| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix issue 10929 : `[Regression in 3.2.0] CNI-in-slirp4netns DNS gets broken when running a rootful container after running a rootless container`
When /etc/resolv.conf on the host is a symlink to /run/systemd/resolve/stub-resolv.conf,
we have to mount an empty filesystem on /run/systemd/resolve in the child namespace,
so as to isolate the directory from the host mount namespace.
Otherwise our bind-mount for /run/systemd/resolve/stub-resolv.conf is unmounted
when systemd-resolved unlinks and recreates /run/systemd/resolve/stub-resolv.conf on the host.
[NO TESTS NEEDED]
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
|
|\
| |
| | |
manifest create subcommand should accept more than 2 arguments
|
| |
| |
| |
| | |
Signed-off-by: Raul Sevilla <rsevilla@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Raul Sevilla <rsevilla@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
containers/dependabot/go_modules/github.com/google/uuid-1.3.0
Bump github.com/google/uuid from 1.2.0 to 1.3.0
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Commits](https://github.com/google/uuid/compare/v1.2.0...v1.3.0)
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Fix cirrus-cron failure notification GH workflow
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The master->main rename broke this. Also update the runtime along with
a comment w/ link to the actual job definitions.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
fix: uid/gid for volume mounted to existing dir
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
If mounting to existing directory the uid/gid should be preserved.
Primary uid/gid of container shouldn't be used.
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/containers/storage-1.32.6
Bump github.com/containers/storage from 1.32.5 to 1.32.6
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.5 to 1.32.6.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.32.5...v1.32.6)
---
updated-dependencies:
- dependency-name: github.com/containers/storage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \
| |_|/
|/| | |
Restore headers of optional information in 'podman pod ps'
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When optional information such as container IDs and names in pods, the
headers are not displayed. This fix restored the headers.
Documentation of this subcommand is also updated.
Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
|
|\ \ \
| |_|/
|/| | |
Don't exclude Dockerfile, Containerfiles from tar content
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the user specifies "*" in a .dockerignore or a .containerignore
then podman-remote build should not exclude the Dockerfile or
Containerfile or any content pointed to by `-f` in the context
directory.
We still need these files on the server side to complete the build.
Fixes: https://github.com/containers/podman/issues/9867
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Implemented Until Query Parameter for Containers/logs
|
| |
| |
| |
| |
| |
| |
| |
| | |
compat containers/logs was missing actual usage of until query param.
fixes #10859
Signed-off-by: cdoern <cdoern@redhat.com>
|
|\ \
| | |
| | | |
Remove GetStore function from Libpod
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We should not be exposing the store outside of Libpod. We want to
encapsulate it as an internal implementation detail - there's no
reason functions outside of Libpod should directly be
manipulating container storage. Convert the last use to invoke a
method on Libpod instead, and remove the function.
[NO TESTS NEEDED] as this is just a refactor.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/onsi/gomega-1.14.0
Bump github.com/onsi/gomega from 1.13.0 to 1.14.0
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.13.0...v1.14.0)
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Mention new hostname for loopback IP
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The hostname `host.containers.internal` is way easier to remember and should IMHO be preferred to be used, as it is:
a) easier to remember than some random IP
b) if the IP changes some time in the future the container will continue to work
And explain hostname adding in more detail
As per @mheon's suggestion.
And explain hostname adding *reason*
Also implies an suggestion for using the hostname instead.
And port change from podman-create man page to podman-run, too
Signed-off-by: rugk <rugk+git@posteo.de>
|
|\ \ \ \
| | | | |
| | | | | |
Add container config to compat image inspect
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
With docker-compose, there is a use case where you can `docker-compose
up -d`, then change a file like docker-compose.yml and run up again.
This requires a ContainerConfig with at least Volumes be populated in
the inspect data. This PR adds just that.
Fixes: #10795
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Update docs/tutorials/rootless_tutorial.md:
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Change references of 'master' to 'main' in URLs e.g. https://github.com/containers/podman/blob/main/install.md
* Wrap names of files or programs by '`' e.g. `dnf`, `containers.conf`, `/etc/subuid`, etc.
