summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Add ONBUILD support to --changeMatthew Heon2019-12-05
| | | | | | | | | | | Return types had to change a bit for this, but since we can wrap the old v1.ImageConfig, changes are overall not particularly bad. At present, I believe this only works with commit, not import. This matches how things were before we changed to the new parsing so I think this is fine. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Move Commit() to new parsing for --changeMatthew Heon2019-12-05
| | | | | | | | | | | | | | | | | | | | It turns out we had two independent parsing impkementations for Dockerfile instructions out of --change. My previous commit fixed the one used in --change, but as I discovered to my dismay, commit used a different implementation. Remove that and use the new parsing implementation instead. While we're at it, fix some bugs in the current commit code. The addition of anonymous named volumes to Libpod recently means we can now include those in the image config when committing. Some changes (VOLUME, ENV, EXPOSE, LABEL) previously cleared the config of the former image when used; Docker does not do this, so I removed that behavior. Still needs fixing: the new implementation does not support ONBUILD, while the old one did. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Completely rework --change parsingMatthew Heon2019-12-04
| | | | | | | | | | | | The way we were trying to parse was very broken. I originally attempted to use Buildah's Dockerfile parser here, but dealing with it (and convincing it to accept only a limited subset, and only one instruction at a time) was challenging, so I rewrote a subset of Dockerfile parsing. This should handle most common cases well, though there are definitely unhandled edge cases for ENV and LABEL. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #4640 from ssbarnea/fix/dnfOpenShift Merge Robot2019-12-04
|\ | | | | Improve dnf tests inside build_rpm.sh
| * Improve dnf tests inside build_rpm.shSorin Sbarnea2019-12-04
| | | | | | | | | | | | | | | | - Fix bug failing to detect dnf in various locations - Add missing sudo to yum/dnf calls - Fix bug where pkg_manager may endup with a multi-line value Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* | Merge pull request #4637 from giuseppe/check-for-renameat2-runtimeOpenShift Merge Robot2019-12-04
|\ \ | |/ |/| rootless: add fallback for renameat2 at runtime
| * rootless: add fallback for renameat2 at runtimeGiuseppe Scrivano2019-12-04
| | | | | | | | | | | | | | | | | | | | | | | | the renameat2 syscall might be defined in the C library but lacking support in the kernel. In such case, let it fallback to open(O_CREAT)+rename as it does on systems lacking the definition for renameat2. Closes: https://github.com/containers/libpod/issues/4570 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #4635 from ssbarnea/fix/go-md2manOpenShift Merge Robot2019-12-03
|\ \ | | | | | | Attempt to install go-md2man only if missing
| * | Attempt to install go-md2man only if missingSorin Sbarnea2019-12-03
|/ / | | | | | | | | Fixes: #4632 Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* | Merge pull request #4630 from TomSweeneyRedHat/dev/tsweeney/rootlesstouchupOpenShift Merge Robot2019-12-03
|\ \ | |/ |/| Quick grammar touchup in rootless.md
| * Quick grammar touchup in rootless.mdTomSweeneyRedHat2019-12-03
| | | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Merge pull request #4629 from mheon/fix_indirect_netnsctr_lookupOpenShift Merge Robot2019-12-03
|\ \ | | | | | | Allow chained network namespace containers
| * | Allow chained network namespace containersMatthew Heon2019-12-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The code currently assumes that the container we delegate network namespace to will never further delegate to another container, so when looking up things like /etc/hosts and /etc/resolv.conf we won't pull the correct files from the chained dependency. The changes to resolve this are relatively simple - just need to keep looking until we find a container without NetNsCtr set. Fixes #4626 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #4614 from bfallik/patch-1OpenShift Merge Robot2019-12-03
|\ \ \ | |_|/ |/| | troubleshooting: warn about secure boot
| * | troubleshooting: warn about secure bootBrian Fallik2019-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an additional troubleshooting item to warn users that Secure Boot can prevent Podman from running containers. The error messages and initial debugging steps don't make it clear that this all stems from a BIOS setting. Hopefully adding this item to the troubleshooting doc will avoid future headaches. Signed-off-by: Brian Fallik <brian@clypd.com>
* | | Merge pull request #4599 from raukadah/rpmbuild_withoutOpenShift Merge Robot2019-12-03
|\ \ \ | | | | | | | | Updates on making doc building optional
