| Commit message (Collapse) | Author | Age |
|\
| |
| | |
make remote resize channel buffered
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
when doing any sort of attach to a container, a sigwinch is sent
followed by a resize event. this is fine for the local client but when
doing things over the varlink, the first sigwinch is wiped out by the
immediate resize event and is therefore lost. by making the channel
buffered, both events are processed after the varlink connection is
established.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
When superceding mounts, check for opposite types
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When we supercede low-priority mounts and volumes (image volumes,
and volumes sourced from --volumes-from) with higher-priority
ones (the --volume and --mount flags), we always replaced
lower-priority mounts of the same type (e.g. a user mount to
/tmp/test1 would supercede a volumes-from mount to the same
destination). However, we did not supercede the opposite type - a
named volume from image volumes at /tmp/test1 would be allowed to
remain and create a conflict, preventing container creation.
Solve this by destroying opposite types before merging (we can't
do it in the same loop, as then named volumes, which go second,
might trample changes made by mounts).
Fixes #3174
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
libpod: prefer WaitForFile to polling
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
replace two usage of kwait.ExponentialBackoff in favor of WaitForFile
that uses inotify when possible.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
rootless: use a pause process to keep namespaces alive
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
add a shortcut for joining immediately the namespace so we don't need
to re-exec Podman.
With the pause process simplificaton, we can now attempt to join the
namespaces as soon as Podman starts (and before the Go runtime kicks
in), so that we don't need to re-exec and use just one process.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
use a pause process to keep the user and mount namespace alive.
The pause process is created immediately on reload, and all successive
Podman processes will refer to it for joining the user&mount
namespace.
This solves all the race conditions we had on joining the correct
namespaces using the conmon processes.
As a fallback if the join fails for any reason (e.g. the pause process
was killed), then we try to join the running containers as we were
doing before.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
this leaves the containers stopped but we won't risk to use the wrong
user namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Cirrus: Support testing of VM cache-image changes
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Occasionally, and seemingly only on F29 the root disk fails to expand
upon boot. When this happens, any number of failures could occur if
space runs out. Until there is time to investigate the actual cause,
workaround this problem by detecting it and acting accordingly.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
New base-image boots, a cache-image builds, but more work is needed for
it to be prime-time ready. This commit just adds some updates to the
scafolding necessary to build the base-image. Future work will make F30
more of a reality.
Also add log-collection scripts to test image verification task
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also remove disused distros (RHEL/CentOS/FAH) and fix get_ci_vm script
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also, add jq and catatonit installs to images.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously, it was quite difficult to affect changes to VM cache images
without lots of manual work. This commit adds a new optional testing
task which mirrors the official-image build task which only runs on
master. In contrast, the new task may be run at any time in a PR, but
including a magic phrase in the PR description.
Update documentation to describe the new task and inform on it's usage.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Hack was to workaround not having fix for:
https://bodhi.fedoraproject.org/updates/FEDORA-2019-b4356521ba
Update `RUNC_COMMIT` value to match commit id to working package.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Update vendor of buildah and containers/images
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Mainly add support for podman build using --overlay mounts.
Updates containers/image also adds better support for new registries.conf
file.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Minor fix filtering images by label
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Added test to avoid future regressions
Fix #3163
Signed-off-by: Divyansh Kamboj <kambojdivyansh2000@gmail.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
rootless: force resources to be nil on cgroup v1
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
force the resources block to be empty instead of having default
values.
Regression introduced by 8e88461511e81d2327e4c1a1315bb58fda1827ca
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Touchup run man page
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Moves --help and combines the duplicate sections of help
for uts and userns.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Remove conmon from fedora install instructions
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
conmon package is no longer available, remove from
install.md.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
util: fix race condition in WaitForFile
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
let the writer of the channel close it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
enable polling also when using inotify. It is generally useful to
have it as under high load inotify can lose notifications. It also
solves a race condition where the file is created while the watcher
is configured and it'd wait until the timeout and fail.
Closes: https://github.com/containers/libpod/issues/2942
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
install.remote should be separate for install.bin
|
| | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
For people who want to install podman remote or podman
only we need to separate out the two install commands.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add Jhon Honce (@jwhonce on github) to OWNERS
|
| | |/ / /
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add connection information to podman-remote info
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Refactor client code to break out building connection string from
making the connection.
Example:
client:
Connection: unix:/run/podman/io.podman
Connection Type: DirectConnection
.
:
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \ \
| |_|_|_|_|/
|/| | | | | |
Don't set apparmor if --priviliged
|
| | |/ / /
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Fixup conmon documentation
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Output name of process on runlabel command
|
| |/ / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Nathaniel Kofalt <nathaniel@kofalt.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
docs/libpod.conf.5: Add "have" to "higher precedence" typo
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
I'd left this out in a4b483c848 (libpod/container_internal: Deprecate
implicit hook directories, 2018-12-02, #1920).
Signed-off-by: W. Trevor King <wking@tremily.us>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Minor fix splitting env vars in podman-commit
|