| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
Use conmon pidfile in generated systemd unit as PIDFile.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
It is not correct to rely on specific location of the podman binary.
In most cases it is /usr/bin/podman, but sometimes is not (e.g. in
system tests). Use /proc/self/exe instead of hardcoded path.
Signed-off-by: Danila Kiver <danila.kiver@mail.ru>
|
| | |
| |
| |
| |
| |
| |
| | |
There is no meaning of performing setup/teardown for these tests
when we even can not work with systemd.
Signed-off-by: Danila Kiver <danila.kiver@mail.ru>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Systemd manager drops non-existent directories from the units search
path during initialization, thus, creation of UNIT_DIR, if it did not
exist before, requres reloading the daemon.
Signed-off-by: Danila Kiver <danila.kiver@mail.ru>
|
| | |
| |
| |
| | |
Signed-off-by: Danila Kiver <danila.kiver@mail.ru>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The conmon pidfile is crucial for podman-generated systemd units, because
these units rely on it for determining service's main process ID.
With this change, every container has ConmonPidFile set (at least to
default value).
Signed-off-by: Danila Kiver <danila.kiver@mail.ru>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
By default, podman points PIDFile in generated unit file to non-existent
location. As a result, the unit file, generated by podman, is broken:
an attempt to start this unit without prior modification results in a crash,
because systemd can not find the pidfile of service's main process.
Fix the value of "PIDFile" and add a system test for this case.
Signed-off-by: Danila Kiver <danila.kiver@mail.ru>
|
| |\ \
| | |
| | | |
speed up rootless tests
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
when running integrations tests as rootless, several tests still
unnecessarily pull images which is costly in terms of time.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Set correct SELinux label on restored containers
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A container restored from a checkpoint archive used to have the root
file-system mounted with a wrong (new) SELinux label. This made it, for
example, impossible to use 'podman exec' on a restored container.
This test tests exactly this. 'podman exec' after 'podman container restore'.
Unfortunately this test does not fail, even without the patch that fixes
it as the test seems to run in an environment where the SELinux label of
the container root file-system is not relevant. Somehow.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Restoring a container from a checkpoint archive creates a complete
new root file-system. This file-system needs to have the correct SELinux
label or most things in that restored container will fail. Running
processes are not as problematic as newly exec()'d process (internally
or via 'podman exec').
This patch tells the storage setup which label should be used to mount
the container's root file-system.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Instead of only tracking that a container is restored from
a checkpoint locally in runtime_ctr.go this adds a flag to the
Container structure.
Upcoming patches to correctly label the root file-system mount-point
need also to know if a container is restored from a checkpoint.
Instead of passing a parameter around a lot of functions, this
adds that information to the Container structure.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
docs: fix --healthcheck-command option
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Make the documentation agree with the code.
Related #3507
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Add RUN priv'd test for build
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Podman 1.4.1 had problems with builds with a
RUN command that tried to to a privliged command.
This adds a gating test for that situation.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
code cleanup
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
clean up code identified as problematic by golands inspection
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
fix integration flake tests
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
attempts to correct three of our flakey integration tests
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
CONTRIBUTING.md: fix project paths
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The paths to the local libpod tree where missing the `./src` part which
ultimately lead to compilation errors. Also place the git trees into
containers/libpod and not into the user's GitHub root.
Reported in #podman on IRC.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
get last container event
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
an internal change in libpod will soon required the ability to lookup
the last container event using the continer name or id and the type of
event. this pr is in preperation for that need.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
generate kube with volumes
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Specifically, we were needlessly doing a double lookup to find which config mounts were user volumes. Improve this by refactoring a bit of code from inspect
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
for containers that share volumes, so the pod section doesn't list copies
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
trivial cleanups from golang
|
| | | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | | |
the results of a code cleanup performed by the goland IDE.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
ps should use nostore when possible
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
when not using --size with ps, we do not need a store. this should make
ps more effecient when the system is under heavy load.
also, prune unused ps functions as no longer needed.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
libpod: discerne partial IDs between containers and pods
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When specifying a podman command with a partial ID, container and pod
commands matches respectively only containers or pods IDs in the BoltDB.
Fixes: #3487
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
adel-mamin/adel-mamin/install-md-update-for-manjaro
Updated install.md for Manjaro Linux
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Adel Mamin <adel.mamin@exafore.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Adel Mamin <adel.mamin@exafore.com>
|
| | |/ / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Adel Mamin <adel.mamin@exafore.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Vendor latest OCICNI version
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is needed for dual stack IPv6 support within CRI-O. Because the API
changed within OCICNI, we have to adapt the internal linux networking as
well.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
build: allow to build without cgo on RISC-V
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
it is a wrapper around containers/storage file locking.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
preparation for the next patch. It currently supports only "shm".
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
so it can build without cgo since seccomp requires it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
unfortunately rootless won't work without cgo, as most of the
implementation is in C, but at least allow to build libpod.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
