summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Fix built-in volume issue with podman run/createumohnani82018-06-29
| | | | | | | | | | | | | The destination path of the built-in volume was not being created but a relabel was being attempted on it, this was causing issues with all images that have built-in volumes. This patch fixes that and ensures the destination volume path is created. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #1026 Approved by: mheon
* Add `podman container cleanup` to CLIDaniel J Walsh2018-06-29
| | | | | | | | | | | | | When we run containers in detach mode, nothing cleans up the network stack or the mount points. This patch will tell conmon to execute the cleanup code when the container exits. It can also be called to attempt to cleanup previously running containers. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #942 Approved by: mheon
* Allow multiple containers and all for umountTomSweeneyRedHat2018-06-29
| | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Closes: #1012 Approved by: rhatdan
* Returning joining namespace error should not be fatalDaniel J Walsh2018-06-29
| | | | | | | | | | | | | | | | | | | | | | I got my database state in a bad way by killing a hanging container. It did not setup the network namespace correctly listing/remove bad containers becomes impossible. podman run alpine/nginx ^c got me in this state. I got into a state in the database where podman ps -a was returning errors and I could not get out of it, Makeing joining the network namespace a non fatal error fixes the issue. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #918 Approved by: mheon
* Start using github.com/seccomp/containers-golangDaniel J Walsh2018-06-29
| | | | | | | | | User newer seccomp bindings from the seccomp upstream Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1021 Approved by: giuseppe
* Test to verify overlay quotas work, show container overhead on quotahaircommander2018-06-29
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1013 Approved by: rhatdan
* conmon no longer writes to syslogDaniel J Walsh2018-06-29
| | | | | | | | | | | If the caller sets up the app to be in logrus.DebugLevel, then we will add the --syslog flag to conmon to get all of the messages. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1014 Approved by: TomSweeneyRedHat
* Fix broken f28/cloud instanceDaniel J Walsh2018-06-29
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1024 Approved by: nalind
* Vendor latest projectatomic/buildahumohnani82018-06-28
| | | | | | | | | | Fixes issue with build for last step of docker file when building with --layers. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #1023 Approved by: mheon
* Merge pull request #1020 from giuseppe/resize-fix-loopDaniel J Walsh2018-06-28
|\ | | | | utils: fix endless write of resize event
| * utils: fix endless write of resize eventGiuseppe Scrivano2018-06-28
| | | | | | | | | | | | issue introduced with c82166afabd63f6271990be89ffa6609d3dc6712 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | vendor in latest golang/x/sysbaude2018-06-28
| | | | | | | | | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #1022 Approved by: baude
* | vendor in latest docker packagebaude2018-06-28
| | | | | | | | | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #1022 Approved by: baude
* | Remove the --registry flag from podman searchumohnani82018-06-28
| | | | | | | | | | | | | | | | | | | | | | | | Instead of setting the --registry flag to search a single registry, prefix the registry before the image name in the input, an example is `podman search registry.fedoraproject.org/fedora` and this will search for the fedora image in only registry.fedoraproject.org. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #1011 Approved by: rhatdan
* | Start prints UUID or container name that user inputs on successhaircommander2018-06-28
|/ | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1019 Approved by: rhatdan
* cmd/podman/utils.go: Cancel-able resize writesW. Trevor King2018-06-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On Thu, Jun 28, 2018 at 03:48:26AM -0700, Marco Vedovati wrote [1]: > The root cause is a deadlock between two channel writes made by two > different goroutines: > > 1. `resizeTty() : go func(){} : sendUpdate()` is sending a resize > message thru `resize` right at the beginning, but the channel is > never read if some startup error occurs. > > 2. Upon program termination, `startAttachCtr() : defer func(){} ` is > telling the goroutine in "1." to stop via the `resizeTerminate` > channel. But that guy is still waiting for the write to `resize` > to complete so the the termination message is never read. > > I think the go deadlock detection does not kick in because not all > goroutines are seen as asleep. E.g. `os/signal Notify()` is enough > to have the deadlock not detected. 