkhaircommander2018-08-23
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1319 Approved by: baude
* rpm-spec: update distro-specific dependenciesLokesh Mandvekar2018-08-23
| | | | | | | | | remove slirp4netns as hard dep as it isn't available on rhel7. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org> Closes: #1328 Approved by: baude
* Add podman pod tophaircommander2018-08-23
| | | | | | | | | Using the vendored changes from psgo, incorporate JoinNamespaceAndProcessInfoByPids to get process information for each pid namespace of running containers in the pod. Also added a man page, and tests. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1298 Approved by: mheon
* Include pod stats and top in commands/completionshaircommander2018-08-23
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1298 Approved by: mheon
* Vendor changes to psgohaircommander2018-08-23
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1298 Approved by: mheon
* Fix syntax description of --ulimit commandDaniel J Walsh2018-08-23
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1327 Approved by: vrothberg
* Swap test image in exec test to fedora for useraddMatthew Heon2018-08-23
| | | | | | | | | | We need a useradd binary in the container for this test, so swap from Alpine to fedora-minimal. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1315 Approved by: vrothberg
* Add tests for exec --userMatthew Heon2018-08-23
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1315 Approved by: vrothberg
* Properly translate users into runc format for execMatthew Heon2018-08-23
| | | | | | | | | | | Runc exec expects the --user flag to be formatted as UID:GID. Use chrootuser code to translate whatever user is passed to exec into this format. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1315 Approved by: vrothberg
* test: ad more tests for rootless containersGiuseppe Scrivano2018-08-22
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1323 Approved by: umohnani8
* rootless: fix --net host --privilegedGiuseppe Scrivano2018-08-22
| | | | | | | | | Closes: https://github.com/containers/libpod/issues/1313 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1323 Approved by: umohnani8
* Fix a bug with hook ALWAYS matching with a processMatthew Heon2018-08-22
| | | | | | | | | | | | When a non-nil process was used and a hook was set to match always, this would not actually match. Fix this. Fixes: #1308 Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1311 Approved by: rhatdan
* Fixed segfault in stats where container had netNS none or from containerhaircommander2018-08-21
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1306 Approved by: rhatdan
* Enable pod stats with short ID and namehaircommander2018-08-21
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1307 Approved by: rhatdan
* Touch up cert-dir in man pagesTomSweeneyRedHat2018-08-21
| | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Closes: #1312 Approved by: rhatdan
* make dbuild fixed on ubuntu/debianKunal Kushwaha2018-08-21
| | | | | | | Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp> Closes: #1309 Approved by: mheon
* vendor latest github.com/urfave/cliValentin Rothberg2018-08-21
| | | | | | | | | | Change from an external patched branch to the upstream master. The vendored code is indentical to the previous one. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1310 Approved by: mheon
* Add retry decorator for flakey testsJhon Honce2018-08-20
| | | | | | | | | * Update doc strings Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1302 Approved by: baude
* Update error message from reviewsJhon Honce2018-08-20
| | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1296 Approved by: rhatdan
* Support Attach subcommand in pypodmanJhon Honce2018-08-20
| | | | | | | | | * Fix some random error handling Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1296 Approved by: rhatdan
* Fix handling of devicesDaniel J Walsh2018-08-20
| | | | | | | | | | | | | | Devices are supposed to be able to be passed in via the form of --device /dev/foo --device /dev/foo:/dev/bar --device /dev/foo:rwm --device /dev/foo:/dev/bar:rwm Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1299 Approved by: umohnani8
* tutorial: point to containers/skopeoMicah Abbott2018-08-18
| | | | | | | Signed-off-by: Micah Abbott <miabbott@redhat.com> Closes: #1300 Approved by: mheon
* point to containers/skopeoMicah Abbott2018-08-18
| | | | | | | Signed-off-by: Micah Abbott <miabbott@redhat.com> Closes: #1300 Approved by: mheon
* install.md: point to containers/libpodMicah Abbott2018-08-18
| | | | | | | Signed-off-by: Micah Abbott <miabbott@redhat.com> Closes: #1300 Approved by: mheon
* Merge pull request #1297 from mheon/bump-0.8.3Matthew Heon2018-08-17
|\ | | | | Bump to 0.8.3
| * Bump gitvalidation epochMatthew Heon2018-08-17
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.8.4-devMatthew Heon2018-08-17
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.8.3v0.8.3Matthew Heon2018-08-17
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Make failure to retrieve individual ctrs/pods nonfatalMatthew Heon2018-08-17
| | | | | | | | | | | | This ensures that we can still use Podman even if a container or pod with bad config JSON makes it into the state. We still can't remove these containers, but at least we can do our best to make things usable. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1294 Approved by: rhatdan
* Mention that systemd is the default cgroup managerMatthew Heon2018-08-17
| | | | | | | | | | | Update docs to reflect our changed default CGroup manager. Fixes: #1292 Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1293 Approved by: baude
* Add dependency for python3-psutil moduleJhon Honce2018-08-17
| | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1290 Approved by: baude
* Vendor in latest buildah and imagebuilderDaniel J Walsh2018-08-17
| | | | | | | | | We want to add the latest support for COPY --chown UID:GID. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1289 Approved by: TomSweeneyRedHat
* Don't fail on size.Daniel J Walsh2018-08-17
| | | | | | | | | | I think a created container which was never run will have no size struct we should just return 0 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1288 Approved by: TomSweeneyRedHat
* Fix handling of socket connection refusal.Daniel J Walsh2018-08-17
| | | | | | | | | | | | | | | Currently if the socket was never started you get an error about the service being started. But if the service was started and later stopped, you get a useless error. This change causes the error to always be the same for connection refused. The error message was also repeating the address twice which looked bad. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1287 Approved by: baude
* podman: fix --uts=hostGiuseppe Scrivano2018-08-17
| | | | | | | | | | | | | | | Do not set any hostname value in the OCI configuration when --uts=host is used and the user didn't specify any value. This prevents an error from the OCI runtime as it cannot set the hostname without a new UTS namespace. Differently, the HOSTNAME environment variable is always set. When --uts=host is used, HOSTNAME gets the value from the host. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1280 Approved by: baude
* podman pod statsbaude2018-08-17
| | | | | | | | | add the ability to monitor container statistics in a pod. Signed-off-by: baude <bbaude@redhat.com> Closes: #1265 Approved by: rhatdan