summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #6991 from mheon/change_passwd_ondiskOpenShift Merge Robot2020-07-29
|\ | | | | Make changes to /etc/passwd on disk for non-read only
| * Make changes to /etc/passwd on disk for non-read onlyMatthew Heon2020-07-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bind-mounting /etc/passwd into the container is problematic becuase of how system utilities like `useradd` work. They want to make a copy and then rename to try to prevent breakage; this is, unfortunately, impossible when the file they want to rename is a bind mount. The current behavior is fine for read-only containers, though, because we expect useradd to fail in those cases. Instead of bind-mounting, we can edit /etc/passwd in the container's rootfs. This is kind of gross, because the change will show up in `podman diff` and similar tools, and will be included in images made by `podman commit`. However, it's a lot better than breaking important system tools. Fixes #6953 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #7142 from edsantiago/logformat_fix_gitcommitOpenShift Merge Robot2020-07-29
|\ \ | | | | | | logformatter: more libpod-podman fallout
| * | logformatter: more libpod-podman falloutEd Santiago2020-07-29
|/ / | | | | | | | | | | | | | | | | | | | | Problem: formatted logs no longer have live links to sources in error-report lines. Cause: script was searching for '/libpod'. Solution: make it more flexible. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #7131 from rhafer/image_search_descrOpenShift Merge Robot2020-07-29
|\ \ | | | | | | Fix `podman image search` missing description
| * | Fix `podman image search` missing descriptionRalf Haferkamp2020-07-29
| | | | | | | | | | | | | | | | | | | | | `podman image search` returned wrong results for the image "Description" as it was mapped to the wrong field ("ID") in the search results. Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
* | | Merge pull request #7121 from rhatdan/buildOpenShift Merge Robot2020-07-29
|\ \ \ | |/ / |/| | Fix building from http or '-' options
| * | Fix building from http or '-' optionsDaniel J Walsh2020-07-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When copying from a URL, podman will download and create a context directory in a temporary file. The problem was that this directory was being removed as soon as the function that created it was returned. Later the build code would look for content in the temporary directory and fail to find it, blowing up the build. By pulling the extraction code back into the build function, we keep the temporary directory around until the build completes. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6851 from rhatdan/mountOpenShift Merge Robot2020-07-29
|\ \ \ | | | | | | | | Add podman image mount
| * | | Add podman image mountDaniel J Walsh2020-07-28
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are many use cases where you want to just mount an image without creating a container on it. For example you might want to just examine the content in an image after you pull it for security analysys. Or you might want to just use the executables on the image without running it in a container. The image is mounted readonly since we do not want people changing images. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #7109 from rhatdan/ipcOpenShift Merge Robot2020-07-28
|\ \ \ | | | | | | | | Specifying --ipc=host --pid=host is broken
| * | | Specifying --ipc=host --pid=host is brokenDaniel J Walsh2020-07-28
| |/ / | | | | | | | | | | | | | | | | | | | | | For some reason we were overwriting memory when handling both --pid=host and --ipc=host. Simplified the code to handle this correctly, and add test to make sure it does not happen again. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #7110 from edsantiago/batsOpenShift Merge Robot2020-07-28
|\ \ \ | |/ / |/| | System tests: add environment, volume tests
| * | System tests: add environment, volume testsEd Santiago2020-07-28
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Tests for #7094, in which symlinks in a volume would cause chown errors and nonrunnable containers. Tests for environment variable precedence, now include --env-host and proxy settings Fix a bug caught by covscan in helpers.t ('source' path would fail if path included spaces). Fix podman-run man page: it was incorrect in stating precedence between in-image environment and --env-host. Fixes: #7099 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #6909 from rhatdan/podmanOpenShift Merge Robot2020-07-28
|\ \ | | | | | | Switch all references to github.com/containers/libpod -> podman
| * | Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #7098 from asottile/newline_on_errorOpenShift Merge Robot2020-07-28
