summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* spec: bind mount /sys only for rootless containersGiuseppe Scrivano2018-08-15
| | | | | | | | | root can always mount a new instance. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1279 Approved by: rhatdan
* build, rootless: specify IsolationOCIRootlessGiuseppe Scrivano2018-08-15
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1269 Approved by: rhatdan
* vendor: update buildah versionGiuseppe Scrivano2018-08-15
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1269 Approved by: rhatdan
* Fix handling of hostname in --net=hostDaniel J Walsh2018-08-15
| | | | | | | | | Hostname should be set to the hosts hostname when network is none. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1274 Approved by: giuseppe
* Updated pod_api to reflect function spechaircommander2018-08-14
| | | | | | | | | | Specifically, pod.Start() always returned CtrErrors, even if none failed. This cause podman start to not return the successfully started pod id. Also, pod.Kill() didn't return an error along with ctrErrors. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1272 Approved by: rhatdan
* Add create and pull commandsJhon Honce2018-08-14
| | | | | | | | | | | * Rename id_ to ident, make non-PEP8'ers happier * Fix bug where port was required on local connections * Improve error messages for exceptions Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1246 Approved by: rhatdan
* rootless: not require userns for help/versionGiuseppe Scrivano2018-08-14
| | | | | | | | | | | these commands do not require to be root in an userns Closes: https://github.com/containers/libpod/issues/1263 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1268 Approved by: vrothberg
* pkg/apparmor: use a pipe instead of a tmp fileValentin Rothberg2018-08-14
| | | | | | | | | | Use a pipe instead of a temporary file to load the apparmor profile. This change has a measurable speed improvement for apparmor users. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1262 Approved by: mheon
* pkg/apparmor: move data under Linux/apparmor buildtagsValentin Rothberg2018-08-14
| | | | | | | | | | Move all Linux-related data under the corresponding buildtags to reduce the memory footprint and speed up compilation for non-apparmor builds. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1262 Approved by: mheon
* pkg/apparmor: move all linux-code into apparmor_linux*Valentin Rothberg2018-08-14
| | | | | | | | | For easier maintenance and clearer structure of the code. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1262 Approved by: mheon
* podman in rootless mode will only work with cgroupfs at this point.Daniel J Walsh2018-08-14
| | | | | | | | | | | If user does not pass in cgroup manager and running in rootless mode, then we need to force the cgroupfs support until/unless we get support for rootless systemd support. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1261 Approved by: mheon
* when searching, survive errors for multiple registriesbaude2018-08-14
| | | | | | | | | | | | | when searching multiple registries for images, if we get an error on one of the searches, we should keep going and complete the search. if there is only one search registry however, we will return an error. Resolves: #1255 Signed-off-by: baude <bbaude@redhat.com> Closes: #1257 Approved by: mheon
* Remove unused function in runtime.goMatthew Heon2018-08-14
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1264 Approved by: mheon
* Fix papr tests by forcing cgroupfs in CIMatthew Heon2018-08-14
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1267 Approved by: mheon
* Merge pull request #1259 from mheon/bump-0.8.2.1Matthew Heon2018-08-11
|\ | | | | Bump to 0.8.2.1
| * Bump gitvalidation epochMatthew Heon2018-08-11
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.8.3-devMatthew Heon2018-08-11
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.8.2.1v0.8.2.1Matthew Heon2018-08-11
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Merge pull request #1254 from mheon/systemd_cgroups_defaultMatthew Heon2018-08-11
|\ | | | | Switch default CGroup manager to systemd
| * Further fix testsMatthew Heon2018-08-11
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Fix python tests againMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Fix python tests to use cgroupfsMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Fix typo breaking testsMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Force cgroupfs for python testsMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Swap default CGroup manager to systemdMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Only use cgroupfs for containerized testsMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Temporarily force all tests to use cgroupfs driverMatthew Heon2018-08-10
| | | | | | | | | | | | | | TODO: Change this to only force cgroupfs if if we are in a container. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | Ensure pod inspect is locked and validity-checkedMatthew Heon2018-08-11
| | | | | | | | | | | | | | | | | | | | Also, don't return the internal podState struct - instead return a public inspect struct. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1258 Approved by: rhatdan
* | Bump gitvalidation epochDaniel J Walsh2018-08-10
| | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1256 Approved by: rhatdan
* | Bump to v0.8.3-devDaniel J Walsh2018-08-10
| | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1256 Approved by: rhatdan
* | Bump to v0.8.2v0.8.2Daniel J Walsh2018-08-10
| | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1256 Approved by: rhatdan
* | We need to sort mounts so that one mount does not over mount another.Daniel J Walsh2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we add mounts from images, volumes and internal. We can accidently over mount an existing mount. This patch sorts the mounts to make sure a parent directory is always mounted before its content. Had to change the default propagation on image volume mounts from shared to private to stop mount points from leaking out of the container. Also switched from using some docker/docker/pkg to container/storage/pkg to remove some dependencies on Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1243 Approved by: mheon
* | search name should include registrybaude2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When doing a podman search, the so-called NAME should be the image's fully qualified name (not index plus shortname). ``` $ sudo podman search rhel7 INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED redhat.com registry.access.redhat.com/rhel7/rhel This platform image provides a minimal runti... 0 redhat.com registry.access.redhat.com/rhel7.0 This platform image provides a minimal runti... 0 redhat.com registry.access.redhat.com/rhel7 This platform image provides a minimal runti... 0 .... ``` Resolves: #1208 Resolves: Bugz #1614710 Signed-off-by: baude <bbaude@redhat.com> Closes: #1253 Approved by: rhatdan
* | Split pod.go into 3 filesMatthew Heon2018-08-10
| | | | | | | | | | | | | | | | | | | | | | This removes anything but structs and simple accessors from pod.go itself, which is a target file for FFJSON generation. This should reduce the amount of times FFJSON needs to run. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1247 Approved by: rhatdan
* | Make errors during refresh nonfatalMatthew Heon2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | During refresh, we cannot hard-fail, as that would mean leaving a partially-configured state behind, leaving libpod unable to start without manual intervention. Instead, log errors refreshing individual containers and pods and continue. Individual containers and pods may be unusable and need to be removed manually, but libpod itself will continue to function. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1252 Approved by: rhatdan
* | Add batch check to container stats lockMatthew Heon2018-08-10
| | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1249 Approved by: rhatdan
* | removeContainer: fix deadlockValentin Rothberg2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | When checking if the container has already been removed, use c.state.HasContainer() instead of the runtime's API to avoid trying to take the already acquired lock. Fixes: #1245 Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1251 Approved by: baude
* | Add FFJSON to build containerMatthew Heon2018-08-09
|/ | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1248 Approved by: TomSweeneyRedHat
* Don't require .gopathok for individual FFJSON targetsMatthew Heon2018-08-09
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1240 Approved by: rhatdan
* Add FFJSON generation to makefileMatthew Heon2018-08-09
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1240 Approved by: rhatdan
* Re-add FFJSON for container and pod structsMatthew Heon2018-08-09
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1240 Approved by: rhatdan
* Fixed a bug setting dependencies on the wrong containerhaircommander2018-08-09
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1244 Approved by: mheon
* Always connect to the stdout and stderr of streamDaniel J Walsh2018-08-09
| | | | | | | | | | | | | | If the stdout and stderr are not attach, podman will at least get a messsage that the container has completed and finish. This fixes the `podman run -a stdin fedora true` Hang issue. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1239 Approved by: mheon
* apparmor: respect "unconfined" settingValentin Rothberg2018-08-09
| | | | | | | | | | The "unconfined" profile must be treated specially to turn off apparmor confinement and to avoid applying any other profile. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1241 Approved by: mheon
* oci.go: syslog: fix debug formattingValentin Rothberg2018-08-09
| | | | | | | Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1242 Approved by: rhatdan
* add podman pod inspectbaude2018-08-09
| | | | | | | | | first pass of podman pod inspect Signed-off-by: baude <bbaude@redhat.com> Closes: #1236 Approved by: rhatdan
* Fix ambiguity in adding localhost to podman savehaircommander2018-08-08
| | | | | | | | | | | ...and some naming decisions. This change ensures podman save doesn't incorrectly prepend localhost when saving an image. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1140 Approved by: rhatdan
* Fix CGroupFS cgroup manager cgroup creation for podsMatthew Heon2018-08-08
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1237 Approved by: rhatdan
* Update Conmon commit for testingMatthew Heon2018-08-08
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1232 Approved by: rhatdan
* Pass newly-added --log-level flag to ConmonMatthew Heon2018-08-08
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1232 Approved by: rhatdan
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-10-01 13:28:28 +0000