aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Centralize setting default volume pathMatthew Heon2019-02-26
| | | | | | | | No reason to do it in util/ anymore. It's always going to be a subdirectory of c/storage graph root by default, so we can just set it after the return. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Ensure volume path is set appropriately by defaultMatthew Heon2019-02-26
| | | | | | | | There are some cases where we might not be properly adjusting the volume path after setting the storage graph root. Ensure that we always set volume path to be a child of graph root. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Move all storage configuration defaults into libpodMatthew Heon2019-02-26
| | | | | | | | | | | Instead of passing in defaults via WithStorageConfig after computing them in cmd/podman/libpodruntime, do all defaults in libpod itself. This can alleviate ordering issues which caused settings in the libpod config (most notably, volume path) to be ignored. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #2448 from giuseppe/volumes-skip-user-bindsOpenShift Merge Robot2019-02-26
|\ | | | | volume: do not create a volume if there is a bind
| * volume: do not create a volume if there is a bindGiuseppe Scrivano2019-02-26
| | | | | | | | | | | | | | | | | | | | | | if there is already a bind mount specified for the target, do not create a new volume. Regression introduced by 52df1fa7e054d577e8416d1d46db1741ad324d4a Closes: https://github.com/containers/libpod/issues/2441 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #2446 from mheon/add_image_volumeOpenShift Merge Robot2019-02-26
|\ \ | | | | | | Only remove image volumes when removing containers
| * | Only remove image volumes when removing containersMatthew Heon2019-02-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When removing volumes with rm --volumes we want to only remove volumes that were created with the container. Volumes created separately via 'podman volume create' should not be removed. Also ensure that --rm implies volumes will be removed. Fixes #2441 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #2443 from baude/playstartrecursiveOpenShift Merge Robot2019-02-26
|\ \ \ | | | | | | | | start pod containers recursively
| * | | start pod containers recursivelybaude2019-02-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when using the play kube command, we need to make sure that containers with dependancies are started in proper order. in this case, the infra container must be started first. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #2444 from adrianreber/logsOpenShift Merge Robot2019-02-26
|\ \ \ \ | |_|/ / |/| | | Fix podman logs -l
| * | | Fix podman logs -lAdrian Reber2019-02-26
|/ / / | | | | | | | | | | | | | | | | | | 'podman logs -l' was no longer working. This fixes it by replacing &waitCommand.Latest with &logsCommand.Latest. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | Merge pull request #2439 from vrothberg/vendor-imageOpenShift Merge Robot2019-02-26
|\ \ \ | | | | | | | | vendor containers/image v1.5
| * | | vendor containers/image v1.5Valentin Rothberg2019-02-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes are race condition in the blobinfocache when copying images leading to a panic(). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #2397 from mheon/volume_path_fixesOpenShift Merge Robot2019-02-26
|\ \ \ \ | |_|/ / |/| | | Volume path fixes
| * | | Record when volume path is explicitly set in configMatthew Heon2019-02-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This ensures we won't overwrite it when it's set in the config we load from disk. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Add debug information when overriding paths with the DBMatthew Heon2019-02-26
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Add path for named volumes to `podman info`Matthew Heon2019-02-26
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Add volume path to default libpod.conf (and manpage)Matthew Heon2019-02-26
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Validate VolumePath against DB configurationMatthew Heon2019-02-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If this doesn't match, we end up not being able to access named volumes mounted into containers, which is bad. Use the same validation that we use for other critical paths to ensure this one also matches. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | When location of c/storage root changes, set VolumePathMatthew Heon2019-02-26
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We want named volumes to be created in a subdirectory of the c/storage graph root, the same as the libpod root directory is now. As such, we need to adjust its location when the graph root changes location. Also, make a change to how we set the default. There's no need to explicitly set it every time we initialize via an option - that might conflict with WithStorageConfig setting it based on graph root changes. Instead, just initialize it in the default config like our other settings. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #2289 from 4383/improve-hackingDaniel J Walsh2019-02-26
|\ \ \ | |/ / |/| | [skip ci]Introduce how to start to hack on libpod.
