| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Merge volume flags implementation
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When running inside Podman, we get an extra `nodev` mount option.
It doesn't seem to be a bug, more an artifact of running in a
somewhat locked-down container. So instead of checking explicitly
for a set of mount options, just verify the ones we set are
present.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| | |
This involves moving some code out of pkg/spec/ into util/ so it
can also be used by libpod.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This ensures that all tmpfs mounts added by the user, even with
the --mount flag, share a few common options (nosuid, noexec,
nodev), and options for tmpfs mounts are properly validated to
ensure they are correct.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| | |
Same result, but notably better error messages when things go
wrong.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| | |
As part of this, move bind mount option validity parsing and
modification (adding e.g. rbind on bind mounts that are missing
it), which requires test changes (expected values have changed).
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We were unconditionally resetting volume mount options for all
mount points (and by the looks of things, completely dropping
tmpfs mounts), which was causing runc to refuse to run containers
and all the tests to consequently fail.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Several changes made in the interface of pkg/spec make
interacting with it without a runtime difficult to impossible,
so move the existing limited testing from cmd/podman (which
mostly tested pkg/spec) into pkg/spec itself where we can call
individual functions that don't break things.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Unify handling for the --volume, --mount, --volumes-from, --tmpfs
and --init flags into a single file and set of functions. This
will greatly improve readability and maintainability.
Further, properly handle superceding and conflicting mounts. Our
current patchwork has serious issues when mounts conflict, or
when a mount from --volumes-from or an image volume should be
overwritten by a user volume or named volume.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Play kube was passing the pod, but CreateConfig was not. Unify it
so they both do, so we can remove some unnecessary duplicate
lookup code.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The goal here is to keep only the configuration directly used to
build the container in CreateConfig, and scrub temporary state
and helpers that we need to generate. We'll keep those internally
in MakeContainerConfig.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Right now, there are two major API calls necessary to turn a
filled-in CreateConfig into the options and OCI spec necessary to
make a libpod Container. I'm intending on refactoring both of
these extensively to unify a few things, so make a common
frontend to both that will prevent API changes from leaking out
of the package.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Small fixes for #2950
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We merged #2950 with some nits still remaining, as Giuseppe was
going on PTO. This addresses those small requested changes.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Generate Systemd
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
the podman generate systemd command will generate a systemd unit file
based on the attributes of an existing container and user inputs. the
command outputs the unit file to stdout for the user to copy or
redirect. it is enabled for the remote client as well.
users can set a restart policy as well as define a stop timeout
override for the container.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Update c/storage to v1.12.6
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| | | | |
| | | | | |
Add podman init command
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As part of this, rework the number of workers used by various
Podman tasks to match original behavior - need an explicit
fallthrough in the switch statement for that block to work as
expected.
Also, trivial change to Podman cleanup to work on initialized
containers - we need to reset to a different state after cleaning
up the OCI runtime.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Bump Buildah to v1.8.1, ImageBuilder to v1.1.0
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
As the title suggests.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
podman-remote port
|
| | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
add the port command to the remote client. this allows users to displa
port information about their host system from the remote client
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
add arch linux rootless hints to install.md
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- related to issue #3030
- including pointer to new section in README.md provided by #3038
Signed-off-by: Christian Bewernitz <coder@karfau.de>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
docs: Fix typo "healthcheck" pt2
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Replaces #2988. Want to get this is for v1.3.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
http-proxy: improve docs
|
| | |/ / /
| |/| | |
| | | | |
| | | | | |
Signed-off-by: James Cassell <code@james.cassell.me>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
cirrus lib.sh: refactor req_env_var()
|
| | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Existing code was not working due to a bash gotcha ('exit'
from a pipeline). It also had unnecessary duplication.
New version is safer; also includes unit tests run under localunit.
Existing invocations of req_env_var replaced via:
$ [ edit setup_environment.sh, move one closing quote to its own line ]
$ perl -ni -e 's/(?<=req_env_var )"(\S+)\s+\$\1"/$1/; if (/req_env_var "$/ .. /^\s*"/) { chomp; s/(?<=\S)\s.*//; if (/^\s*"/) { print "\n" } else { unless (/req_env_var/) { s/^\s+//; print " ";} print;} } else { print }' $(ack -l req_env_var)
$ [ hand-massage an incorrect instance of '@' in lib.sh:ircmsg() ]
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Remove two bits of dead code
|
|/ / / /
| | | |
| | | |
| | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
container: drop rootless check
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
we don't need to treat the rootless case differently now that we use a
single user namespace.
Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
|
|\ \ \
| |/ /
|/| | |
enable podman-remote on windows
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
build a podman-remote binary for windows that allows users to use the
remote client on windows and interact with podman on linux system.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Auto http proxy
|
|/ /
| |
| |
| | |
Signed-off-by: James Cassell <code@james.cassell.me>
|
|\ \
| | |
| | | |
Add details on rootless Podman to the readme
|
| |/
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Use 'sudo tee' in tutorial so install works as non-root
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Cirrus: Collect audit log on success and failure
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also rename `master_script` -> `failed_master_script` to clarify it's
"place in the line" when viewing (Cirrus WebUI)
Signed-off-by: Chris Evich <cevich@redhat.com>
|