| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Quick grammar touchup in rootless.md
|
| |
| |
| |
| | |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \
| | |
| | | |
Allow chained network namespace containers
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The code currently assumes that the container we delegate network
namespace to will never further delegate to another container, so
when looking up things like /etc/hosts and /etc/resolv.conf we
won't pull the correct files from the chained dependency. The
changes to resolve this are relatively simple - just need to keep
looking until we find a container without NetNsCtr set.
Fixes #4626
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| |_|/
|/| | |
troubleshooting: warn about secure boot
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add an additional troubleshooting item to warn users that Secure Boot
can prevent Podman from running containers. The error messages and
initial debugging steps don't make it clear that this all stems from a
BIOS setting. Hopefully adding this item to the troubleshooting doc
will avoid future headaches.
Signed-off-by: Brian Fallik <brian@clypd.com>
|
|\ \ \
| | | |
| | | | |
Updates on making doc building optional
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It changes the podman spec from using with_doc to bcond_without
for building docs so that anyone can pass --without doc as well
as other rpmbuild args to the build_rpm.sh script to skip
building docs.
Since go-md2man is not available in CentOS8 repo. without the
help fo extra_args, it makes it conditional.
It also moves the manpages to a seperate package.
Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
build: improved prepare.sh
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* assure we use bash strict mode
* avoid shallow errors on full clones
* make script bit more idempotent
Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add comment on rootless containers creating device nodes
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Ignore ErrCtrRemoved when removing a container
|
| | |_|_|/
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Ensure volumes reacquire locks on state refresh
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
After a restart, pods and containers both run a refresh()
function to prepare to run after a reboot. Until now, volumes
have not had a similar function, because they had no per-boot
setup to perform.
Unfortunately, this was not noticed when in-memory locking was
introduced to volumes. The refresh() routine is, among other
things, responsible for ensuring that locks are reserved after a
reboot, ensuring they cannot be taken by a freshly-created
container, pod, or volume. If this reservation is not done, we
can end up with two objects using the same lock, potentially
needing to lock each other for some operations - classic recipe
for deadlocks.
Add a refresh() function to volumes to perform lock reservation
and ensure it is called as part of overall refresh().
Fixes #4605
Fixes #4621
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
install.md: added slirp4netns dependency to ubuntu
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
https://github.com/containers/libpod/issues/1234
Signed-off-by: nitrocode <nitrocode@users.noreply.github.com>
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
build: improved main makefile
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* added .install.md2man as dependency for docs, fixed broken build
on systems that do not have go-md2man preinstalled.
* sorted PHONY targets
Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
container prune command fixed as per docker prune command
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
examples with filter added
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
filter flag helps to filter the containers based on
labels, until(time), name, etc for prune command.
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
container prune command ask for confirmation by default.
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
libpod: fix case for executable file not found errors
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
do not change the runtime error to be lowercase, but use a case
insensitive regex matching. In this way the original error from the
OCI runtime is reported back.
regression introduced by bc485bce47f55135d6ead80537bc145edb779ae9
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Fix podman-remote version to print client and server
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If the user specifies .Server.* on a non podman-remote,
substitute .Client for .Server and return the value.
This is for compatability with Docker.
Since prior versions documented --format {{ .Version }}, we
have to continue to support that.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Add ContainerStateRemoving
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If the container is running and we need to get its netns and
can't, that is a serious bug deserving of errors.
If it's not running, that's not really a big deal. Log an error
and continue.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When Libpod removes a container, there is the possibility that
removal will not fully succeed. The most notable problems are
storage issues, where the container cannot be removed from
c/storage.
When this occurs, we were faced with a choice. We can keep the
container in the state, appearing in `podman ps` and available for
other API operations, but likely unable to do any of them as it's
been partially removed. Or we can remove it very early and clean
up after it's already gone. We have, until now, used the second
approach.
The problem that arises is intermittent problems removing
storage. We end up removing a container, failing to remove its
storage, and ending up with a container permanently stuck in
c/storage that we can't remove with the normal Podman CLI, can't
use the name of, and generally can't interact with. A notable
cause is when Podman is hit by a SIGKILL midway through removal,
which can consistently cause `podman rm` to fail to remove
storage.
We now add a new state for containers that are in the process of
being removed, ContainerStateRemoving. We set this at the
beginning of the removal process. It notifies Podman that the
container cannot be used anymore, but preserves it in the DB
until it is fully removed. This will allow Remove to be run on
these containers again, which should successfully remove storage
if it fails.
Fixes #3906
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add podman system reset command
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This command will destroy all data created via podman.
It will remove containers, images, volumes, pods.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
Do not initialize store on rootless podman
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This fixes a double-locking issue of the container storage when running
rootless podman.
Closes #4591
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
oci: print only matching part for the errors
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
when parsing the OCI error, be sure to discard any other output that
is not matched. The full output is still printed with
--log-level=debug.
Closes: https://github.com/containers/libpod/issues/4574
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Disable btrfs for RHEL in podman spec
|
| | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Since btrfs-progs-devel is not available in RHEL/CentOS 8 and
the spec fails to build it while running build_rpm.sh,
making it optional fixes the issue.
It also modifies the spec file to install btrfs-progs-devel for
fedora only.
Since golang-github-cpuguy83-go-md2man was added twice, it also
removes the repetition.
Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Detect Python executable in Makefile
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
`make help` failed on modern platforms that have only
python3 executable installed.
Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
|
|\ \ \ \ \ \ \
| |_|_|_|_|/ /
|/| | | | | | |
Make doc building in spec optional
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
since go-man2md is not available in CentOS 8, making it
optional allows them to build the rpm.
Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
Disable checkpointing of containers started with --rm
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Trying to checkpoint a container started with --rm works, but it makes
no sense as the container, including the checkpoint, will be deleted
after writing the checkpoint. This commit inhibits checkpointing
containers started with '--rm' unless '--export' is used. If the
checkpoint is exported it can easily be restored from the exported
checkpoint, even if '--rm' is used. To restore a container from a
checkpoint it is even necessary to manually run 'podman rm' if the
container is not started with '--rm'.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| / / /
| |/ / / |
Improved build_rpm.sh
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- assure we use bash strict mode to avoid missing errors
- added untracked artifacts to gitignore
Signed-off-by: Sorin Sbarnea <sorin.sbarnea@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add support for image name history
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We leverage the containers/storage image history tracking feature to
show the previously used image names when running:
`podman images --history`
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|