| * | | Updates on making doc building and debug optionalChandan Kumar (raukadah)2019-12-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It changes the podman spec from using with_doc to bcond_without for building docs so that anyone can pass --without doc as well as other rpmbuild args to the build_rpm.sh script to skip building docs. Since go-md2man is not available in CentOS8 repo. without the help fo extra_args, it makes it conditional. It also moves the manpages to a seperate package. Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
* | | | Merge pull request #4615 from ssbarnea/fix/prepareOpenShift Merge Robot2019-12-03
|\ \ \ \ | | | | | | | | | | build: improved prepare.sh
| * | | | build: improved prepare.shSorin Sbarnea2019-12-02
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | * assure we use bash strict mode * avoid shallow errors on full clones * make script bit more idempotent Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* | | | Merge pull request #4622 from rhatdan/rootlessOpenShift Merge Robot2019-12-03
|\ \ \ \ | | | | | | | | | | Add comment on rootless containers creating device nodes
| * | | | Add comment on rootless containers creating device nodesDaniel J Walsh2019-12-03
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #4623 from rhatdan/errorsOpenShift Merge Robot2019-12-03
|\ \ \ \ \ | | | | | | | | | | | | Ignore ErrCtrRemoved when removing a container
| * | | | | Ignore ErrCtrRemoved when removing a containerDaniel J Walsh2019-12-03
| | |_|_|/ | |/| | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #4624 from mheon/refresh_volume_locksOpenShift Merge Robot2019-12-02
|\ \ \ \ \ | | | | | | | | | | | | Ensure volumes reacquire locks on state refresh
| * | | | | Ensure volumes reacquire locks on state refreshMatthew Heon2019-12-02
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After a restart, pods and containers both run a refresh() function to prepare to run after a reboot. Until now, volumes have not had a similar function, because they had no per-boot setup to perform. Unfortunately, this was not noticed when in-memory locking was introduced to volumes. The refresh() routine is, among other things, responsible for ensuring that locks are reserved after a reboot, ensuring they cannot be taken by a freshly-created container, pod, or volume. If this reservation is not done, we can end up with two objects using the same lock, potentially needing to lock each other for some operations - classic recipe for deadlocks. Add a refresh() function to volumes to perform lock reservation and ensure it is called as part of overall refresh(). Fixes #4605 Fixes #4621 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #4584 from nitrocode/patch-2OpenShift Merge Robot2019-12-02
|\ \ \ \ \ | | | | | | | | | | | | install.md: added slirp4netns dependency to ubuntu
| * | | | | install.md: added slirp4netns dependency to ubuntunitro2019-12-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/containers/libpod/issues/1234 Signed-off-by: nitrocode <nitrocode@users.noreply.github.com>
* | | | | | Merge pull request #4616 from ssbarnea/fix/makefileOpenShift Merge Robot2019-12-02
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | build: improved main makefile
| * | | | | build: improved main makefileSorin Sbarnea2019-12-02
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * added .install.md2man as dependency for docs, fixed broken build on systems that do not have go-md2man preinstalled. * sorted PHONY targets Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* | | | | Merge pull request #4596 from kunalkushwaha/container-pruneOpenShift Merge Robot2019-12-02
|\ \ \ \ \ | |_|_|/ / |/| | | | container prune command fixed as per docker prune command
| * | | | man page updated with examples of filter optionKunal Kushwaha2019-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | examples with filter added Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
| * | | | filter added to container prune commandKunal Kushwaha2019-11-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | filter flag helps to filter the containers based on labels, until(time), name, etc for prune command. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
| * | | | command output fixed as per docker equivalentKunal Kushwaha2019-11-28
| | |/ / | |/| | | | | | | | | | | | | | | | | | container prune command ask for confirmation by default. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | | | Merge pull request #4617 from giuseppe/fix-error-caseOpenShift Merge Robot2019-12-02
|\ \ \ \ | | | | | | | | | | libpod: fix case for executable file not found errors
| * | | | libpod: fix case for executable file not found errorsGiuseppe Scrivano2019-12-02
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | do not change the runtime error to be lowercase, but use a case insensitive regex matching. In this way the original error from the OCI runtime is reported back. regression introduced by bc485bce47f55135d6ead80537bc145edb779ae9 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #4608 from rhatdan/vendorOpenShift Merge Robot2019-12-02
