| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
| |
We need to use the config network mode when no network mode was set. To
do so we have to keep the nsmode empty, MakeContainer() will use the
correct network mode from the config when needed.
Fixes #12248
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| | |
[CI:DOCS] VOLUME must be declared after RUN chown command
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Podman and Docker will not commit changes via RUN command
of a VOLUME directory, so we need to chown path first.
Not doing do will cause: https://bugzilla.redhat.com/show_bug.cgi?id=2009266
Signed-off-by: Jindrich Novy <jnovy@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Print headers for system connection ls
|
| |/
| |
| |
| |
| |
| |
| | |
Print out the headers even if the system connection list
is empty to match the behavior of other list commands.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|\ \
| | |
| | | |
network reload without ports should not reload ports
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As rootless we have to reload the port mappings. If it fails we should
return an error instead of the warning.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
When run as rootless the podman network reload command tries to reload
the rootlessport ports because the childIP could have changed.
However if the containers has no ports we should skip this instead of
printing a warning.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| |/
|/| |
[CI:DOCS] Add CI check for SEE ALSO in man pages
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add new CI check to confirm that links and references
in SEE ALSO sections are properly formatted and that
links are valid (at least in theory: we do no actual
URL fetching to test for 404).
The check is piggybacked into existing xref-helpmsgs-manpages
script. It could conceivably be more elegant to write a
separate tool for this purpose, but I don't wish to duplicate
the logic for finding and reading markdown files.
Script identified various problems, which I fix in this PR:
. missing '**' (asterisks) around some references, or '**'
in the wrong place.
. links pointing to github.com/.../tree/ instead of /blob/
(github redirects those automatically, but I like
consistency)
. a few copy-paste errors, e.g. subgid linking to subuid.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| |/
|/| |
podman load: support downloading files
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Support downloading files, for instance via
`podman load -i server.com/image.tar`. The specified URL is downloaded
in the frontend and stored as a temp file that gets passed down to the
backend.
Also vendor in c/common@main to use the new `pkg/download`.
Fixes: #11970
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Add links to all SEE ALSO sections
|
| |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
pod create: read infra image from containers.conf
|
|/
|
|
|
|
|
|
|
| |
Fix a bug where pods would be created with the hard-coded default infra
image instead of the custom one from containers.conf. Add a simple
regression test.
Fixes: #12245
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
Fix rootless networking with userns and ports
|
| |
| |
| |
| |
| |
| |
| |
| | |
A rootless container created with a custom userns and forwarded ports
did not work. I refactored the network setup to make the setup logic
more clear.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| | |
| | | |
podman-generate-kube - remove empty structs from YAML
|
| | |
| | |
| | |
| | |
| | |
| | | |
[NO NEW TESTS NEEDED]
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
|\ \ \
| | | |
| | | | |
support health checks from image configs
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Health checks may be defined in the container config or the config of an
image. So far, Podman only looked at the container config.
The plumbing happened in libimage but add a regression test to Podman as
well to make sure the glue code will not regress.
Note that I am pinning github.com/onsi/gomega to v1.16.0 since v1.17.0
requires go 1.16 which in turn is breaking CI.
Fixes: #12226
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Exclude already built sources for static build
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We now do not copy the `bin` directory to the target nix sources to
avoid skipping the build because "everything is up to date".
Fixes https://github.com/containers/podman/issues/12198
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Match .c files in Makefile
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Ensure that rebuilds happen when .c files are updated in the source
tree.
Signed-off-by: Ian Wienand <iwienand@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
shm_lock: Handle ENOSPC better in AllocateSemaphore
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When starting a container libpod/runtime_pod_linux.go:NewPod calls
libpod/lock/lock.go:AllocateLock ends up in here. If you exceed
num_locks, in response to a "podman run ..." you will see:
Error: error allocating lock for new container: no space left on device
As noted inline, this error is technically true as it is talking about
the SHM area, but for anyone who has not dug into the source (i.e. me,
before a few hours ago :) your initial thought is going to be that
your disk is full. I spent quite a bit of time trying to diagnose
what disk, partition, overlay, etc. was filling up before I realised
this was actually due to leaking from failing containers.
This overrides this case to give a more explicit message that
hopefully puts people on the right track to fixing this faster. You
will now see:
$ ./bin/podman run --rm -it fedora bash
Error: error allocating lock for new container: allocation failed; exceeded num_locks (20)
[NO NEW TESTS NEEDED] (just changes an existing error message)
Signed-off-by: Ian Wienand <iwienand@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
[ci:docs] Add links to podman build see also
|
|/ / / /
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
pod create: read network mode from config
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When we create a pod we have to parse the network mode form the config
file. This is a regression in commit d28e85741f.
Fixes #12207
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Minor test tweaks
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- remove 'NO TESTS NEEDED' as a valid bypass string. Henceforth
only 'NO NEW TESTS NEEDED' will work.
- add a debugging aid for #11871, in which bodhi tests time out
in nslookup.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
Bump Catatonit up to v0.1.7
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Ref: https://github.com/containers/podman/pull/12218
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
test connection add
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Fix connection JSON encoding
* Add custom ginkgo matchers for connection testing
* Cleanup code
Fixes #11984
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Display help text on empty subcommand by default
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Markus Thömmes <markusthoemmes@me.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Markus Thömmes <markusthoemmes@me.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Markus Thömmes <markusthoemmes@me.com>
|
|\ \ \ \
| | | | |
| | | | | |
system: Adds support for removing all named destination via `--all`
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Adds support of dropping all named destination from system connections via `--all`.
Closes: https://github.com/containers/podman/issues/12018
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Podman Image SCP rootful to rootless transfer
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Added functionality for users to transfer images from root storage to rootless storage without using sshd. This is
done through rootful podman by running `sudo podman image scp root@localhost::image user@localhost:: the user is needed
in order to find and use their uid/gid to exec a new process.
added necessary tests, and functions for this implementation. Created new image function Transfer so that
the underlying code is majorly removed from CLI
Signed-off-by: cdoern <cdoern@redhat.com>
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
pod/container create: resolve conflicts of generated names
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Address the TOCTOU when generating random names by having at most 10
attempts to assign a random name when creating a pod or container.
[NO TESTS NEEDED] since I do not know a way to force a conflict with
randomly generated names in a reasonable time frame.
Fixes: #11735
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
[CI:DOCS] Add some information about disabling SELinux when using system volumes
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A comment was made on internal mailing list about confusion on SELinux
labeling of volumes. This PR makes it a little more clear about when
you should or should not relabel.
We need a similar comment in podman pod create, but it does not support
--security-opt processing yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|