| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
| |
Currently podman generate kube does not generate the correct RunAsUser and RunAsGroup
options in the yaml file. This patch fixes this.
This patch also make `podman play kube` use the RunAdUser and RunAsGroup options if
they are specified in the yaml file.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
rootless: use SYS_renameat2 instead of __NR_renameat2
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
on RHEL 7.7 renameat2 is not implemented for s390x, provide a
workaround.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1768519
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| | |
use the correct definition for the syscall number.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Update installation - Ubuntu. [skip ci]
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Current podman deb package does not install /etc/containers/registries.conf .
The added line is for compatibility of use cases with docker.
Signed-off-by: Jun Aruga <jaruga@redhat.com>
|
|\ \ \
| | | |
| | | | |
help message: don't parse the config for cgroup-manager default
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Do not generate an entire `config.Config` for displaying the default
value for the --cgroup-manager flag and just default to systemd. Not
using the `config.Config` is okay as 1) the value may change at runtime
in any case (rootless, DBUS access, etc.), 2) it avoids to redundantly
parse the system config files and to generate the hard-coded default
config, and 3) the log-level and other attributes are not yet set during
init() causing undesirable side effects.
Fixes: #4456
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Set SELinux labels based on the security context in the kube.yaml
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If the kube.yaml specifieds the SELinux type or Level, we need the container
to be launched with the correct label.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
namespaces: by default create cgroupns on cgroups v2
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
change the default on cgroups v2 and create a new cgroup namespace.
When a cgroup namespace is used, processes inside the namespace are
only able to see cgroup paths relative to the cgroup namespace root
and not have full visibility on all the cgroups present on the
system.
The previous behaviour is maintained on a cgroups v1 host, where a
cgroup namespace is not created by default.
Closes: https://github.com/containers/libpod/issues/4363
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
pulling unqualified reference: make sure it's a docker reference
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When pulling an unqualified reference (e.g., `fedora`) make sure that
the reference is not using a non-docker transport to avoid iterating
over the search registries and trying to pull from them.
Fixes: #4434
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | |
| | | |
| | | | |
containers/dependabot/go_modules/gopkg.in/yaml.v2-2.2.5
Bump gopkg.in/yaml.v2 from 2.2.4 to 2.2.5
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.2.4...v2.2.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add release notes for v1.6.3
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| |/ /
|/| | |
slirp4netns: fix timeout
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
the pidWaitTimeout is already a Duration so do not multiply it again
by time.Millisecond.
Closes: https://github.com/containers/libpod/issues/4344
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Update rootless shortcomings with cgroup V2 information
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
logo: correct light source reflection
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
Validate contextdir on build
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We never verified that the context directory passed into the build
command was a valid directory. When we then slapped a default Containerfile
name onto it, things went south fast if the user had passed us a file and
not a directory.
Fixes: #4383
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
stats: report correctly CPU usage
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Closes: https://github.com/containers/libpod/issues/4409
Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
the two values were incorrectly switched.
Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
[Makefile] Fix docker documentation install and generation
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Section 5 documentation is missing from the documentation restructure.
Signed-off-by: Morten Linderud <morten@linderud.pw>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The final versions of the documentation has been shifted from `docs/` to
`docs/build/man`. Most of the Makefile has been changed accordingly, but
the docker documentation generation was not.
Introduced by #4354
Signed-off-by: Morten Linderud <morten@linderud.pw>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Update link to Commands documentation
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The previous link pointed to the Markdown file, but the links are broken on that page. This pull request points to the actual documentation.
Grabbed from @srp33 PR https://github.com/containers/libpod/pull/4407 to help the merge process.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
runtime: Fix typo
|
|/ / / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
[CI:DOCS] make docsonly prs
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
skips certain aspects of prs for testing.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Vendor in latest containers/buildah
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Pull in changes to pkg/secrets/secrets.go that adds the
logic to disable fips mode if a pod/container has a
label set.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Switch to bufio Reader for exec streams
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
There were many situations that made exec act funky with input. pipes didn't work as expected, as well as sending input before the shell opened.
Thinking about it, it seemed as though the issues were because of how os.Stdin buffers (it doesn't). Dropping this input had some weird consequences.
Instead, read from os.Stdin as bufio.Reader, allowing the input to buffer before passing it to the container.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/github.com/onsi/ginkgo-1.10.3
Bump github.com/onsi/ginkgo from 1.10.1 to 1.10.3
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.10.1 to 1.10.3.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.10.1...v1.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Refactor test to prevent panic
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
logs: support --tail 0
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
change the default to -1, so that we can change the semantic of
"--tail 0" to not print any existing log line.
Closes: https://github.com/containers/libpod/issues/4396
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|