summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* fix copy change file owner if cp from containerQi Wang2019-08-08
| | | | | | If copies file from container to local machine, change the file owner to the cp command caller. Signed-off-by: Qi Wang <qiwan@redhat.com>
* Merge pull request #3750 from baude/portreportingOpenShift Merge Robot2019-08-08
|\ | | | | fix port early return
| * fix port early returnbaude2019-08-07
| | | | | | | | | | | | | | | | | | when listing multiple ports on a container with podman port, an early return was limiting results. Fixes: #3747 Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #3739 from TomSweeneyRedHat/dev/tsweeney/badauthnote2OpenShift Merge Robot2019-08-08
|\ \ | | | | | | Add invalid credentials fix to docs
| * | Add invalid credentials fix to docsTomSweeneyRedHat2019-08-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an entry to the troubleshooting guide detailing how to get around the problem of invalid credentials when pulling an image that shouldn't require credentials. Fixes: #1963 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | Merge pull request #3744 from mheon/fix_commandOpenShift Merge Robot2019-08-08
|\ \ \ | | | | | | | | When populating CMD, do not include Entrypoint
| * | | Add a test for verifying ENTRYPOINT and CMDMatthew Heon2019-08-07
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | When populating CMD, do not include EntrypointMatthew Heon2019-08-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, we use CreateConfig's Command to populate container Command (which is used as CMD for Inspect and Commit). Unfortunately, CreateConfig's Command is the container's full command, including a prepend of Entrypoint - so we duplicate Entrypoint for images that include it. Maintain a separate UserCommand in CreateConfig that does not include the entrypoint, and use that instead. Fixes #3708 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3738 from mheon/mount_opts_boolsOpenShift Merge Robot2019-08-08
|\ \ \ \ | | | | | | | | | | Allow --ro=[true|false] with mount flag
| * | | | Allow --ro=[true|false] with mount flagMatthew Heon2019-08-07
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The 'podman run --mount' flag previously allowed the 'ro' option to be specified, but was missing the ability to set it to a bool (as is allowed by docker). Add that. While we're at it, allow setting 'rw' explicitly as well. Fixes #2980 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3757 from lsm5/makeinstallOpenShift Merge Robot2019-08-08
|\ \ \ \ | | | | | | | | | | add make to make installs
| * | | | add make to make installsbaude2019-08-07
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | as issue #2702 describes, we want to make podman and podman-remote as part of make install. Fixes: #2702 Signed-off-by: baude <bbaude@redhat.com> avoid `make` in `make install` in the rpmbuild process. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | | Merge pull request #3745 from baude/eventsjournaldremovematchOpenShift Merge Robot2019-08-08
|\ \ \ \ | | | | | | | | | | systemd library conflict with seektail and addmatch
| * | | | systemd library conflict with seektail and addmatchbaude2019-08-06
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it looks like the core-os systemd library has some issue when using seektail and add match. this patch works around that shortcoming for the time being. Fixes: #3616 Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3741 from haircommander/uts-fixOpenShift Merge Robot2019-08-07
|\ \ \ \ | |_|/ / |/| | | Properly share UTS namespaces in a pod
| * | | namespaces: fix Container() callPeter Hunt2019-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If we call Container(), we expect the namespace to be prefixed with "container:". Add this check, and refactor to use named const strings instead of string literals Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * | | refer to container whose namespace we sharePeter Hunt2019-08-07
| | | | | | | | | | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * | | add test to verify hostname is shared in a podPeter Hunt2019-08-07
| | | | | | | | | | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * | | Properly share UTS namespaces in a podPeter Hunt2019-08-07
|/ / / | | | | | | | | | | | | | | | Sharing a UTS namespace means sharing the hostname. Fix situations where a container in a pod didn't properly share the hostname of the pod. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | Merge pull request #3731 from giuseppe/fix-systemd-in-a-containerOpenShift Merge Robot2019-08-07
|\ \ \ | |_|/ |/| | cgroup: fix regression when running systemd
| * | cgroup: fix regression when running systemdGiuseppe Scrivano2019-08-06
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit 223fe64dc0a592fd44e0c9fde9f9e0ca087d566f introduced the regression. When running on cgroups v1, bind mount only /sys/fs/cgroup/systemd as rw, as the code did earlier. Also, simplify the rootless code as it doesn't require any special handling when using --systemd. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1737554 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #3733 from edsantiago/batsOpenShift Merge Robot2019-08-06
|\ \ | |/ |/| pod top test: reenable
| * pod top test: reenableEd Santiago2019-08-06
|/ | | | | | | It looks like #2780 is fixed: an overnight run yielded no instances of 'pod top' returning incomplete output. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #3736 from baude/revertOpenShift Merge Robot2019-08-06
|\ | | | | Revert "rootless: Rearrange setup of rootless containers"
| * Revert "rootless: Rearrange setup of rootless containers"baude2019-08-06
| | | | | | | | | | | | This reverts commit 80dcd4bebcdc8e280f6b43228561d09c194c328b. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #3466 from TomSweeneyRedHat/dev/tsweeney/myhomeOpenShift Merge Robot2019-08-06
|\ \ | |/ |/| Touch up XDG, add rootless links
| * Touch up XDG, add rootless linksTomSweeneyRedHat2019-07-29
| | | | | | | | | | | | | | | | | | | | | | Touch up a number of formating issues for XDG_RUNTIME_DIRS in a number of man pages. Make use of the XDG_CONFIG_HOME environment variable in a rootless environment if available, or set it if not. Also added a number of links to the Rootless Podman config page and added the location of the auth.json files to that doc. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Merge pull request #3716 from baude/varlinkfixes2OpenShift Merge Robot2019-08-05
