| Commit message (Collapse) | Author | Age |
|
|
|
|
|
| |
NEEDED]
Signed-off-by: Noah Stride <noah@noahstride.co.uk>
|
|\
| |
| | |
[CI:DOCS] fix doc typo
|
|/
|
|
| |
Signed-off-by: ye.sijun <junnplus@gmail.com>
|
|\
| |
| | |
[CI:DOCS] Add example of cpus to init command
|
|/
|
|
| |
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
|\
| |
| | |
Compat api containers ImageId missing sha256
|
| |
| |
| |
| |
| |
| | |
test for compat API ImageId
Signed-off-by: Oliver Thallmair <oliver.thallmair@mailbox.org>
|
|\ \
| |/
|/| |
Introduce Windows WSL implementation of podman machine
|
|/
|
|
|
|
| |
[NO NEW TESTS NEEDED] for now
Signed-off-by: Jason Greene <jason.greene@redhat.com>
|
|\
| |
| | |
Allow users to add host user accounts to /etc/passwd
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some containers require certain user account(s) to exist within the
container when they are run. This option will allow callers to add a
bunch of passwd entries from the host to the container even if the
entries are not in the local /etc/passwd file on the host.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1935831
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
clarify `io.podman.annotations.seccomp`
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Do not apply reserved annotations from the image to the container.
Reserved annotations are applied during container creation to retrieve
certain information (e.g., custom seccomp profile or autoremoval)
once a container has been created.
Context: #12671
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Clarify the semantics of the `io.podman.annotations.seccomp` annotation
which is set when a container has been created with a custom seccomp
profile.
Fixes: #12671
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| |/
|/| |
[CI:DOCS] docs: document rootless userns mappings
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
document how the host IDs are mapped inside the rootless user
namespace.
Closes: https://github.com/containers/podman/issues/12676
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Error out early if system does not support pre-copy checkpointing
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
CRIU's pre-copy migration support relies on the soft dirty page tracking
in the Linux kernel:
https://www.kernel.org/doc/Documentation/vm/soft-dirty.txt
This functionality is not implemented for all architectures and it can
also be turned off in the kernel.
CRIU can check if the combination of architecture/kernel/CRIU supports
the soft dirty page tracking and exports this feature checking
functionality in go-criu.
This commit adds an early check if the user selects pre-copy
checkpointing to error out if the system does not support it.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \
| | | |
| | | | |
Warn on use of --kernel-memory
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It has been deprecated and is no longer supported. Fully remove it and
only print a warning if a user uses it.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2011695
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
[Fixes #11089] Switch to a new installer approach using a path manipulation helper
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes #11089 - cleanup PATH on MSI uninstall
Additionally fixes scenarios where the path can be overwritten by setx
Also removes the console flash, since the helper is built as a silent gui
Helper executable can be rerun by user to repair PATHs broken by other tools
Utilizes executable location instead of passed parameters to remove delicate escaping requirements
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Enable checkpoint/restore of /dev/shm content
|
| | |
| | |
| | |
| | | |
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When Podman is running a container in private IPC mode (default), it
creates a bind mount for /dev/shm that is then attached to a tmpfs
folder on the host file system. However, checkpointing a container has
the side-effect of stopping that container and unmount the tmpfs used
for /dev/shm. As a result, after checkpoint all files stored in the
container's /dev/shm would be lost and the container might fail to
restore from checkpoint.
To address this problem, this patch creates a tar file with the
content of /dev/shm that is included in the container checkpoint and
used to restore the container.
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
DevShmCheckpointTar constant has been recently introduced in
checkpointctl. This constant will be used in subsequent patch and this
patch contains auto-generated changes with the following commands:
go get github.com/checkpoint-restore/checkpointctl
go mod tidy
go mod vendor
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
|
|\ \
| | |
| | | |
Always run passwd management code when DB value is nil
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This ensures that existing containers will still manage
`/etc/passwd` by default, as they have been doing until now. New
containers that explicitly set `false` will still have passwd
management disabled, but otherwise the code will run.
[NO NEW TESTS NEEDED] This will only be caught on upgrade and I
don't really know how to write update tests - and Ed is on PTO.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \
| |/
|/| |
Use hosts public ip address in rootless containers
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add first non localhost ipv4 of all host interfaces as destination
for host.contaners.internal for rootless containers.
Fixes: https://github.com/containers/podman/issues/12000
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
support hosts without /etc/hosts
|
| | |
| | |
| | |
| | |
| | | |
Fixes: #12667
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Podman run --passwd
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
added support for a new flag --passwd which, when false prohibits podman from creating entries in
/etc/passwd and /etc/groups allowing users to modify those files in the container entrypoint
resolves #11805
Signed-off-by: cdoern <cdoern@redhat.com>
|
|\ \ \
| | | |
| | | | |
ci: force scratch build for crun
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
force a version with this fix: https://github.com/containers/crun/pull/819
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| |/ /
|/| | |
compat: image normalization: handle sha256 prefix
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When normalizing image names on the compat API, make sure to take the
`sha256:` prefix into account when matching against the image ID.
Otherwise, the name will mistakingly be subject to docker.io
normalization.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
adrianreber/2021-12-20-checkpoint-restore-man-pages
[CI:DOCS] Small checkpoint/restore man page fixes
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
At some places the checkpoint restore man pages were using the markdown
modifier `**` inside `*..*`. This does not seem to work as intended and
results in markdown modifiers present in the final man page. Switching
to `__` inside of `*..*` seems to fix this.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
adrianreber/2021-12-20-checkpoint-systemd-entrypoint
[CI:DOCS] Explicitly mention that checkpointing systemd containers might fail
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Checkpoint a container using systemd as entrypoint will probably result
in an error as CRIU cannot handle all the resources latest systemd uses.
This updates the checkpoint man page with this information.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
specgen: honor userns=auto from containers.conf
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
when using the default userns value, make sure its value is parsed so
that userns=auto is parsed and the options for the storage are filled.
Closes: https://github.com/containers/podman/issues/12615
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |/
| |/|
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
apiv2 tests: use quay.io/libpod/testimage:20210610 for platform tests
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The quay.io/libpod/testimage:20210610 is known not to change and to
remain stable over time. While the same should apply for alpine image
on quay.io/libpod, we've seen it flake and return the wrong image.
The reasons for that observation are unknown.
Fixes: #12631
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
build: fix test for subid 4
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|