summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Make netns bind mount sharedgabi beyer2019-09-24
| | | | | | | | To 'avoid unknown FS magic on "/run/user/1000/netns/...": 1021994' make the network namespace bind-mount recursively shared, so the mount is back-propogated to the host. Signed-off-by: gabi beyer <gabrielle.n.beyer@intel.com>
* Add Kata Containers supportgabi beyer2019-09-24
| | | | | | | Update documentation to show Kata Containers support is no longer a limitation with merging of commit 486a5b9 Signed-off-by: gabi beyer <gabrielle.n.beyer@intel.com>
* rootless: Rearrange setup of rootless containersGabi Beyer2019-09-24
| | | | | | | | | | | | | | | In order to run Podman with VM-based runtimes unprivileged, the network must be set up prior to the container creation. Therefore this commit modifies Podman to run rootless containers by: 1. create a network namespace 2. pass the netns persistent mount path to the slirp4netns to create the tap inferface 3. pass the netns path to the OCI spec, so the runtime can enter the netns Closes #2897 Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
* Merge pull request #3969 from abitrolly/patch-1OpenShift Merge Robot2019-09-23
|\ | | | | Cirrus: Push snap continuously
| * Cirrus: Add upload_snap to success dependenciesAnatoli Babenia2019-09-23
| | | | | | | | Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
| * Cirrus: Add snapcraft credentialsAnatoli Babenia2019-09-23
| | | | | | | | Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
| * Cirrus: Upload snap only on merges to masterAnatoli Babenia2019-09-23
| | | | | | | | Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
| * Cirrus: Push snap continuouslyAnatoli Babenia2019-09-23
| | | | | | | | Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
* | Merge pull request #4074 from giuseppe/override-etc-passwd-groupOpenShift Merge Robot2019-09-23
|\ \ | | | | | | execuser: look at the source for /etc/{passwd,group} overrides
| * | exec: set HOME also with exec sessionsGiuseppe Scrivano2019-09-21
| | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | execuser: look at the source for /etc/{passwd,group} overridesGiuseppe Scrivano2019-09-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | look if there are bind mounts that can shadow the /etc/passwd and /etc/group files. In that case, look at the bind mount source. Closes: https://github.com/containers/libpod/pull/4068#issuecomment-533782941 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #4083 from mheon/document_system_eventsOpenShift Merge Robot2019-09-23
|\ \ \ | |_|/ |/| | Document the 'system' event types for 'podman events'
| * | Document the 'system' event types for 'podman events'Matthew Heon2019-09-23
|/ / | | | | | | | | | | Fixes: #4002 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #4071 from cevich/more_podbotOpenShift Merge Robot2019-09-22
|\ \ | |/ |/| Cirrus: More podbot/success improvements
| * Cirrus: More podbot/success improvementsChris Evich2019-09-20
| | | | | | | | | | | | | | | | | | | | | | * Fix one disused and two missing required env. vars. * Slightly optomize processing of commit-author names * Fix problem of printing duplicate author names when there are multiple commits. * Fix bot's IRC connection timeout too short. * Add a single retry of IRC connection after 5-second delay. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #4029 from rhatdan/cgroupOpenShift Merge Robot2019-09-21
|\ \ | | | | | | We need to convert libpod.conf files in user homedir for cgroupv2
| * | We need to convert libpod.conf files in user homedir for cgroupv2Daniel J Walsh2019-09-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a user upgrades to a machine that defaults to a cgroups V2 machine and has a libpod.conf file in their homedir that defaults to OCI Runtime runc, then we want to change it one time to crun. runc as of this point does not work on cgroupV2 systems. This patch will eventually be removed but is needed until runc has support. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #3754 from cevich/latest_ubuntuOpenShift Merge Robot2019-09-21
|\ \ \ | |/ / |/| | Add support for testing with the latest Ubuntu release
| * | Cirrus: Temporarily disable testing on Ubuntu 19Chris Evich2019-09-20
| | | | | | | | | | | | | | | | | | | | | | | | The images build correctly but neither integration or remote client tests pass. Temporarily disable Ubuntu 19 testing until both are ready to be supported. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | Cirrus: disable Evil Units in base-imagesChris Evich2019-09-20
| | | | | | | | | | | | | | | | | | Also, minor update to prevent harmless 'Fatal: not a git repo' error. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | Cirrus: Add latest ubuntuChris Evich2019-09-20
| |/ | | | | | | | | | | | | | | | | | | | | | | Add the latest Ubuntu version into the testing matrix and image-build workflow. This is also needed to support other containers projects which share use of VM images from this one. Update package lists to include needs for contianers/storage use of images. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #4068 from giuseppe/always-set-homeOpenShift Merge Robot2019-09-21
|\ \ | |/ |/| container: make sure $HOME is always set
| * container: make sure $HOME is always setGiuseppe Scrivano2019-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | If the HOME environment variable is not set, make sure it is set to the configuration found in the container /etc/passwd file. It was previously depending on a runc behavior that always set HOME when it is not set. The OCI runtime specifications do not require HOME to be set so move the logic to libpod. Closes: https://github.com/debarshiray/toolbox/issues/266 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #4070 from cevich/podbot_credsOpenShift Merge Robot2019-09-20
