| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per https://www.sqlite.org/src/artifact/c230a7a24?ln=994-1081,
POSIX file advisory locks are unsafe to use within a single
process if multiple file descriptors are open for the same file.
Unfortunately, this has a strong potential to happen for
multithreaded usage of libpod, and could result in DB corruption.
To prevent this, wrap all access to BoltDB within a single
libpod instance in a mutex to ensure concurrent access cannot
occur.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |\
| |
| | |
Add Pod and Container namespaces
|
| | |
| |
| |
| |
| |
| |
| | |
Better explain the inner workings of both state types in comments
to make reviews and changes easier.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
Also add namespace to inspect output to verify its presence
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
New containers and pods will default to the namespace of the
runtime, but this can be overridden by With... options if
desired.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Allows joining libpod to a specific namespace when running a
Podman command.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Include details on how namespaces interact with the
state.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
All BoltDB access and update functions now understand namespaces.
Accessing containers outside of your namespace will produce
errors, except for Lookup and All functions, which will perform
their tasks only on containers within your namespace.
The "" namespace remains a reserved, no-restrictions namespace.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Dependency containers must be in the same namespace, to ensure
there are never problems resolving a dependency.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Add basic awareness of namespaces to the database. As part of
this, add constraints so containers can only be added to pods in
the same namespace.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Libpod namespaces are a way to logically separate groups of pods
and containers within the state.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Some of the pedantic errors were not corrected
* Clean up prep for porting to MacOS and PyPi hosting
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1155
Approved by: baude
|
| |\ \
| | |
| | | |
Fix varlink API usage of psgo
|
| | |/
| |
| |
| | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| | |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| | |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| | |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| | |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| |/
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| |
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1150
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
| |
Make this clear in the docs and Command.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1138
Approved by: mheon
|
| |
|
|
|
|
|
|
|
| |
Fixes spaces and sorting on capabilties and Descriptors
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1148
Approved by: vrothberg
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Addresses a regression in `podman mount` due to our mount changes
to allow concurrency by letting c/storage handle mounting and
unmounting.
Combine Mounted() and Mountpoint() into one function and query
c/storage directly to ensure we get accurate information.
Fixes: #1143
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1144
Approved by: baude
|
| |
|
|
|
|
|
|
|
|
|
| |
* pypodman namespaced in site-packages
* version numbers pulled from requirements.txt
* add python-podman spec file to install eggs
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1106
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
| |
Check at runtime if AppArmor is enabled on the host.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1128
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
| |
Trying to play with podman top, I had a hard time
finding info on format options.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1134
Approved by: umohnani8
|
| |
|
|
|
|
|
|
|
| |
Before, errors in containers would never be printed, and a generic error would only be shown.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1132
Approved by: mheon
|
| |
|
|
|
|
|
| |
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1131
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
|
|
| |
No need to do a separate string search when reference.Parse has already
determined this.
Changes behavior: non-SHA256 digest formats are now recognized as well.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
| |
... which finally makes it very easy to add comprehensive tests; so do that.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The functionality only depends on Image.InputName, and we will want
to make the only user of this independent of the fairly complex Image type.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
One part creates []*pullRefName; the other just trivially converts it
into []*pullRefPair.
Also use much more explicit names to explain the functionality.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
| |
... to be more conventional.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
| |
This will have another user shortly.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We will use it not only in createNamesToPull, but also in
getPullListFromRef soon.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
| |
"Struct" is meaningless, and we will need the "reference pair"
mentioned to distinguish srcRef+dstRef from srcRef+dstName.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This consolidates the shaPullName logic into a single place,
(and eliminates the unclear shaPullName member name completely).
The resulting nameToPull will shortly be more generally useful.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
shaPullName is only used internally in createNamesToPull; so, introduce
a nameToPull as a variant of pullStruct which has shaPullName (and does not
have destRef).
Eventually, we want to split pullStruct preparation into easily-testable
store-independent name preparation, and a store-dependent and difficult-to-test
but trivial conversion using StorageTransport.ParseStoreReference.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
| |
... so that it can be tested without side effects, and add the tests.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It has no users, and it depends on the incorrect imageParts.hasRegistry.
So, just drop it instead of worrying whether it is OK to change its semantics.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This also eliminates a duplicate call to reference.Parse() and
removes an impossible erorr path.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
| |
|
|
|
|
|
| |
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
|
