| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1275
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a couple of issues with podman top.
podman top --latest USER HUSER
Now shows you the User inside of the containers usernamespace as well as the user on the host.
podman top --latest capeff capbnd
Now has headings that differentiatiate between the Capabiltiies. We also have support for
ambient capabilities.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1286
Approved by: vrothberg
|
|
|
|
|
|
|
|
|
|
| |
Need to get some small changes into libpod to pull back into buildah
to complete buildah transition.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1270
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
It breaks "podman run --net=host --uidmap=0:1:70000 --gidmap=0:20000:70000 busybox echo hi"
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1285
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
We need to pass the image format OCI or docker in the varlink commit command.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1281
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1284
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
Default settings for storage can be overriden by setting these environment
variables.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1282
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1266
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1266
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1266
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1266
Approved by: baude
|
|
|
|
|
|
|
|
|
| |
root can always mount a new instance.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1279
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1269
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1269
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
Hostname should be set to the hosts hostname when network is none.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1274
Approved by: giuseppe
|
|
|
|
|
|
|
|
|
|
| |
Specifically, pod.Start() always returned CtrErrors, even if none failed. This cause podman start to not return the successfully started pod id.
Also, pod.Kill() didn't return an error along with ctrErrors.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1272
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
* Rename id_ to ident, make non-PEP8'ers happier
* Fix bug where port was required on local connections
* Improve error messages for exceptions
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1246
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
these commands do not require to be root in an userns
Closes: https://github.com/containers/libpod/issues/1263
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1268
Approved by: vrothberg
|
|
|
|
|
|
|
|
|
|
| |
Use a pipe instead of a temporary file to load the apparmor profile.
This change has a measurable speed improvement for apparmor users.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1262
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
Move all Linux-related data under the corresponding buildtags to reduce
the memory footprint and speed up compilation for non-apparmor builds.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1262
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
For easier maintenance and clearer structure of the code.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1262
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
| |
If user does not pass in cgroup manager and running in rootless mode,
then we need to force the cgroupfs support until/unless we get support
for rootless systemd support.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1261
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
when searching multiple registries for images, if we get an error on one
of the searches, we should keep going and complete the search. if there
is only one search registry however, we will return an error.
Resolves: #1255
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1257
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1264
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1267
Approved by: mheon
|
|\
| |
| | |
Bump to 0.8.2.1
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
|/
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
|\
| |
| | |
Switch default CGroup manager to systemd
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
TODO: Change this to only force cgroupfs if if we are in a
container.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also, don't return the internal podState struct - instead return
a public inspect struct.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1258
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1256
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1256
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1256
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently we add mounts from images, volumes and internal.
We can accidently over mount an existing mount. This patch sorts the mounts
to make sure a parent directory is always mounted before its content.
Had to change the default propagation on image volume mounts from shared
to private to stop mount points from leaking out of the container.
Also switched from using some docker/docker/pkg to container/storage/pkg
to remove some dependencies on Docker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1243
Approved by: mheon
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When doing a podman search, the so-called NAME should be the image's
fully qualified name (not index plus shortname).
```
$ sudo podman search rhel7
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
redhat.com registry.access.redhat.com/rhel7/rhel This platform image provides a minimal runti... 0
redhat.com registry.access.redhat.com/rhel7.0 This platform image provides a minimal runti... 0
redhat.com registry.access.redhat.com/rhel7 This platform image provides a minimal runti... 0
....
```
Resolves: #1208
Resolves: Bugz #1614710
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1253
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This removes anything but structs and simple accessors from
pod.go itself, which is a target file for FFJSON generation. This
should reduce the amount of times FFJSON needs to run.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1247
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
During refresh, we cannot hard-fail, as that would mean leaving a
partially-configured state behind, leaving libpod unable to start
without manual intervention.
Instead, log errors refreshing individual containers and pods and
continue. Individual containers and pods may be unusable and need
to be removed manually, but libpod itself will continue to
function.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1252
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1249
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When checking if the container has already been removed, use
c.state.HasContainer() instead of the runtime's API to avoid
trying to take the already acquired lock.
Fixes: #1245
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1251
Approved by: baude
|
|/
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1248
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1240
Approved by: rhatdan
|