|\ \ \ \ | |/ / / |/| | | Fix podman-remote version to print client and server
| * | | Fix podman-remote version to print client and serverDaniel J Walsh2019-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the user specifies .Server.* on a non podman-remote, substitute .Client for .Server and return the value. This is for compatability with Docker. Since prior versions documented --format {{ .Version }}, we have to continue to support that. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #4493 from mheon/add_removing_stateOpenShift Merge Robot2019-12-02
|\ \ \ \ | |/ / / |/| | | Add ContainerStateRemoving
| * | | Error on netns not exist only when ctr is runningMatthew Heon2019-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the container is running and we need to get its netns and can't, that is a serious bug deserving of errors. If it's not running, that's not really a big deal. Log an error and continue. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | Add ContainerStateRemovingMatthew Heon2019-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When Libpod removes a container, there is the possibility that removal will not fully succeed. The most notable problems are storage issues, where the container cannot be removed from c/storage. When this occurs, we were faced with a choice. We can keep the container in the state, appearing in `podman ps` and available for other API operations, but likely unable to do any of them as it's been partially removed. Or we can remove it very early and clean up after it's already gone. We have, until now, used the second approach. The problem that arises is intermittent problems removing storage. We end up removing a container, failing to remove its storage, and ending up with a container permanently stuck in c/storage that we can't remove with the normal Podman CLI, can't use the name of, and generally can't interact with. A notable cause is when Podman is hit by a SIGKILL midway through removal, which can consistently cause `podman rm` to fail to remove storage. We now add a new state for containers that are in the process of being removed, ContainerStateRemoving. We set this at the beginning of the removal process. It notifies Podman that the container cannot be used anymore, but preserves it in the DB until it is fully removed. This will allow Remove to be run on these containers again, which should successfully remove storage if it fails. Fixes #3906 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | Merge pull request #4558 from rhatdan/resetOpenShift Merge Robot2019-11-29
|\ \ \ \ | | | | | | | | | | Add podman system reset command
| * | | | Add podman system reset commandDaniel J Walsh2019-11-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This command will destroy all data created via podman. It will remove containers, images, volumes, pods. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | | fix commands.go to get links from correct directoryDaniel J Walsh2019-11-29
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #4597 from openSUSE/nostoreOpenShift Merge Robot2019-11-29
|\ \ \ \ \ | |_|_|_|/ |/| | | | Do not initialize store on rootless podman
| * | | | Do not initialize store on rootless podmanSascha Grunert2019-11-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a double-locking issue of the container storage when running rootless podman. Closes #4591 Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | | Merge pull request #4576 from giuseppe/oci-errors-only-matchOpenShift Merge Robot2019-11-29
|\ \ \ \ \ | | | | | | | | | | | | oci: print only matching part for the errors
| * | | | | oci: print only matching part for the errorsGiuseppe Scrivano2019-11-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when parsing the OCI error, be sure to discard any other output that is not matched. The full output is still printed with --log-level=debug. Closes: https://github.com/containers/libpod/issues/4574 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #4587 from raukadah/btrfsOpenShift Merge Robot2019-11-29
|\ \ \ \ \ \ | | | | | | | | | | | | | | Disable btrfs for RHEL in podman spec
| * | | | | | Donot install btrfs in RHEL/CentOS-8Chandan Kumar (raukadah)2019-11-28
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since btrfs-progs-devel is not available in RHEL/CentOS 8 and the spec fails to build it while running build_rpm.sh, making it optional fixes the issue. It also modifies the spec file to install btrfs-progs-devel for fedora only. Since golang-github-cpuguy83-go-md2man was added twice, it also removes the repetition. Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
* | | | | | Merge pull request #4589 from ssbarnea/fix/build2OpenShift Merge Robot2019-11-29
|\ \ \ \ \ \ | | | | | | | | | | | | | | Detect Python executable in Makefile