|\ \ | |/ |/| Cirrus: Update podbot credentials
| * Cirrus: Fix success scriptChris Evich2019-09-20
| | | | | | | | | | | | | | | | | | Fixed a typo. Also script was grabbing quotes and other non-email-address junk while looping. Filter before and after to make sure we get 'em all. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Update podbot credentialsChris Evich2019-09-20
|/ | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #4051 from giuseppe/use-crun-pkgOpenShift Merge Robot2019-09-20
|\ | | | | tests: use crun package
| * tests: use crun packageGiuseppe Scrivano2019-09-19
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #4063 from baude/tomltypoOpenShift Merge Robot2019-09-20
|\ \ | | | | | | fix trivial type for event logger
| * | fix trivial type for event loggerbaude2019-09-19
| | | | | | | | | | | | | | | | | | Fixes: #4062 Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #4064 from TomSweeneyRedHat/dev/tsweeney/tutfixOpenShift Merge Robot2019-09-20
|\ \ \ | | | | | | | | Move rootless and Mac to Tutorials page
| * | | Move rootless and Mac to Tutorials pageTomSweeneyRedHat2019-09-19
| |/ / | | | | | | | | | | | | | | | As the title says. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | Merge pull request #4042 from jwhonce/wip/msiOpenShift Merge Robot2019-09-20
|\ \ \ | |/ / |/| | Support podman-remote help on windows
| * | Support podman-remote help on windowsJhon Honce2019-09-19
| | | | | | | | | | | | | | | | | | | | | | | | * Update scipts to produce darwin and windows output * Update batch file to re-direct help requests to browser * Add pandoc filter for markdown to html links Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #4060 from mheon/clean_pathsOpenShift Merge Robot2019-09-19
|\ \ \ | |/ / |/| | Clean destination paths during mount generation
| * | Clean destination paths during mount generationMatthew Heon2019-09-19
|/ / | | | | | | | | | | | | | | | | | | | | | | | | We identify and resolve conflicts in paths using destination path matches. We require exact matches, largely for performance reasons (we use maps to efficiently access, keyed by destination). This usually works fine, until you get mounts that are targetted at /output and /output/ - the same path, but not the same string. Use filepath.Clean() aggressively to try and solve this. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #3985 from cevich/verify_no_podmanOpenShift Merge Robot2019-09-19
|\ \ | | | | | | Cirrus: Prevent resident pollution
| * | Cirrus: Prevent resident pollutionChris Evich2019-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When constructing VM cache-images, the latest/greatest podman package is installed to ensure all necessary dependencies are met. Prior to testing source-built binaries, most of of the packaged files are removed. However, if the `io.podman` service or socket is enabled/running, it could cause the packaged podman and varlink binaries to be both resident and cached. Since this condition would cause very difficult to diagnose behaviors, add preventative measures to ensure these services are absent prior to removing packaged podman files. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #4040 from mheon/mac_tutorial_linksOpenShift Merge Robot2019-09-19
|\ \ \ | | | | | | | | Add links to the Mac tutorial in the main tutorial
| * | | Add links to the Mac tutorial in the main tutorialMatthew Heon2019-09-17
| | |/ | |/| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #4045 from umohnani8/vendorOpenShift Merge Robot2019-09-18
|\ \ \ | | | | | | | | Vendor c/storage 1.13.3
| * | | Vendor c/storage 1.13.3Urvashi Mohnani2019-09-17
| |/ / | | | | | | | | | | | | | | | | | | Pull in fixes to avoid double locking the mounts list when doing a save or cleanup. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | | Merge pull request #4041 from baude/remoteconfigportOpenShift Merge Robot2019-09-18
|\ \ \ | | | | | | | | support non-standard ssh port for remote-client
| * | | support non-standard ssh port for remote-clientbaude2019-09-17
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | when using the remote client, users may need to specify a non-standard port for ssh connections. we can do so on the command line and within the remote-client configuration file. Fixes: #3987 Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #3972 from msekletar/systemd-rootless-docsOpenShift Merge Robot2019-09-18
|\ \ \ | |/ / |/| | Add a note on systemd shortcomings in rootless containers
| * | Add a note on systemd shortcomings in rootless containersMichal Sekletar2019-09-18
|/ / | | | | | | | | | | | | | | | | Document that it is expected for some of the systemd API's to not work correctly/at all in rootless containers. Fixes: #3957 Signed-off-by: Michal Sekletar <msekleta@redhat.com>
* | Merge pull request #4052 from rhatdan/exitcodeOpenShift Merge Robot2019-09-17
|\ \ | | | | | | Fix exit code failure
| * | System-test: Temporarily disable 030-runChris Evich2019-09-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While investigating issue https://github.com/containers/libpod/issues/4044 there is no sense subjecting forward progress elsewhere. Skip the test with a note temporarily, until a resolution to 4044 and any other related issues is found and fix implemented. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | Fix exit code failureDaniel J Walsh2019-09-17
|/ / | | | | | | | | | | Be less precise on the exit code and lot the exit code to the journal when it fails. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4034 from rhatdan/relabelOpenShift Merge Robot2019-09-17
|\ \ | | | | | | Add 'relabel' to --mount options