| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |\
| |
| | |
Set gvproxy path to /usr/libexec/podman/gvproxy
|
| |/
|
|
|
|
|
|
|
| |
We have reverted the previous patches to look for the gvproxy binary in
/usr/lib/podman and have again decided to use /usr/libexec/podman
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\
| |
| | |
Release notes for Podman v3.3.0-RC2
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit bbd085ad1e3cf9c5b543c907ad7014ccf8a5cb34.
The cgroup work to enable these has not happened yet and will not
be ready in time for the release of Podman 3.3.0.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Also add some missing options to podman pod create.
Fixes #10884
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The slirp4netns path can be set in the config file or with
--network-cmd-path. Podman info should read the version information
correctly and not use PATH in this case. Also show the slirp4netns
version information to root users.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A user contributed a one line PR that enabled logging the podman machine
ssh command for debug. The user was not able to complete the submission
so this PR replaces that.
[NO TESTS NEEDED]
Replaces #10798
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| | |
| |
| |
| |
| |
| | |
Parse Unix timestamps that contains fractional part.
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/11124
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@localhost.localdomain>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently if you execute podman unpause --all, podman pause --all
Podman shows attempts to unpause containers that are not paused
and prints an error. This PR catches this error and only prints errors if
a paused container was not able to be unpaused.
Currently if you execute podman pause --all or podman kill --all, Podman
Podman shows attempts to pause or kill containers that are not running
and prints an error. This PR catches this error and only prints errors if
a running container was not able to be paused or killed.
Also change printing of multiple errors to go to stderr and to prefix
"Error: " in front to match the output of the last error.
Fixes: https://github.com/containers/podman/issues/11098
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To match Docker's behavior, in the `--net=host` case, we need to
use the host's `/etc/hosts` file, unmodified (without adding an
entry for the container). We will still respect hosts from
`--add-host` but will not make any automatic changes.
Fortuntely, this is strictly a matter of removal and refactoring
as we already base our `/etc/hosts` on the host's version - just
need to remove the code that added entries when net=host was set.
Fixes #10319
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| | |
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1988252
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes:
- Do not show healthcheck status if not available or if container
status is "created" (Docker behaviour)
- Show healthcheck configuration if present (Config.Healthcheck)
Tests:
- Ensure State.Health is not present if container status is "created"
- Ensure Config.Healthcheck is present and values correct
- Ensure State.Health is present if container started
Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman info takes >20s on Gentoo, because equery is s..l..o..w.
qfile is much faster and, I suspect, present in most Gentoo
installations, so let's try it first.
And, because packageVersion() was scarily unmaintainable,
refactor it. Define a simple (string) list of packaging tools
to query (rpm, dpkg, ...) and iterate until we find one that
works.
IMPORTANT NOTE: the Debian (and, presumably, Ubuntu) query does not
include version number! There is no standard way on Debian to get
a package version from a file path, you can only do it via pipes
of chained commands, and I have no desire to implement that.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
move the container to a sub-cgroup before creating a sibling
hierarchy.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently we override the SELinux labels specified by the user
if the container is runing a kata container or systemd container.
This PR fixes to use the label specified by the user.
Fixes: https://github.com/containers/podman/issues/11100
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
| |
This does not include subsequent backports, which will be added
later.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\
| |
| | |
[v3.3] fix rootless port forwarding with network dis-/connect
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.3 to 0.14.4.
- [Release notes](https://github.com/rootless-containers/rootlesskit/releases)
- [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.14.3...v0.14.4)
---
updated-dependencies:
- dependency-name: github.com/rootless-containers/rootlesskit
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The rootlessport forwarder requires a child IP to be set. This must be a
valid ip in the container network namespace. The problem is that after a
network disconnect and connect the eth0 ip changed. Therefore the
packages are dropped since the source ip does no longer exists in the
netns.
One solution is to set the child IP to 127.0.0.1, however this is a
security problem. [1]
To fix this we have to recreate the ports after network connect and
disconnect. To make this work the rootlessport process exposes a socket
where podman network connect/disconnect connect to and send to new child
IP to rootlessport. The rootlessport process will remove all ports and
recreate them with the new correct child IP.
Also bump rootlesskit to v0.14.3 to fix a race with RemovePort().
Fixes #10052
[1] https://nvd.nist.gov/vuln/detail/CVE-2021-20199
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
[v3.3] Bump to Buildah v1.22.0 [NO NEW TESTS NEEDED]
|
| |/
|
|
|
|
|
|
|
|
|
| |
[NO TESTS NEEDED]
Bump Buildah to v1.22.0 and c/common to v0.42.1
and adds a patch for cpu handling.
Based on #1132
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\
| |
| | |
[v3.3] Disable aarch64 support
|
| |/
|
|
|
|
|
|
| |
until we have a fedora coreos images officially on aarch64, we cannot run podman machine on aarch64 linux. Moreover, on Apple Silicon, we need upstream patches for qemu to be merged and release.
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\
| |
| | |
Cirrus: CI Support for v3.3 Branch
|
| |/
|
|
| |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\
| |
| | |
Bump to v3.3.0-RC1
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\
| |
| |
| |
| | |
containers/dependabot/go_modules/github.com/containers/storage-1.33.1
Bump github.com/containers/storage from 1.33.0 to 1.33.1
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.33.0 to 1.33.1.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.33.0...v1.33.1)
---
updated-dependencies:
- dependency-name: github.com/containers/storage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \
| | |
| | | |
[CI:DOCS] Multi-arch image build: Daily version-tag push
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
This mirrors changes from
https://github.com/containers/buildah/pull/3381
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Remove ReadHeaderTimeout
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Effectively sets timeout to infinity.
This is needed in order to make `podman` work with `pack`.
The `pack` CLI is keeping one connection for prolonged time.
Closing the connection breaks `pack`'s functionality.
[NO TESTS NEEDED]
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/containers/image/v5-5.15.0
Bump github.com/containers/image/v5 from 5.14.0 to 5.15.0
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.14.0 to 5.15.0.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.14.0...v5.15.0)
---
updated-dependencies:
- dependency-name: github.com/containers/image/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \
| | | |
| | | | |
Add `--accept-repositories` integration tests
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
This adds the integration tests for the repository or namespaced
registry feature introduced in c/common.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Fix auto-update system test for older systemd
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If the systemd version is older than v245, the systemd uses 'Started'
when a oneshot service finishes.
In systemd, the change was done at:
https://github.com/systemd/systemd/pull/14851
commit-id: eda0cbf07186d16a160bd1d810613586fdbdf587
Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
|
| |\ \ \
| | | |
| | | | |
ps: support the `container...` notation for `ps --filter network=...`
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
system tests: fix race in stop test
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In the unlock/timeout test, on slow systems, 'podman ps' could
catch the container before the just-backgrounded 'podman stop'
sends the signal. Wait for signal ack from container before
we inspect it.
Also: If I understand the test correctly, it wasn't actually
checking that 'ps' could grab the lock while the container
was exiting. Add a check.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \
| | | |
| | | | |
`ci-fix`: healthcheck tests should use `.Should()` instead of `.To()`.
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
