| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
podman: do not set empty cgroup limit blocks
|
| | |
| |
| |
| |
| |
| |
| | |
refactor cgroup limits in their own function. If there are no limits
set avoid to set the block. Basic rootless containers work now.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| | |
| | | |
my bad
|
| | | |
| | |
| | |
| | |
| | |
| | | |
typos in previous pr are causing panics
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
podmanv2 cp
|
| | | |
| | |
| | |
| | |
| | |
| | | |
enable podman to copy files between container and host, local mode only. this is a straight port of v1 code to v2.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| | | |
| | | | |
add entrypoint from image where needed
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
if the image specifies both the image and entrypoint, we need to account for that and preprend the entrypoint to the command. this only happens if no user command and entrypoint were supplied.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Makefile: fix broken chcon for podman-remote
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The install.remote target looks like it was copy-pasted
from install.bin and missed a spot.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
v2, pkg: implement rlimits
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
podmanv2 container subcommands
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
add container subcommands with example text that has proper context.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
v2podman port
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
add port command to podman.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Move Fedora 31 dependencies for building podman into separate file
|
| | |/ /
| | |
| | |
| | |
| | |
| | | |
This ones listed here are actual for Fedora 31.
Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
|
| |\ \ \
| |_|/
|/| | |
More fixes for podman create tests
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Update podmanV2 to use containers.conf
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add more default options parsing
Switch to using --time as opposed to --timeout to better match Docker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Cleanup network option parsing
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We were not handling the parsing of --ip. This pr adds validation
checks and now will support the flag.
Move validation to the actual parsing of the network flags.
We should only parse the dns flags if the user changed them. We don't
want to pass default options if set in containers.conf to the server.
Potential for duplicating defaults.
Add support for --dns-opt flag passing
Begin handling of --network flag, although we don't have a way right now
to translate a string into a specgen.Namespace.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \
| |_|_|/
|/| | | |
podman rmi: refactor logic
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
While this commit was initially meant to fix #5847, it has turned into a
bigger refactoring which I did not manage to break into smaller pieces:
* Fix #5847 by refactoring the image-removal logic.
* Make the api handler for image-removal use the ABI code. This way,
both (i.e., ABI and Tunnel) end up using the same code. Achieving
this code share required to move some code around to prevent circular
dependencies.
* Everything in pkg/api (excluding pkg/api/types) must now only be
accessed from code using `ABISupport`.
* Avoid imports from entities on handlers to prevent circular
dependencies.
* Move `podman system service` logic into `cmd` to prevent circular
dependencies - it depends on pkg/api.
* Also remove the build header from infra/abi files. It will otherwise
confuse swagger and other tools; errors we cannot fix as go doesn't
expose a build-tag env variable.
Fixes: #5847
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Return labes in API (fixes #5882)
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
|
| |\ \ \
| | | |
| | | | |
Fix up handling of image data as well as setting Linux Capabilties correctly
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Podman inspect has a breaking change in that it dropped
--latest and --size options.
This PR adds these back. Lots of tests rely on
podman inspect -l.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If user sets capabilities list we need handle minimal capabilities.
Also handle seccomp-policy being passed in.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |/
| |/|
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
V2 podman image tree
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Basic port of V1 podman image tree ID
TODO: Refactor to return tree from service and format in presentation
layer
TODO: Support tunneling mode
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
V2 Remove existing unix domain socket on startup
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
rootless: move join namespace inside child process
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
open the namespace file descriptors inside of the child process.
Closes: https://github.com/containers/libpod/issues/5873
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
since we join directly the conmon user namespace, there is no need to
look up its parent user namespace, as we can safely assume it is the
init namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
common: setting cgroup resources correctly
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
fix some cgroups related integration tests.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
V2 Fix --latest for podman diff commands
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* --latest now forces container diff
* diff options now passed into domain layer
* updated help/usage messages
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
Pull images when doing podman create
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | | |
Currently podman create does not pull images if they don't
exist. It should follow the pull policy specified by the
user.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
V2 Fix support for tcp://[::]<port> connections
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Fix support for socket activation, on remote and service
$ systemd-socket-activate -l 8083 --fdname=podman bin/podman system service --log-level=debug --time=30
$ bin/podman-remote --remote=tcp://[::]:8083 image ls
Or, use the podman.{socket,service} unit files
$ bin/podman-remote --remote=unix:///run/podman/podman.sock image ls
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
