summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #2088 from giuseppe/umask-to-0OpenShift Merge Robot2019-01-07
|\ | | | | podman: set umask to 022
| * podman: set umask to 022Giuseppe Scrivano2019-01-07
| | | | | | | | | | | | | | | | | | | | be sure there are no bits in the umask that prevent us for creating directories with mode 0755. Set the umask very early in the program startup. Closes: https://github.com/containers/libpod/issues/2074 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #2089 from rhatdan/locksOpenShift Merge Robot2019-01-06
|\ \ | | | | | | Rootless with shmlocks was not working.
| * | Rootless with shmlocks was not working.Daniel J Walsh2019-01-05
| |/ | | | | | | | | | | | | | | This patch makes the path unigue to each UID. Also cleans up some return code to return the path it is trying to lock. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2082 from rhatdan/runcOpenShift Merge Robot2019-01-06
|\ \ | | | | | | Update vendor of runc
| * | Update vendor of runcDaniel J Walsh2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating the vendor or runc to pull in some fixes that we need. In order to get this vendor to work, we needed to update the vendor of docker/docker, which causes all sorts of issues, just to fix the docker/pkg/sysinfo. Rather then doing this, I pulled in pkg/sysinfo into libpod and fixed the code locally. I then switched the use of docker/pkg/sysinfo to libpod/pkg/sysinfo. I also switched out the docker/pkg/mount to containers/storage/pkg/mount Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #2090 from rhatdan/buildahOpenShift Merge Robot2019-01-06
|\ \ \ | |_|/ |/| | Vendor in latest containers/buildah code
| * | Vendor in latest containers/buildah codeDaniel J Walsh2019-01-05
|/ / | | | | | | | | | | | | | | | | This should improve the speed of podman build. Has fixes from containres/image for parallell pull. Also vendor containers/storage and containers/image Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2085 from mheon/readd_pythonOpenShift Merge Robot2019-01-04
|\ \ | | | | | | Readd Python testing
| * | Readd Python testingMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | We accidentally merged a PR with a commit temporarily disabling the Python tests. Reenable them here. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #2084 from cevich/no-slash-lgtmOpenShift Merge Robot2019-01-04
|\ \ \ | |/ / |/| | [skip ci] Docs: Add Bot Interactions section
| * | [skip ci] Docs: Add Bot Interactions sectionChris Evich2019-01-04
| | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #1235 from mheon/shm_lockingOpenShift Merge Robot2019-01-04
|\ \ \ | | | | | | | | SHM locking for Libpod
| * | | Bump time for build_each_commit stepMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The limit of build_each_commit seems to be 17 commits - any more and it times out. Give it a bit more time to work with. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Move lock init after tmp dir is populated properlyMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't initialize the lock manager until almost the end of libpod init, so we can guarantee our tmp dir is properly set up and exists. This wasn't an issue on systems that had previously run Podman, but CI caught it. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | DO NOT MERGE temporarily remove python testsMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's impossible to get good debug out of the python tests, so nuke them for now so I can figure out what's wrong. DO NOT MERGE THIS COMMIT Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | When refreshing libpod, if SHM locks exist, remove themMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will hopefully help cases where libpod is initialized multiple times on the same system (as on our CI tests). We still run into potential issues where multiple Podmans with multiple tmp paths try to run on the same system - we could end up thrashing the locks. I think we need a file locks driver for situations like that. We can also see about storing paths in the SHM segment, to make sure multiple libpod instances aren't using the same one. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Ensure different error messages and creating/opening locksMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Update unit tests to use in-memory lock managerMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Remove runtime lockDir and add in-memory lock managerMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove runtime's lockDir as it is no longer needed after the lock rework. Add a trivial in-memory lock manager for unit testing Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Convert pods to SHM locksMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Convert containers to SHM lockingMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Add lock manager to libpod runtimeMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Move to POSIX mutexes for SHM locksMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Disable lint on SHMLock structMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Golint wants to rename the struct. I think the name is fine. I can disable golint. Golint will no longer complain about the name. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Refactor locks package to build on non-LinuxMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move SHM specific code into a subpackage. Within the main locks package, move the manager to be linux-only and add a non-Linux unsupported build file. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Add an SHM-backed Lock Manager implementationMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Add interface for libpod multiprocess locksMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Improve documentation and unit tests for SHM locksMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Propogate error codes from SHM lock creation and openMatthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | Also add a few more unit tests Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Add mutex invariant to SHM semaphores.Matthew Heon2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Check value of semaphores when incrementing to ensure we never go beyond 1, preserving mutex invariants. Also, add cleanup code to the lock tests, ensuring that we never leave the locks in a bad state after a test. We aren't destroying and recreating the SHM every time, so we have to be careful not to leak state between test runs. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | Initial skeleton of in-memory locksMatthew Heon2019-01-04
|/ / / | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | | Merge pull request #2045 from vrothberg/initOpenShift Merge Robot2019-01-04
|\ \ \ | |_|/ |/| | add init support
| * | add container-init supportValentin Rothberg2019-01-04
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for executing an init binary as PID 1 in a container to forward signals and reap processes. When the `--init` flag is set for podman-create or podman-run, the init binary is bind-mounted to `/dev/init` in the container and "/dev/init --" is prepended to the container's command. The default base path of the container-init binary is `/usr/libexec/podman` while the default binary is catatonit [1]. This default can be changed permanently via the `init_path` field in the `libpod.conf` configuration file (which is recommended for packaging) or temporarily via the `--init-path` flag of podman-create and podman-run. [1] https://github.com/openSUSE/catatonit Fixes: #1670 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #2071 from baude/vendorcsOpenShift Merge Robot2019-01-03
|\ \ | | | | | | vendor in new containers/storage
| * | vendor in new containers/storagebaude2019-01-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | vendor in latest containers/storage which contains a fix for when a filesystem that overlayfs is on is ENOSPC. adding pgzip/compress as a new dep for c/s Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #2072 from rhatdan/completionsOpenShift Merge Robot2019-01-03
|\ \ \ | |/ / |/| | Fix completions
| * | Fix completionsDaniel J Walsh2019-01-03
|/ / | | | | | | | | | | | | | | | | Currently completions do not work. podman generate kube and podman play kube completions broke this. Also fixed podman import to work properly. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2065 from TomSweeneyRedHat/dev/tsweeney/troublefix1OpenShift Merge Robot2019-01-02
|\ \ | | | | | | Touch up some troubleshooting nits
| * | Touch up some troubleshooting nitsTomSweeneyRedHat2019-01-02
|/ / | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Merge pull request #2068 from mheon/log_container_commandOpenShift Merge Robot2019-01-02
|\ \ | | | | | | Log container command before starting the container
| * | Log container command before starting the containerMatthew Heon2019-01-02
| |/ | | | | | | | | | | | | Runc does not produce helpful error messages when the container's command is not found, so print the command ourselves. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #2067 from mheon/fix_garbage_portsOpenShift Merge Robot2019-01-02
|\ \ | |/ |/| Use sprintf to generate port numbers while committing
| * Use sprintf to generate port numbers while committingMatthew Heon2019-01-02
|/ | | | | | | | | Casting integers to strings is definitely not correct, so let the standard library handle matters. Fixes #2066 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #2052 from rhatdan/sparseOpenShift Merge Robot2018-12-31
|\ | | | | Add troubleshooting for sparse files
| * Add troubleshooting for sparse filesDaniel J Walsh2018-12-30
|/ | | | | | | | | | A common failure with people building container images is the creation of large sparse files, particularly useradd creating the lastlog file. This PR Documents the failures. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #2058 from adrianreber/enable-crOpenShift Merge Robot2018-12-28
|\ | | | | Re-enable checkpoint/restore CI tests on Fedora
| * Re-enable checkpoint/restore CI tests on FedoraAdrian Reber2018-12-28
| | | | | | | | | | | | | | | | Now that the correct distribution CRIU packages are installed the checkpoint/restore tests should no longer fail. This re-enables the disabled tests on Fedora. Signed-off-by: Adrian Reber <areber@redhat.com>
* | Merge pull request #2059 from rhatdan/ociruntimeOpenShift Merge Robot2018-12-28
|\ \ | | | | | | podman build is not using the default oci-runtime
| * | podman build is not using the default oci-runtimeDaniel J Walsh2018-12-28
| |/ | | | | | | | | | | | | | | | | | | Currently if the user installs runc in an alternative path podman run uses it but podman build does not. This patch will pass the default oci runtime to be used by podman down to the image builder. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>