|\ \ | | | | | | various fixes for varlink endpoints
| * | various fixes for varlink endpointsbaude2019-08-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when using build, require a "more" connection to get logs. when pulling a non-existent image, do not crash varlink connection. Fixes: #3714 Fixes: #3715 Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #3698 from adrianreber/StartedTimeOpenShift Merge Robot2019-08-05
|\ \ \ | | | | | | | | restore: correctly set StartedTime
| * | | restore: correctly set StartedTimeAdrian Reber2019-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A container restored from an exported checkpoint did not have its StartedTime set. Which resulted in a status like 'Up 292 years ago' after the restore. This just sets the StartedTime to time.Now() if a container is restored from an exported checkpoint. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | Merge pull request #3718 from QiWang19/df_imgindexOpenShift Merge Robot2019-08-05
|\ \ \ \ | | | | | | | | | | fix system df crashes on unnamed images
| * | | | fix system df crashes on unnamed imagesQi Wang2019-08-04
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if the image is unnamed, pass an nil slice to the parse repotags function instead of getting the image name by index. after this patch, unnamed images will be shown as <none> ``` Images space usage: REPOSITORY TAG IMAGE ID CREATED SIZE SHARED SIZE UNIQUE SIZE CONTAINERS docker.io/library/ubuntu bionic 3556258649b2 11 days ago 66.6MB 0B 66.6MB 0 <none> <none> dd8a8db2c79b 11 days ago 986MB 66.6MB 919MB 0 ``` Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #3701 from vrothberg/fix-3696OpenShift Merge Robot2019-08-05
|\ \ \ \ | | | | | | | | | | container stop: kill conmon
| * | | | container stop: kill conmonValentin Rothberg2019-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Old versions of conmon have a bug where they create the exit file before closing open file descriptors causing a race condition when restarting containers with open ports since we cannot bind the ports as they're not yet closed by conmon. Killing the old conmon PID is ~okay since it forces the FDs of old conmons to be closed, while it's a NOP for newer versions which should have exited already. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #3690 from adrianreber/ignore-static-ipOpenShift Merge Robot2019-08-05
|\ \ \ \ \ | | | | | | | | | | | | restore: added --ignore-static-ip option
| * | | | | restore: added --ignore-static-ip optionAdrian Reber2019-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a container is restored multiple times from an exported checkpoint with the help of '--import --name', the restore will fail if during 'podman run' a static container IP was set with '--ip'. The user can tell the restore process to ignore the static IP with '--ignore-static-ip'. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | | Merge pull request #3171 from QiWang19/events_jsonOpenShift Merge Robot2019-08-05
|\ \ \ \ \ \ | | | | | | | | | | | | | | podman events format json
| * | | | | | podman events format jsonQi Wang2019-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enable podman events to format the output as jsonline Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | | | Merge pull request #3691 from baude/infoeventloggerOpenShift Merge Robot2019-08-05
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | add eventlogger to info
| * | | | | | | add eventlogger to infobaude2019-08-02
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to help with future debugging, we now display the type of event logger being used inside podman info -> host. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | | Merge pull request #3310 from gabibeyer/rootlessKataOpenShift Merge Robot2019-08-05
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | rootless: Rearrange setup of rootless containers ***CIRRUS: TEST IMAGES***
| * | | | | | | rootless: Rearrange setup of rootless containersGabi Beyer2019-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order to run Podman with VM-based runtimes unprivileged, the network must be set up prior to the container creation. Therefore this commit modifies Podman to run rootless containers by: 1. create a network namespace 2. pass the netns persistent mount path to the slirp4netns to create the tap inferface 3. pass the netns path to the OCI spec, so the runtime can enter the netns Closes #2897 Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
| * | | | | | | Add comment to describe postConfigureNetNSGabi Beyer2019-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Provide information stating what the postConfigureNetNS option is used for. Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
* | | | | | | | Merge pull request #3673 from TomSweeneyRedHat/dev/tsweeney/trubs2OpenShift Merge Robot2019-08-05
|\ \ \ \ \ \ \ \ | |_|_|_|/ / / / |/| | | | | | | Add rootless NFS and OverlayFS warnings to docs
| * | | | | | | Add rootless NFS and OverlayFS warnings to docsTomSweeneyRedHat2019-08-02
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add warnings/work arounds about NFS and OverlayFS to the troubleshooting guide and also the main podman page. Verified that these warnings are on the rootless page already. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | | | Merge pull request #3720 from baude/honorconfiginuserOpenShift Merge Robot2019-08-05
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | honor libpod.conf in /usr/share/containers
| * | | | | | | honor libpod.conf in /usr/share/containersbaude2019-08-04
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we should be looking for the libpod.conf file in /usr/share/containers and not in /usr/local. packages of podman should drop the default libpod.conf in /usr/share. the override remains /etc/containers/ as well. Fixes: #3702 Signed-off-by: baude <bbaude@redhat.com>
* | | | | | | Merge pull request #3717 from rhatdan/errorsOpenShift Merge Robot2019-08-04
|\ \ \ \ \ \ \ | |_|_|_|/ / / |/| | | | | | Don't log errors to the screen when XDG_RUNTIME_DIR is not set
| * | | | | | Don't log errors to the screen when XDG_RUNTIME_DIR is not setDaniel J Walsh2019-08-04
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Drop errors to debug when trying to setup the runtimetmpdir. If the tool can not setup a runtime dir, it will error out with a correct message no need to put errors on the screen, when the tool actually succeeds. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>