| Commit message (Collapse) | Author | Age |
|\
| |
| | |
fix rootless login/logout tests
|
| |
| |
| |
| |
| |
| | |
fix rootless login/logout tests. Since c/image can support peruser certs directory, this path uses $HOME dir as certs.d to avoid permission deny failures.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \
| | |
| | | |
podman info needs to be run within the user namespace
|
| | |
| | |
| | |
| | |
| | |
| | | |
Accidently removed podman info from user namespace
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
podmanv2 info
|
| | |
| | |
| | |
| | |
| | |
| | | |
add ability to run info for v2
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Do not error on pids.current stats if ctr.path is empty
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If the ctr.path is empty, then we do not try to access
`/sys/fs/cgroup/pids/pids.current` any more because this path will be
wrong in any case. We now return and do not set the PIDs stats.
Refers to https://github.com/cri-o/cri-o/issues/3522
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|\ \ \
| | | |
| | | | |
v2podman run
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
add the ability to run a container
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
userns: support --userns=auto
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
automatically pick an empty range and create an user namespace for the
container.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
podmanv2 ps
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
add the ability to list containers
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
refactor info
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
the current implementation of info, while typed, is very loosely done so. we need stronger types for our apiv2 implmentation and bindings.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
containers/dependabot/go_modules/github.com/containers/storage-1.18.2
build(deps): bump github.com/containers/storage from 1.18.1 to 1.18.2
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.18.1 to 1.18.2.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.18.1...v1.18.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Cleanup whether to enter user namespace
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add support for specifying CNI networks in podman play kube
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixes: #5609
Signed-off-by: Christian Felder <c.felder@fz-juelich.de>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Christian Felder <c.felder@fz-juelich.de>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
podmanv2 start
|
| | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
add the ability to start containers
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \ \
| |_|_|_|_|/
|/| | | | |
| | | | | |
| | | | | | |
containers/dependabot/go_modules/github.com/opencontainers/selinux-1.5.0
build(deps): bump github.com/opencontainers/selinux from 1.4.0 to 1.5.0
|
| | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.4.0...v1.5.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/github.com/containers/common-0.8.1
build(deps): bump github.com/containers/common from 0.8.0 to 0.8.1
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.8.0 to 0.8.1.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.8.0...v0.8.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
podmanv2 pod inspect
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add the ability to inspect pod in podmanv2
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
v2podman attach
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
add the ability to attach to a running container. the tunnel side of this is not enabled yet as we have work on the endpoints and plumbing to do yet.
add the ability to exec a command in a running container. the tunnel side is also being deferred for same reason.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
podmanv2 version
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
this is only for the abi side and does not print out the remote information yet. the remote information will need to be worked on and agreed upon later.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
v2podman container create
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
create a container in podmanv2 using specgen approach. this is the core implementation and still has quite a bit of code commented out specifically around volumes, devices, and namespaces. need contributions from smes on these parts.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
podmanv2 save image
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | | |
add ability to save an image for podman v2
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
podmanv2 checkpoint and restore
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
add the ability to checkpoint and restore containers on v2podman
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Prepare for crun checkpoint support
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
For (almost) all commands which podman passes on to a OCI runtime
XDG_RUNTIME_DIR is set to the same value. This does not happen for the
checkpoint command.
Using crun to checkpoint a container without this change will lead to
crun using XDG_RUNTIME_DIR of the currently logged in user and so it
will not find the container Podman wants to checkpoint.
This bascially just copies a few lines from on of the other commands to
handle 'checkpoint' as all the other commands.
Thanks to Giuseppe for helping me with this.
For 'restore' it is not needed as restore goes through conmon and for
calling conmon Podman already configures XDG_RUNTIME_DIR correctly.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Podman was checking if the runtime support checkpointing by running
'runtime checkpoint -h'. That works for runc.
crun, however, does not use '-h, --help' for help output but, '-?,
--help'.
This commit switches both checkpoint support detection from
'runtime checkpoint -h'
to
'runtime checkpoint --help'.
Podman can now correctly detect if 'crun' also support checkpointing.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Pass path environment down to the OCI runtime
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
Fix/improve pkg/storage.InitFSMounts
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Instead of getting mount options from /proc/self/mountinfo, which is
very costly to read/parse (and can even be unreliable), let's use
statfs(2) to figure out the flags we need.
[v2: move getting default options to pkg/util, make it linux-specific]
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
... rather than create a new slice and then make the caller
replace the original with the new one.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
> $ ./bin/podman run -v /tmp:/tmp alpine true; echo $?
> 0
> $ ./bin/podman run -v /tmp:/tmp:ro alpine true; echo $?
> 0
> $ ./bin/podman run -v /tmp:/w0w:ro alpine true; echo $?
> Error: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"rootfs_linux.go:58: mounting \\\"/tmp\\\" to rootfs \\\"/home/kir/.local/share/containers/storage/overlay/7636ef3650fc91ee4996ccc026532bb3cff7182c0430db662fffb933e0bcadc9/merged\\\" at \\\"/home/kir/.local/share/containers/storage/overlay/7636ef3650fc91ee4996ccc026532bb3cff7182c0430db662fffb933e0bcadc9/merged/w0w\\\" caused \\\"operation not permitted\\\"\"": OCI runtime permission denied error
> 126
The last command is not working because in-container mount point
is used to search for a parent mount in /proc/self/mountinfo.
And yet the following
> $ ./bin/podman run -v /tmp:/run/test:ro alpine true; echo $?
> 0
still works fine! Here's why:
> $ mount | grep -E '/run |/tmp '
> tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755)
> tmpfs on /tmp type tmpfs (rw,nosuid,nodev,seclabel)
This is the reason why previous commit modified in-container mount
point.
Fixes: 0f5ae3c5af
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|