| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
To 'avoid unknown FS magic on "/run/user/1000/netns/...": 1021994'
make the network namespace bind-mount recursively shared, so the
mount is back-propogated to the host.
Signed-off-by: gabi beyer <gabrielle.n.beyer@intel.com>
|
|
|
|
|
|
|
| |
Update documentation to show Kata Containers support is no longer
a limitation with merging of commit 486a5b9
Signed-off-by: gabi beyer <gabrielle.n.beyer@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to run Podman with VM-based runtimes unprivileged, the
network must be set up prior to the container creation. Therefore
this commit modifies Podman to run rootless containers by:
1. create a network namespace
2. pass the netns persistent mount path to the slirp4netns
to create the tap inferface
3. pass the netns path to the OCI spec, so the runtime can
enter the netns
Closes #2897
Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
|
|\
| |
| | |
Cirrus: Push snap continuously
|
| |
| |
| |
| | |
Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
|
| |
| |
| |
| | |
Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
|
| |
| |
| |
| | |
Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
|
| |
| |
| |
| | |
Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
|
|\ \
| | |
| | | |
execuser: look at the source for /etc/{passwd,group} overrides
|
| | |
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
look if there are bind mounts that can shadow the /etc/passwd and
/etc/group files. In that case, look at the bind mount source.
Closes: https://github.com/containers/libpod/pull/4068#issuecomment-533782941
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Document the 'system' event types for 'podman events'
|
|/ /
| |
| |
| |
| |
| | |
Fixes: #4002
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| |/
|/| |
Cirrus: More podbot/success improvements
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Fix one disused and two missing required env. vars.
* Slightly optomize processing of commit-author names
* Fix problem of printing duplicate author names when there are multiple
commits.
* Fix bot's IRC connection timeout too short.
* Add a single retry of IRC connection after 5-second delay.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \
| | |
| | | |
We need to convert libpod.conf files in user homedir for cgroupv2
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If a user upgrades to a machine that defaults to a cgroups V2 machine
and has a libpod.conf file in their homedir that defaults to OCI Runtime runc,
then we want to change it one time to crun.
runc as of this point does not work on cgroupV2 systems. This patch will
eventually be removed but is needed until runc has support.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Add support for testing with the latest Ubuntu release
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The images build correctly but neither integration or remote client
tests pass. Temporarily disable Ubuntu 19 testing until both are
ready to be supported.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Also, minor update to prevent harmless 'Fatal: not a git repo' error.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the latest Ubuntu version into the testing matrix
and image-build workflow. This is also needed to support
other containers projects which share use of VM images
from this one.
Update package lists to include needs for contianers/storage
use of images.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \
| |/
|/| |
container: make sure $HOME is always set
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the HOME environment variable is not set, make sure it is set to
the configuration found in the container /etc/passwd file.
It was previously depending on a runc behavior that always set HOME
when it is not set. The OCI runtime specifications do not require
HOME to be set so move the logic to libpod.
Closes: https://github.com/debarshiray/toolbox/issues/266
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| |/
|/| |
Cirrus: Update podbot credentials
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixed a typo.
Also script was grabbing quotes and other non-email-address junk
while looping. Filter before and after to make sure we get 'em all.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|/
|
|
| |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\
| |
| | |
tests: use crun package
|
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
fix trivial type for event logger
|
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes: #4062
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Move rootless and Mac to Tutorials page
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
As the title says.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Support podman-remote help on windows
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Update scipts to produce darwin and windows output
* Update batch file to re-direct help requests to browser
* Add pandoc filter for markdown to html links
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Clean destination paths during mount generation
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We identify and resolve conflicts in paths using destination path
matches. We require exact matches, largely for performance
reasons (we use maps to efficiently access, keyed by
destination). This usually works fine, until you get mounts that
are targetted at /output and /output/ - the same path, but not
the same string.
Use filepath.Clean() aggressively to try and solve this.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Cirrus: Prevent resident pollution
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When constructing VM cache-images, the latest/greatest podman package is
installed to ensure all necessary dependencies are met. Prior to
testing source-built binaries, most of of the packaged files are removed.
However, if the `io.podman` service or socket is enabled/running, it
could cause the packaged podman and varlink binaries to be both resident
and cached. Since this condition would cause very difficult to diagnose
behaviors, add preventative measures to ensure these services are absent
prior to removing packaged podman files.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add links to the Mac tutorial in the main tutorial
|
| | |/
| |/|
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Vendor c/storage 1.13.3
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
Pull in fixes to avoid double locking the mounts list when
doing a save or cleanup.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|\ \ \
| | | |
| | | | |
support non-standard ssh port for remote-client
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when using the remote client, users may need to specify a non-standard
port for ssh connections. we can do so on the command line and within
the remote-client configuration file.
Fixes: #3987
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Add a note on systemd shortcomings in rootless containers
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Document that it is expected for some of the systemd API's to not work
correctly/at all in rootless containers.
Fixes: #3957
Signed-off-by: Michal Sekletar <msekleta@redhat.com>
|
|\ \
| | |
| | | |
Fix exit code failure
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
While investigating issue
https://github.com/containers/libpod/issues/4044 there is no sense
subjecting forward progress elsewhere. Skip the test with a note
temporarily, until a resolution to 4044 and any other related issues
is found and fix implemented.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|/ /
| |
| |
| |
| |
| | |
Be less precise on the exit code and lot the exit code to the journal when it fails.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Add 'relabel' to --mount options
|