|\ \ \ | | | | | | | | add newline to output in error message
| * | | add newline to output in error messageAnthony Sottile2020-07-27
| | | | | | | | | | | | | | | | Signed-off-by: Anthony Sottile <asottile@umich.edu>
* | | | Merge pull request #7105 from AkihiroSuda/fix-cgroupversion-stringOpenShift Merge Robot2020-07-28
|\ \ \ \ | | | | | | | | | | compat/info.go: TrimPrefix(CGroupsVersion, "v")
| * | | | compat/info.go: TrimPrefix(CGroupsVersion, "v")Akihiro Suda2020-07-28
| |/ / / | | | | | | | | | | | | | | | | | | | | For compatibility with Docker: https://github.com/moby/moby/blob/846b7e24ba549a972a2672ffdd88b140da688736/api/swagger.yaml#L4528-L4534 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* | | | Merge pull request #7079 from rhatdan/tuturialOpenShift Merge Robot2020-07-28
|\ \ \ \ | | | | | | | | | | update configuration for rootless podman
| * | | | update configuration for rootless podmanDaniel J Walsh2020-07-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I updated the configuration part of the tutorial on rootless podman. I added the order in which configuration files are read in and a hint, how users can create default configuration in the home directories. Closes #6777 Signed-off-by: Niklas Netter <niknett@gmail.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #7101 from AkihiroSuda/rootlesskit-010OpenShift Merge Robot2020-07-28
|\ \ \ \ \ | |_|_|/ / |/| | | | Bump github.com/rootless-containers/rootlesskit from 0.9.5 to 0.10.0
| * | | | Bump github.com/rootless-containers/rootlesskit from 0.9.5 to 0.10.0Akihiro Suda2020-07-28
| | |/ / | |/| | | | | | | | | | | | | | | | | | Fix #7016 via https://github.com/rootless-containers/rootlesskit/pull/157 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* | | | Merge pull request #7085 from rhatdan/cmountOpenShift Merge Robot2020-07-28
|\ \ \ \ | | | | | | | | | | Cleanup handling of podman mount/unmount
| * | | | Cleanup handling of podman mount/unmountDaniel J Walsh2020-07-27
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We should default to the user name unmount rather then the internal name of umount. Also User namespace was not being handled correctly. We want to inform the user that if they do a mount when in rootless mode that they have to be first in the podman unshare state. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #7095 from Melykuti/masterOpenShift Merge Robot2020-07-28
|\ \ \ \ | |/ / / |/| | | Corrects typo in the name of the Linux package shadow-utils.
| * | | Corrects typo in the name of the Linux package shadow-utils.Melykuti2020-07-27
| | | | | | | | | | | | | | | | Signed-off-by: Bence Mélykúti <bence.melykuti@gmail.com>
* | | | Merge pull request #7094 from rhatdan/volumeOpenShift Merge Robot2020-07-27
|\ \ \ \ | | | | | | | | | | When chowning we should not follow symbolic link
| * | | | When chowning we should not follow symbolic linkDaniel J Walsh2020-07-27
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #7070 from edsantiago/ci_fixesOpenShift Merge Robot2020-07-27
|\ \ \ \ \ | | | | | | | | | | | | CI - various fixes
| * | | | | CI - various fixesEd Santiago2020-07-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Primary purpose: upgrade crun to 0.14 on f31, in hopes of eliminating the 'cgroups.freeze' flake that is plaguing CI. While I'm at it: - remove a no-longer-needed dnf upgrade that was running in CI itself (not image building, in each actual CI run). The purpose was to upgrade conmon, but that was added a long time ago and the required conmon is now in stable. The effect of this dnf upgrade today was simply to cause flakes when fedora repos were offline. - remove a no-longer-needed check for varlink. - networking.sh : add a timeout! 'openssl s_client' will happily hang forever if a host is unreachable, which means we waste two hours waiting for Cirrus to time out. - timestamp.awk : include date (not just time) in START/END msgs. There are times when I'm looking at a CI log and it is ultra important to know if it is from yesterday or today. - add progress messages in some places where I've previously struggled to understand context in logs; and improve some unlikely error messages to include script name. ...then, after all that, wrote a new README about how to to all this. Hope it helps someone. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #7092 from mheon/update_docsOpenShift Merge Robot2020-07-27
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | [CI:DOCS] Update transfer doc
| * | | | | Update transfer docMatthew Heon2020-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We now support `podman network` and `podman volume` commands, so we shouldn't include them in the `missing commands` section. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | Merge pull request #7027 from ldelossa/louis/refactor-container-configOpenShift Merge Robot2020-07-27