| * | Introduce how to start to hack on libpod.Hervé Beraud2019-02-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce a new part inside the contribution guide who explain how to start to hack on libpod: - setup environment - install tools - using make - building podman - test your changes locally Signed-off-by: Hervé Beraud <hberaud@redhat.com>
* | | Merge pull request #2438 from vrothberg/scope-v2OpenShift Merge Robot2019-02-26
|\ \ \ | | | | | | | | [skip ci] readme/docs update
| * | | docs: cross-reference `podman-{generate,play}-kube`Valentin Rothberg2019-02-26
| | | | | | | | | | | | | | | | | | | | Addresses: https://github.com/containers/libpod/pull/2428#discussion_r260200694 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | README: refine "Out of scope" sectionValentin Rothberg2019-02-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Based on user feedback, refine the "Out of scope" section regarding `docker-compose`: * Explain why Podman uses Kubernetes YAML. * Explain how `podman-play-kube` and `podman-generate-kube` fit into the picture. Addresses: https://github.com/containers/libpod/pull/2428#discussion_r259996507 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #2382 from adrianreber/selinuxOpenShift Merge Robot2019-02-26
|\ \ \ \ | | | | | | | | | | Fix one (of two) SELinux denials during checkpointing
| * | | | Label CRIU log files correctlyAdrian Reber2019-02-26
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CRIU creates a log file during checkpointing in .../userdata/dump.log. The problem with this file is, is that CRIU injects a parasite code into the container processes and this parasite code also writes to the same log file. At this point a process from the inside of the container is trying to access the log file on the outside of the container and SELinux prohibits this. To enable writing to the log file from the injected parasite code, this commit creates an empty log file and labels the log file with c.MountLabel(). CRIU uses existing files when writing it logs so the log file label persists and now, with the correct label, SELinux no longer blocks access to the log file. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | Merge pull request #2437 from giuseppe/runtime-nice-errorOpenShift Merge Robot2019-02-26
|\ \ \ \ | |/ / / |/| | | oci: improve error message when the OCI runtime is not found
| * | | oci: improve error message when the OCI runtime is not foundGiuseppe Scrivano2019-02-26
|/ / / | | | | | | | | | | | | | | | | | | We were previously returning the not so nice error directly from conmon. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #2428 from vrothberg/docker-compose-out-of-scopeOpenShift Merge Robot2019-02-26
|\ \ \ | |_|/ |/| | README: update "out of scope" section
| * | README: update "out of scope" sectionValentin Rothberg2019-02-25
| | | | | | | | | | | | | | | | | | | | | Also mention that Podman does/will not support `docker-compose`. Fixes: https://github.com/containers/libpod/issues/746#issuecomment-467011211 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #2362 from mheon/add_locks_to_configOpenShift Merge Robot2019-02-26
|\ \ \ | | | | | | | | Add num_locks to the default libpod config
| * | | Add num_locks to the default libpod configMatthew Heon2019-02-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow adjusting number of locks in libpod.conf via an already available knob we previously didn't expose in the default config file. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #2436 from baude/remotepodpauseOpenShift Merge Robot2019-02-26
|\ \ \ \ | | | | | | | | | | podman-remote pod pause|unpause|restart
| * | | | podman-remote pod pause|unpause|restartbaude2019-02-25
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | enable the ability for the remote client to pause, unpause, and restart pods. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #2422 from baude/remotepodcreateOpenShift Merge Robot2019-02-25
|\ \ \ \ | | | | | | | | | | podman-remote create|ps
| * | | | podman-remote create|psbaude2019-02-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | enable the podman-remote client to be able to create and list pods on a remote system. Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #2358 from rhatdan/namespaceOpenShift Merge Robot2019-02-25
|\ \ \ \ \ | | | | | | | | | | | | Fix up handling of user defined network namespaces
| * | | | | Fix up handling of user defined network namespacesDaniel J Walsh2019-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If user specifies network namespace and the /etc/netns/XXX/resolv.conf exists, we should use this rather then /etc/resolv.conf Also fail cleaner if the user specifies an invalid Network Namespace. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #2432 from giuseppe/fix-read-only-bind-mountsOpenShift Merge Robot2019-02-25
|\ \ \ \ \ \ | | | | | | | | | | | | | | podman: fix ro bind mounts if no* opts are on the source
| * | | | | | podman: fix ro bind mounts if no* opts are on the sourceGiuseppe Scrivano2019-02-25
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a workaround for the runc issue: https://github.com/opencontainers/runc/issues/1247 If the source of a bind mount has any of nosuid, noexec or nodev, be sure to propagate them to the bind mount so that when runc tries to remount using MS_RDONLY, these options are also used. Closes: https://github.com/containers/libpod/issues/2312 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #2424 from vrothberg/update-buildah-descriptionOpenShift Merge Robot2019-02-25
|\ \ \ \ \ \ | | | | | | | | | | | | | | [skip-ci] README.md: rephrase Buildah description
| * | | | | | README.md: rephrase Buildah descriptionValentin Rothberg2019-02-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rephrase the description of Buildah to make some core attributes (e.g., rootless, Dockerfile-less build, etc.) more obvious. Addresses: [#1349 (comment)](https://github.com/containers/buildah/issues/1349#issuecomment-466096550) Cherry-pick-from: https://github.com/containers/buildah/pull/1362 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | | Merge pull request #2421 from rhatdan/rmiOpenShift Merge Robot2019-02-25
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Change exit code to 1 on podman rmi nosuch image
| * | | | | | Change exit code to 1 on podman rmi nosuch imageDaniel J Walsh2019-02-25
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make it easy for scripts to determine if an image removal failure. If only errors were no such image exit with 1 versus 125. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #2423 from rhatdan/rmOpenShift Merge Robot2019-02-25
|\ \ \ \ \ \ | | | | | | | | | | | | | | Change exit code to 1 on podman rm nosuch container
| * | | | | | Change exit code to 1 on podman rm nosuch containerDaniel J Walsh2019-02-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make it easy for scripts to determine if a container removal fails versus the container did not exist. If only errors were no such container exit with 1 versus 125. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #2417 from rhatdan/resolv.confOpenShift Merge Robot2019-02-25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | In shared networkNS /etc/resolv.conf&/etc/hosts should be shared
| * | | | | | | In shared networkNS /etc/resolv.conf&/etc/hosts should be sharedDaniel J Walsh2019-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We should just bind mount the original containers /etc/resolv.conf and /etchosts into the new container. Changes in the resolv.conf and hosts should be seen by all containers, This matches Docker behaviour. In order to make this work the labels on these files need to have a shared SELinux label. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | | Merge pull request #2429 from baude/maindupsOpenShift Merge Robot2019-02-25
|\ \ \ \ \ \ \ \ | |_|/ / / / / / |/| | | | | | | remove duplicate commands in main