| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
Use image ubuntu-1804-bionic-v20180911-libpod-63a86a18 which was built
with RUNC_COMMIT 78ef28e63bec2ee4c139b5e3e0d691eb9bdc748d.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\
| |
| | |
Use two spaces to pad PS fields
|
|/
|
|
|
|
|
| |
Ed has asked that we revert to using two spaces for padding between PS fields. I assume
this is for docker autotests.
Signed-off-by: baude <bbaude@redhat.com>
|
|\
| |
| | |
Change ParseDevice to exported name
|
|/
|
|
| |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\
| |
| | |
Vendor in latest containers/storage
|
| |
| |
| |
| |
| |
| | |
We need this to start testing metacopy up for podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Ensure test container in running state
|
| |/
| |
| |
| |
| |
| |
| |
| | |
* Save storage if tests fail
Fixes #1643
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
Add tests for selinux labels
|
| |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
runlabel: run any command
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As discussed [1], the runlabel command should execute any command
specified in a label. The reasoning behind is that we cannot restrict
which options are passed to Podman which thereby has full access to the
host (runlabels must be used with care).
With the updated semantics, runlabel will substitute the commands with a
basepath equal to "docker" or "podman" with "/proc/self/exe", and
otherwise leave the command unchanged to execute any other command on
the host.
[1] https://github.com/containers/libpod/pull/1607#issuecomment-428321382
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
|
|\ \ \
| | | |
| | | | |
fix bug in rm -fa parallel deletes
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Add --max-workers and heuristics for parallel operations
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add a global flag for --max-workers so users can limit the number
of parallel operations for a given function. also, when not limited
by max-workers, we implement a heuristic function that returns the
number of preferred parallel workers based on the number of CPUs and
the given operation.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
run performance improvements
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
run prepare() -- which consists of creating a network namespace and
mounting the container image is now run in parallel. This saves 25-40ms.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Increase security and performance when looking up groups
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We implement the securejoin method to make sure the paths to /etc/passwd and
/etc/group are not symlinks to something naughty or outside the container
image. And then instead of actually chrooting, we use the runc functions to
get information about a user. The net result is increased security and
a a performance gain from 41ms to 100us.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
downgrade runc due a rootless bug
|
|/
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
|
|\
| |
| | |
Support auth file environment variable in podman build
|
| |
| |
| |
| | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \
| | |
| | | |
Eat our own dogfood
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Switch all tests to use podman installed on the system, or Docker if podman
does not exist.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Explain the device format in man pages
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
create: fix writing cidfile when using rootless
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
prevent opening the same file twice, since we re-exec podman in
rootless mode. While at it, also solve a possible race between the
check for the file and writing to it. Another process could have
created the file in the meanwhile and we would just end up overwriting
it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
vendor: update container/storage
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Add support for /usr/local installation
|
| | |
| | |
| | |
| | | |
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
|\ \ \
| | | |
| | | | |
read conmon output and convert to json in two steps
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when reading the output from conmon using the JSON methods, it appears that
JSON marshalling is higher in pprof than it really is because the pipe is
"waiting" for a response. this gives us a clearer look at the real CPU/time
consumers.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Cirrus: Use images w/ buildah fix
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Ref: https://github.com/containers/buildah/pull/1109
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Move selinux label reservations to containers storage.
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Add --all and --latest to checkpoint/restore
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This add the convenience options --all and --latest to the subcommands
checkpoint and restore.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This removes duplicate code paths which has been previously factored out
as getAllOrLatestContainers().
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Instead of duplicating the same code in multiple commands this uses the
newly added function checkAllAndLatest() instead.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Just as the checkAllAndLatest() function the new code in
getAllOrLatestContainers() is used in some commands and duplicated. This
factors out this code to be used in other places without duplicating it.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The check about the --all and --latest option is used and repeated and
some commands. Factor it out and put it into common.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Downgrade code to support python3.4
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* Added tox configuration to test python 3.4, 3.5 and 3.6.
Tox testing not enabled on every PR
* Updated MANIFEST.ini to support tox
* Correct comments
Fixes #1641
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|