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | TODO: Refactor container config
| * | | | | Refactor container configlouis2020-07-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit handle the TODO task of breaking the Container config into smaller sub-configs Signed-off-by: ldelossa <ldelossa@redhat.com>
* | | | | | Merge pull request #7088 from vrothberg/fix-7078OpenShift Merge Robot2020-07-27
|\ \ \ \ \ \ | | | | | | | | | | | | | | API events: fix parsing error
| * | | | | | test/apiv2: add a simple events testValentin Rothberg2020-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a simple test to exercise the events API without the "filters" parameter. Prevents regressing on #7078. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | | | API events: fix parsing errorValentin Rothberg2020-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix an error where an absent "filters" parameter led to JSON parsing errors. Fixes: #7078 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | | Merge pull request #7083 from Luap99/fix-template-escapingOpenShift Merge Robot2020-07-27
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | replace the html/template package with text/template
| * | | | | | replace the html/template package with text/templatePaul Holzinger2020-07-25
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently some commands use the html/template package. This can lead to invalid output. e.g. `system df --verbose` will print `&lt;none&gt;` instead of `<none>` with an untaged image. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | | | Merge pull request #7084 from TomSweeneyRedHat/dev/tsweeney/exp_apiOpenShift Merge Robot2020-07-26
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Remove 'experimental' from API doc
| * | | | | Remove 'experimental' from API docTomSweeneyRedHat2020-07-25
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The v2.0 reference [page](http://docs.podman.io/en/latest/Reference.html) lists the API as experimental. Removed that word and reworked the first paragraph a bit based on verbiage that @mheon put together for the API intro blog. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | Merge pull request #7068 from mheon/start_attach_no_ctridOpenShift Merge Robot2020-07-24
|\ \ \ \ \ | | | | | | | | | | | | The `podman start --attach` command should not print ID
| * | | | | The `podman start --attach` command should not print IDMatthew Heon2020-07-23
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Somewhere in the Podman v2 rewrite, we allowed `podman start --attach` to print the container ID of the started container after exiting from the attach session (via detach key or the container exiting naturally). We should never print the ID when `--attach` is given, which makes the fix simple - make the print statement conditional on `--attach` not being present. Wierdly, this only happened with `--interactive` was given to `podman start`. I don't know why that is, but this resolves the issue without having to dig any deeper, so I'm content. Fixes #7055 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #6742 from ↵OpenShift Merge Robot2020-07-24
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | maybe-sybr/maybe/apiv2/fix-container-create-with-volumes APIv2:fix: Get volumes from `Binds` when creating
| * | | | | APIv2:fix: Get volumes from `Binds` when creatingmaybe-sybr2020-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change ensures that we pull volume bind specification strings from the correct spot in the POSTed data when creating containers. We should probably canity check that the mapping keys in `Volumes` are a superset of the binds listed in `HostConfig.Binds` but this cheap change removes an annoying behaviour where named volumes or host mount would be silently replaced with newly created anonymous volumes. Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
* | | | | | Merge pull request #6938 from jwhonce/wip/n-connectionOpenShift Merge Robot2020-07-24
|\ \ \ \ \ \ | | | | | | | | | | | | | | Refactor podman system connection
| * | | | | | [WIP] Refactor podman system connectionJhon Honce2020-07-22
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add support to manage multiple connections * Add connection * Remove connection * Rename connection * Set connection as default * Add markdown/man pages * Fix recursion in hack/xref-helpmsgs-manpages Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | | Merge pull request #7041 from jkonowitch/reset-docsOpenShift Merge Robot2020-07-24
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Improve Docs for `podman system reset`