| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Ensure we do not edit container config in Exec
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The existing code grabs the base container's process, and then
modifies it for use with the exec session. This could cause
errors in `podman inspect` or similar on the container, as the
definition of its OCI spec has been changed by the exec session.
The change never propagates to the DB, so it's limited to a
single process, but we should still avoid it when possible - so
deep-copy it before use.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \
| | |
| | | |
Allow image errors to bubble up from lower level functions.
|
| |/
| |
| |
| |
| |
| |
| |
| | |
Currently we ignore ErrMultipleImages being returned from findImageInRepoTags.
Fixes: https://github.com/containers/podman/issues/8868
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
libpod API: pull: fix channel race
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
Fix a race condition in the pull endpoint caused by buffered channels.
Using buffered channels can lead to the context's cancel function to be
executed prior to the items being read from the channel.
Fixes: #8870
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| |/
|/| |
systemd: make rundir always accessible
|
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
so that the PIDFile can be accessed also without being in the rootless
user namespace.
Closes: https://github.com/containers/podman/issues/8506
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
containers/dependabot/go_modules/github.com/google/uuid-1.1.3
Bump github.com/google/uuid from 1.1.2 to 1.1.3
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/google/uuid/releases)
- [Commits](https://github.com/google/uuid/compare/v1.1.2...v1.1.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Disable seccomp by default when creating a privileged container.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When running a privileged container and `SeccompProfilePath` is empty no seccomp profile should be applied.
(Previously this was the case only if `SeccompProfilePath` was set to a non-empty default path.)
Closes #8849
Signed-off-by: Max Goltzsche <max.goltzsche@gmail.com>
|
|\ \ \
| | | |
| | | | |
exec: honor --privileged
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
write the capabilities to the configuration passed to the OCI
runtime.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Compat api containers/json add support for filters
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
Fixes #8860
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \
| |_|/
|/| | |
Expose Height/Width fields to decoder
|
|/ /
| |
| |
| |
| |
| | |
Fixes #7102
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
The slirp4netns sandbox requires pivot_root
|
| | |
| | |
| | |
| | |
| | |
| | | |
Disable the sandbox, when running on rootfs
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
|\ \ \
| | | |
| | | | |
Add support for Gentoo file to package query
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
On Gentoo systems where `app-portage/gentoolkit` is installed the binary
`equery` is used to query for information on which package a file
belongs to.
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
|
|\ \ \
| | | |
| | | | |
Update nix pin with `make nixpkgs`
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
|
|\ \ \
| |/ /
|/| | |
Consolidate filter logic to pkg subdirectory
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Per the conversation on pull/8724 I am consolidating filter logic
and helper functions under the pkg/domain/filters dir.
Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
|
|\ \ \
| |/ /
|/| | |
readme: Remove broken link
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
The file `varlink_remote_client.md` has been removed in commit:
f62a356515e387b0bbcf1f08b4831d139c2039b7
Remove varlink support from Podman
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
|
|\ \
| | |
| | | |
sort api endpoints in documentation
|
| |/
| |
| |
| |
| |
| |
| |
| | |
users would like api endpoints to be sorted in documentation. this
should assist in this. i do not expect that thisd will be the entire
fix. it looks like ci is not building and pushing docs rn.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
Refactor kube.ToSpecGen parameters to struct
|
| |
| |
| |
| |
| |
| |
| | |
Create kube.CtrSpecGenOptions and document parameters.
Follow-up on https://github.com/containers/podman/pull/8792#discussion_r546673758
Signed-off-by: Benedikt Ziemons <ben@rs485.network>
|
|\ \
| |/
|/| |
re-open container log files
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
when following container log files, if the file gets rotated due to
something like size limit, re-open it and keep following.
Fixes: #8733
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Pass down EnableKeyring from containers.conf to conmon
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We have a new field in containers.conf that tells whether
or not we want to generate a new keyring in a container.
This field was being ignored. It now will be followed and
passed down to conmon.
Fixes: https://github.com/containers/podman/issues/8384
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Set NetNS mode instead of value
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when HostNetwork is true in the pod spec.
Also propagate whether host network namespace should be used for containers.
Add test for HostNetwork setting in kubeYaml.
The infra configuration should reflect the setting.
Signed-off-by: Benedikt Ziemons <ben@rs485.network>
|
|\ \ \
| | | |
| | | | |
add --cidfile to container kill
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add the ability to read container ids from one or more files for the
kill command.
Fixes: #8443
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Prefer read/write images over read/only images
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
With additional stores there is a risk that you could have
multiple images with the same name. IE An older image in a
read/only store versus a newer version in the read/write store.
This patch will ignore multiple images with the same name iff
one is read/write and all of the others are read/only.
Fixes: https://github.com/containers/podman/issues/8176
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Spelling
|
| | |/
| |/|
| | |
| | | |
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/containers/storage-1.24.4
Bump github.com/containers/storage from 1.24.3 to 1.24.4
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.24.3 to 1.24.4.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.24.3...v1.24.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix missing options in volume's display while setting uid and gid
|