| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
rootful: unset XDG_RUNTIME_DIR
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Depending how the user logs in to the root account, XDG_RUNTIME_DIR is
set to /run/user/0 or it is unset. For conmon we already set it always
to an empty string. The inconsistency is causing issues for the dnsname
plugin. To fix it unset XDG_RUNTIME_DIR for the podman process.
[NO TESTS NEEDED]
Fixes #10806
Fixes #10745
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
Fix rootless cni dns without systemd stub resolver
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a host uses systemd-resolved but not the resolved stub resolver the
following symlinks are created: `/etc/resolv.conf` ->
`/run/systemd/resolve/stub-resolv.conf` -> `/run/systemd/resolve/resolv.conf`.
Because the code uses filepath.EvalSymlinks we put the new resolv.conf
to `/run/systemd/resolve/resolv.conf` but the `/run/systemd/resolve/stub-resolv.conf`
link does not exists in the mount ns.
To fix this we will walk the symlinks manually until we reach the first
one under `/run` and use this for the resolv.conf file destination.
This fixes a regression which was introduced in e73d4829900c.
Fixes #11222
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Fixed healthcheck default values when container created via compat API
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes #11225
Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
|
| |\ \ \
| |/ /
|/| | |
rename oneshot initcontainers to once
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
after the init containers pr merged, it was suggested to use `once`
instead of `oneshot` containers as it is more aligned with other
terminiology used similarily.
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
Set gvproxy path to /usr/libexec/podman/gvproxy
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We have reverted the previous patches to look for the gvproxy binary in
/usr/lib/podman and have again decided to use /usr/libexec/podman
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit 4acc1d685066faa1dc102532ba76a81d3ec6bdc0.
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Run codespell to fix spelling
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[NO TESTS NEEDED] Just fixing spelling.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
For compatibility, ignore Content-Type
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Endpoint /build logs an info entry when a client uses the wrong
Content-Type for build payload. Given Content-Type is ignored and
assumed to be "application/x-tar".
Endpoint /libpod/build will fail unless "application/x-tar" or
"application/tar" is given for Content-Type. "application/tar" will
be logged as an info entry.
Fixes #11012
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
[CI:DOCS] Fix multi-arch image docs
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The automation workflow was altered in recent history to build images
daily, even if the podman version didn't change. This was is necessary
so that any updates/security vulnerabilities in ancillary packages are
incorporated quickly. However, documentation was never updated to
reflect this change. This commit puts the two in sync.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
Enhance priv. dev. check
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The `ls` command is not intended for this purpose and may behave in
unexpected ways, leading to false positive or negative results. Update
the tests to use the purpose built `test` command instead.
Also added several *TODO* comments for possible future testing
enhancements.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Update test to confirm the negative-case, proving the `--privileged`
"option is required" for this character device to be present in a
container (including rootless).
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This test has been failing for a long time but nobody noticed because CI
doesn't have the device node (nested-VM support was disabled). After
having enabled nested VM support, tests fail due to some unknown
special-handling of this device.
Fix both problems by removing the `skip()` and switching to a more generic
device which is only present when `--privileged` is used.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Add until filter to podman pod ps
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This commit adds additional until filter to podman pod ps (ls/list).
Additionally, it also adds descriptions for podman pod ps filters available
via http api.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Added autocompletion for images and system connections for podman image SCP
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
[NO TESTS NEEDED] image scp should autocomplete images and system connections since the args can
be either. Made a new function, common.AutocompleteScp
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Reproducible Builds: trim embedded cgo paths
|
| | |/ / /
| | | |
| | | |
| | | | |
Signed-off-by: kpcyrd <git@rxv.cc>
|
| |\ \ \ \
| |_|_|/
|/| | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/opencontainers/selinux-1.8.4
Bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.8.3...v1.8.4)
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/containers/storage-1.34.0
Bump github.com/containers/storage from 1.33.1 to 1.34.0
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.33.1 to 1.34.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.33.1...v1.34.0)
---
updated-dependencies:
- dependency-name: github.com/containers/storage
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Document source ip for the rootlesskit port handler
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also add some missing options to podman pod create.
Fixes #10884
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
Add support for pod inside of user namespace.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add the --userns flag to podman pod create and keep
track of the userns setting that pod was created with
so that all containers created within the pod will inherit
that userns setting.
Specifically we need to be able to launch a pod with
--userns=keep-id
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Skip cgroup-parent test due to frequent flakes
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | | |
Ref: https://github.com/containers/podman/issues/11165
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \
| |_|_|/
|/| | | |
skip flaking auto-update test
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
This test flakes on almost every PR, so skip it for now until
someone can fix it, see #11175.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Alias build to buildx, so it won't fail
|
| | |/
| |
| |
| |
| |
| | |
Add hidden --load and --progress flag as well.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
podman info show correct slirp4netns path
|
| |/
|
|
|
|
|
|
|
| |
The slirp4netns path can be set in the config file or with
--network-cmd-path. Podman info should read the version information
correctly and not use PATH in this case. Also show the slirp4netns
version information to root users.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] tests-expect-exit: include source line numbers
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In the new check for preventing 'Expect(ExitCode...)',
include source line numbers.
Response to #11034, which I totally didn't even understand
because it was referencing a different test. Sorry, Brent.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| | |
| | |
| | |
| | | |
containers/dependabot/go_modules/github.com/onsi/gomega-1.15.0
Bump github.com/onsi/gomega from 1.14.0 to 1.15.0
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.14.0...v1.15.0)
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \
| | | |
| | | | |
auto-update: simple rollback
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add support for simple rollbacks during `podman auto-update`. Rollbacks
are enabled by default. If a systemd unit cannot be restarted after an
update, the previous image will be retagged and the unit will be
restarted a second time.
Add system tests for rollbacks. Also fix a bug in the restart sequence;
we have to use the channel to actually know whether the restart was
successful or not.
NOTE: To make rollbacks really useful, users must run their containers
with `--sdnotify=container` such that the containers send the ready
message over the (mounted) socket. This way, restarting the systemd
units during auto update will block until the message has been received
(or a timeout kicked in).
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
personality: Add support for setting execution domain.
|