333ab8c2 (Fix podman hangs when detecting startup error in container attached mode, 2018-06-27, #1010) addressed this with a deferred drain. This commit adjusts that approach to use a single select to cover "have we been canceled?", "has there been a resize signal?", and (when we have one) "can we write the most recent resize event to the resize channel?". A side benefit to this approach is that if we have a slow resize consumer and several resize signals, the resizeTty function will keep updating its local resizeEvent. Once the resize channel is able to accept, only the most-recent event will be written. Previously we'd have written one resize event for every received signal, even if the resize consumer was falling behind. [1]: https://github.com/projectatomic/libpod/pull/1010#issuecomment-400994436 Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #1018 Approved by: rhatdan
* Fix podman hangs when detecting startup error in container attached modeMarco Vedovati2018-06-28
| | | | | | | | | | | | | | | Signed-off-by: Marco Vedovati <mvedovati@suse.com> The initial resize command sent to the terminal window over the resize channel may never be delivered in case of error. Hence it is necessary to consume all data from the resize channel to avoid a deadlock on startup. Fixes: #1009 Closes: #1010 Approved by: giuseppe
* travis: bump go to 1.9.x and 1.10.xValentin Rothberg2018-06-28
| | | | | | | | | Update the used go versions from 1.8.x to 1.9.x and 1.9.x to 1.10.x. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1016 Approved by: rhatdan
* podman-build --help: update descriptionValentin Rothberg2018-06-28
| | | | | | | | | | | Update the description of podman-build which was mentioning the initial requirement of Buildah which doesn't apply anymore since Podman is vendoring Buildah code. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1005 Approved by: rhatdan
* *: Replace Generator.Spec() with Generator.ConfigW. Trevor King2018-06-27
| | | | | | | | | | | | Catching up with opencontainers/runtime-tools@84a62c6a (generate: Move Generator.spec to Generator.Config, 2016-11-06, #266, v0.6.0), now that we've bumped runtime-tools in f6c0fc1a (Vendor in latest runtime-tools, 2018-06-26, #1007). Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #1008 Approved by: mheon
* generator.New() requires an OS string input variablebaude2018-06-27
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #1007 Approved by: baude
* Vendor in latest buildahbaude2018-06-27
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #1007 Approved by: baude
* Vendor in latest runtime-toolsbaude2018-06-27
| | | | | | | | | Newer runtime tools separates syscalls by OS so we can build darwin. Signed-off-by: baude <bbaude@redhat.com> Closes: #1007 Approved by: baude
* docs: add documentation for rootless containersGiuseppe Scrivano2018-06-27
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan
* runtime: change rootless data storage default pathGiuseppe Scrivano2018-06-27
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan
* rootless: use $HOME/.config/containers/libpod.confGiuseppe Scrivano2018-06-27
| | | | | | | | | If the file exists, use it to read the configuration. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan
* test: add env variables to the debug outputGiuseppe Scrivano2018-06-27
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan
* rootless: do not configure additional groupsGiuseppe Scrivano2018-06-27
| | | | | | | | | Additional groups are not allowed in an userNS. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan
* oci: set XDG_RUNTIME_DIR to the runtime from GetRootlessRuntimeDir()Giuseppe Scrivano2018-06-27
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan
* rootless: add management for the userNSGiuseppe Scrivano2018-06-27
| | | | | | | | | | When running podman as non root user always create an userNS and let the OCI runtime use it. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan
* container_internal: don't ignore error from cleanupNetwork()Giuseppe Scrivano2018-06-27
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1002 Approved by: rhatdan
* Mark containers invalid earlier during removalMatthew Heon2018-06-27
| | | | | | | | | | | Fixes a bug where we might try saving back to the database during cleanup, which would fail as the container was already removed from the database. Signed-off-by: Matthew Heon <mheon@redhat.com> Closes: #1001 Approved by: rhatdan
* Add --authfile to podman searchumohnani82018-06-27