* Change sentence with ambiguous subject to 'Root privileges are required to add or update entries within these files'
* Link to kernel.org documentation for the `getpwent` command
* Change sentence: 'Note that the values for each user must be unique ~and without any overlap~'
* Make references to the Podman project upper-case instead of lower-case
* Reorder sentence 'Update the `/etc/subuid` and `/etc/subgid` with fields for each user' to emphasize 'For each user'
* Remove reference to asciiart demos and update README.md link
Signed-off-by: Colin Eberl Coe <ebb-earl-co@pm.me>
|
|\ \ \ \
| |_|/ /
|/| | | |
[CI:DOCS] fix: logo not loading after barnch renaming
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
You've renamed your branch from master to main and thus this URL here did not work anymore and caused a glitch in displaying the image in the docs.
Signed-off-by: rugk <rugk+git@posteo.de>
|
|\ \ \
| |_|/
|/| | |
Replace old RESTful tutorial with updated README
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remove outdated information on go bindings. Moved the tips for
debugging into the REAME and tidied up relevant links.
Fixes: #9334
[CI_DOCS]
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Make rootless-cni setup more robust
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The rootless cni namespace needs a valid /etc/resolv.conf file. On some
distros is a symlink to somewhere under /run. Because the kernel will
follow the symlink before mounting, it is not possible to mount a file
at exactly /etc/resolv.conf. We have to ensure that the link target will
be available in the rootless cni mount ns.
Fixes #10855
Also fixed a bug in the /var/lib/cni directory lookup logic. It used
`filepath.Base` instead of `filepath.Dir` and thus looping infinitely.
Fixes #10857
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| |_|/
|/| | |
manifest push --rm: use libimage for removal
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Use libimage for removing the manifest instead of going directly
through the store.
[NO TESTS NEEDED]
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
containers/dependabot/go_modules/github.com/cyphar/filepath-securejoin-0.2.3
Bump github.com/cyphar/filepath-securejoin from 0.2.2 to 0.2.3
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.2.2 to 0.2.3.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.2...v0.2.3)
---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \
| |/
|/| |
support pulling multiple images sequentially in a single podman pull
|
| |
| |
| |
| | |
Signed-off-by: Mehul Arora <aroram18@mcmaster.ca>
|
|\ \
| | |
| | | |
[CI:DOCS] Fixed notation for macOS
|
| | |
| | |
| | |
| | | |
Signed-off-by: Shion Tanaka <shtanaka@redhat.com>
|
|\ \ \
| | | |
| | | | |
podman diff accept two images or containers
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
First, make podman diff accept optionally a second argument. This allows
the user to specify a second image/container to compare the first with.
If it is not set the parent layer will be used as before.
Second, podman container diff should only use containers and podman
image diff should only use images. Previously, podman container diff
would use the image when both an image and container with this name
exists.
To make this work two new parameters have been added to the api. If they
are not used the previous behaviour is used. The same applies to the
bindings.
Fixes #10649
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
bump cobra to v1.2.1 and update the shell completion scripts
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The new cobra v1.2.0 release brings a number of bug fixes for shell
completion scripts. Regenerate the scripts with `make completions`
to sync them with the upstream version, currently we have some custom
ones to avoid some upstream bugs. Because the new cobra version has
all fixes we should use the upstream scripts.
Add a check to CI to ensure we always use the up to date scripts.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes #9730
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
podman service reaper
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add a new service reaper package. Podman currently does not reap all
child processes. The slirp4netns and rootlesskit processes are not
reaped. The is not a problem for local podman since the podman process
dies before the other processes and then init will reap them for us.
However with podman system service it is possible that the podman
process is still alive after slirp died. In this case podman has to reap
it or the slirp process will be a zombie until the service is stopped.
The service reaper will listen in an extra goroutine on SIGCHLD. Once it
receives this signal it will try to reap all pids that were added with
`AddPID()`. While I would like to just reap all children this is not
possible because many parts of the code use `os/exec` with `cmd.Wait()`.
If we reap before `cmd.Wait()` things can break, so reaping everything
is not an option.
[NO TESTS NEEDED]
Fixes #9777
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Create podman temp dir on machine start
|