| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
podman: set umask to 022
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
be sure there are no bits in the umask that prevent us for creating
directories with mode 0755. Set the umask very early in the program
startup.
Closes: https://github.com/containers/libpod/issues/2074
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| | |
| | | |
Rootless with shmlocks was not working.
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
This patch makes the path unigue to each UID.
Also cleans up some return code to return the path it is trying to lock.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Update vendor of runc
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Updating the vendor or runc to pull in some fixes that we need.
In order to get this vendor to work, we needed to update the vendor
of docker/docker, which causes all sorts of issues, just to fix
the docker/pkg/sysinfo. Rather then doing this, I pulled in pkg/sysinfo
into libpod and fixed the code locally.
I then switched the use of docker/pkg/sysinfo to libpod/pkg/sysinfo.
I also switched out the docker/pkg/mount to containers/storage/pkg/mount
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Vendor in latest containers/buildah code
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
This should improve the speed of podman build.
Has fixes from containres/image for parallell pull.
Also vendor containers/storage and containers/image
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Readd Python testing
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
We accidentally merged a PR with a commit temporarily disabling
the Python tests. Reenable them here.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \
| |/ /
|/| | |
[skip ci] Docs: Add Bot Interactions section
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \
| | | |
| | | | |
SHM locking for Libpod
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The limit of build_each_commit seems to be 17 commits - any more
and it times out. Give it a bit more time to work with.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Don't initialize the lock manager until almost the end of libpod
init, so we can guarantee our tmp dir is properly set up and
exists. This wasn't an issue on systems that had previously run
Podman, but CI caught it.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It's impossible to get good debug out of the python tests, so
nuke them for now so I can figure out what's wrong.
DO NOT MERGE THIS COMMIT
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This will hopefully help cases where libpod is initialized
multiple times on the same system (as on our CI tests).
We still run into potential issues where multiple Podmans with
multiple tmp paths try to run on the same system - we could end
up thrashing the locks.
I think we need a file locks driver for situations like that. We
can also see about storing paths in the SHM segment, to make sure
multiple libpod instances aren't using the same one.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Remove runtime's lockDir as it is no longer needed after the lock
rework.
Add a trivial in-memory lock manager for unit testing
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Golint wants to rename the struct. I think the name is fine. I
can disable golint. Golint will no longer complain about the
name.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Move SHM specific code into a subpackage. Within the main locks
package, move the manager to be linux-only and add a non-Linux
unsupported build file.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also add a few more unit tests
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Check value of semaphores when incrementing to ensure we never go
beyond 1, preserving mutex invariants.
Also, add cleanup code to the lock tests, ensuring that we never
leave the locks in a bad state after a test. We aren't destroying
and recreating the SHM every time, so we have to be careful not
to leak state between test runs.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |\ \ \
| |_|/
|/| | |
add init support
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add support for executing an init binary as PID 1 in a container to
forward signals and reap processes. When the `--init` flag is set for
podman-create or podman-run, the init binary is bind-mounted to
`/dev/init` in the container and "/dev/init --" is prepended to the
container's command.
The default base path of the container-init binary is `/usr/libexec/podman`
while the default binary is catatonit [1]. This default can be changed
permanently via the `init_path` field in the `libpod.conf` configuration
file (which is recommended for packaging) or temporarily via the
`--init-path` flag of podman-create and podman-run.
[1] https://github.com/openSUSE/catatonit
Fixes: #1670
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| | |
| | | |
vendor in new containers/storage
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
vendor in latest containers/storage which contains a fix for when
a filesystem that overlayfs is on is ENOSPC.
adding pgzip/compress as a new dep for c/s
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Fix completions
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Currently completions do not work. podman generate kube and podman play kube
completions broke this.
Also fixed podman import to work properly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Touch up some troubleshooting nits
|
| |/ /
| |
| |
| | |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \
| | |
| | | |
Log container command before starting the container
|
| | |/
| |
| |
| |
| |
| |
| | |
Runc does not produce helpful error messages when the container's
command is not found, so print the command ourselves.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| |/
|/| |
Use sprintf to generate port numbers while committing
|
| |/
|
|
|
|
|
|
|
| |
Casting integers to strings is definitely not correct, so let the
standard library handle matters.
Fixes #2066
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\
| |
| | |
Add troubleshooting for sparse files
|
| |/
|
|
|
|
|
|
|
|
| |
A common failure with people building container images is the
creation of large sparse files, particularly useradd creating
the lastlog file.
This PR Documents the failures.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
Re-enable checkpoint/restore CI tests on Fedora
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Now that the correct distribution CRIU packages are installed the
checkpoint/restore tests should no longer fail. This re-enables the
disabled tests on Fedora.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\ \
| | |
| | | |
podman build is not using the default oci-runtime
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently if the user installs runc in an alternative path
podman run uses it but podman build does not.
This patch will pass the default oci runtime to be used by podman
down to the image builder.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