| | | | | | | | | | | Since podman search requires credentials to search private registries, add the --authfile flag to allow users to pass in credentials from a different authfile than the default one. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #998 Approved by: rhatdan
* Vendor in latest containers/imageumohnani82018-06-27
| | | | | | | | | | Fixes issue with podman search of private registries. Podman search was not picking up the credentials from the authfile. This fixes it. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #998 Approved by: rhatdan
* Merge pull request #1003 from rhatdan/vendorDaniel J Walsh2018-06-27
|\ | | | | Vendor in go-selinux again
| * Vendor in go-selinux againDaniel J Walsh2018-06-26
| | | | | | | | | | | | Baude found an error in non linux bindings. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | add podman remote clientbaude2018-06-27
|/ | | | | | | | | | | | | | | | podman client that is capable of: * images * ps * rm * rmi this is only a mockup to frame out and prove python library and ssh tunnelling usage. Signed-off-by: baude <bbaude@redhat.com> Closes: #986 Approved by: rhatdan
* Update the vendoring of github.com/opencontainers/selinuxDaniel J Walsh2018-06-26
| | | | | | | | | THis should make libpod easier to build on non linux platforms. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1000 Approved by: mheon
* Containers can dissappearDaniel J Walsh2018-06-26
| | | | | | | | | | | | Between the time that ps command gets the list of containers and is able to ask for more data, the container could have exited. This patch logs Clibpod.ErrNoSuchCtr errors and just continues processing. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #996 Approved by: mheon
* Add podman-image and podman-container man page linksDaniel J Walsh2018-06-25
| | | | | | | | | | | | | | podman image and podman container have alternate CLI to standard CLI for a lot of commands. The man pages can be shared between both. This patch adds links so that of some executes `podman image load`, they will actually see the `podman load` man page. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #993 Approved by: mheon
* Update ocicni vendor to pick up bugfixesMatthew Heon2018-06-25
| | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com> Closes: #991 Approved by: rhatdan
* make varlink optional for podmanbaude2018-06-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | some platforms and operating systems do not have varlink. in those cases, we need to be able to turn off enablement of varlink in podman. this can now be done with BUILDTAGS passed to the build though perhaps in the future will be better. the default is to build with varlink Signed-off-by: baude <bbaude@redhat.com> squash! make varlink optional for podman The API.md and cmd/podman/varlink/ioprojectatomicpodman.go targets will continue to work regardless of the presence (or not) of 'varlink' is in BUILDTAGS. However, cmd/podman/varlink/ioprojectatomicpodman.go is now only required by the podman target when BUILDTAGS contains 'varlink'. API.md had also been an podman dependency since 5b2627dd (Makefile: Drop find-godeps.sh for podman target, 2018-05-15, #776) when I expanded varlink_api_generate. It had been an indirect podman dependency (via varlink_api_generate) since 25263558 (Generate varlink API documentation automatically, 2018-05-07, #734). But the podman executable obviously doesn't depend on the Markdown file, so I'm removing that dependency here. Signed-off-by: baude <bbaude@redhat.com> squash! make varlink optional for podman The command-pointer approach will scale well if/when we add additional optional commands behind their own build tags, because those tags won't all be competing for the same getOptionalCommands namespace. Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #987 Approved by: rhatdan
* Merge pull request #989 from mheon/bump-0.6.4Matthew Heon2018-06-22
|\ | | | | Bump to 0.6.4
| * Bump gitvalidation epochMatthew Heon2018-06-22
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.6.5-devMatthew Heon2018-06-22
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.6.4v0.6.4Matthew Heon2018-06-22
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Add tests for podman refreshMatthew Heon2018-06-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #981 Approved by: baude
* Point podman-refresh at the right manpageMatthew Heon2018-06-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #981 Approved by: baude
* Add bash completions for podman refreshMatthew Heon2018-06-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #981 Approved by: baude
* Add manpages for podman refreshMatthew Heon2018-06-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #981 Approved by: baude