| Commit message (Collapse) | Author | Age |
|\
| |
| | |
--size does not work with rootless at present
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We'd need to join multiple container's user namespaces, which is
not possible for now. The rootless single userns patches under
development by Giuseppe will fix this, but won't land in 1.2.x.
For now, disable --size as rootless.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Fix a potential segfault in podman search
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When generating headers for search, we unconditionally
access element 0 of an array, and I saw this segfault in our CI.
There's no reason we have to do this, we're just going through it
to get field names with reflect, so just make a new copy of the
struct in question.
Also, move this code, which is only for CLI display, into
cmd/podman from libpod/image.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| |/ /
|/| | |
add remote-client diff
|
| |/
| |
| |
| |
| |
| |
| | |
the remote client now can run the diff command to report changes,
modifications, and deletions in an image or container.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Cirrus: Update F28 -> F29 container image
|
| |/
| |
| |
| | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \
| |/
|/| |
Improve podman pod rm -a test
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running as a user, the order of removal is database ID dependent.
This results in this test randomly failing. This condition was
very difficult to debug and the test was missing two critical checks.
One to confirm an expected error message was produced, and another
to verify the expected running container, remains running.
Fix the container and missing error-message checks, and vastly improve
the debug-ability of this test. Fixing the random-failures requires
intensive fixes in other areas, so that task will be left up to future
work.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\
| |
| | |
Cirrus: Support special-case modes of testing
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously libpod CI was fairly straight-forward, run unit and
integration tests in a standard set of 3 VMs. Off on the side was a
single special case of running tests as an ordinary user. There is a
desire to stop using the PAPR system to support testing inside of a
container.
Since having two special cases potentially invites more
down the road, make provisions to handle them more gracefully. This
commit introduces an environment variable: ``$SPECIALMODE``. It's
value has the following meanings within the CI scripts:
Mode 'none': Nothing special, business as usual (default)
Mode 'rootless': Rootless testing
Mode 'in_podman': Build container, run integration tests in it.
This will make adding additional special-cases later easier, as well as
extending the special cases in a Matrix across multiple OS's.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\
| |
| | |
Update README with current version
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
docs/podman-inspect.1.md: add missing option hyphen for "-t"
|
| | |
| | |
| | |
| | | |
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
|
|\ \ \
| |_|/
|/| | |
docs/podman*.md: fix numerous option typos and spacing errors
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cursory examination of man pages shows a number of typos:
- missing hyphens
- missing blank line
- longer option should precede shorter option
This is not an extensive fix, there's still a lot that could
be cleaned up.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
|
|\ \
| | |
| | | |
Bump to v1.2.0
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| |_|/
|/| | |
docs/podman-rm.1.md: delete "Not yet implemented" msg for volume removal
|
|/ /
| |
| |
| |
| |
| | |
Since this feature appears to be implemented, remove the qualifier.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
|
|\ \
| |/
|/| |
Capitalize global options help information
|
|/
|
|
|
|
|
| |
--trace, --help and --version were not capatilized like the rest of the
global options. This patch fixes this problem.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Update release notes for v1.2.0
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Remove wait event
|
| |/
| |
| |
| |
| |
| |
| | |
It's not necessary to log an event for a read-only operation like
wait.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Vendor Buildah 1.7.2
|
| |/
| |
| |
| | |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \
| |/
|/| |
Add locking to ensure events file is concurrency-safe
|
|/
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\
| |
| | |
Add watch mode to podman ps
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
allows users to "watch" the output of podman ps on a set interval in
seconds. in watch mode, the screen is cleared between intervals as well.
podman -ps -w1 watches on 1 second intervals
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Set blob cache directory based on GraphDriver
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remove references to image2 in source code. Makes the code
slightly more readable.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently in rootless containers, we end up not using the blob cache.
We also don't store the blob cache based on the users specified graph
storage. This change will cause the cache directory to be stored with
the rest of the containe images.
While doing this patch, I found that we had duplicated GetSystemContext in
two places in libpod. I cleaned this up.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
rootless: set sticky bit on rundir
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
use a sync.Once to potentially avoid multiple system calls everytime
the function is called.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
it prevents the directory to be auto pruned, according to the XDG
specifications.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
it can be any OCI runtime.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
userns: do not use an intermediate mount namespace
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We have an issue in the current implementation where the cleanup
process is not able to umount the storage as it is running in a
separate namespace.
Simplify the implementation for user namespaces by not using an
intermediate mount namespace. For doing it, we need to relax the
permissions on the parent directories and allow browsing
them. Containers that are running without a user namespace, will still
maintain mode 0700 on their directory.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Alter container/pod/volume name regexp to match Docker
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Docker's upstream name validation regex has two major differences
from ours that we pick up in this PR.
The first requires that the first character of a name is a letter
or number, not a special character.
The second allows periods in names.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| | | | |
| | | | | |
Default to SELinux private label for play kube mounts
|