summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* signal parsing - better input validationEd Santiago2019-12-26
| | | | | | | | | | | | | | | | | | | | | | The helper function we use for signal name mapping does not check for negative numbers nor invalid (too-high) ones. This can yield unexpected error messages: # podman kill -s -1 foo ERRO[0000] unknown signal "18446744073709551615" This PR introduces a small wrapper for it that: 1) Strips off a leading dash, allowing '-1' or '-HUP' as valid inputs; and 2) Rejects numbers <1 or >64 (SIGRTMAX) Also adds a test suite checking signal handling as well as ensuring that invalid signals are rejected by the command line. Fixes: #4746 Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #4742 from rhatdan/vendorOpenShift Merge Robot2019-12-23
|\ | | | | Update containers/storage to v1.15.4
| * Update containers/storage to v1.15.4Daniel J Walsh2019-12-23
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4743 from baude/imageresponseOpenShift Merge Robot2019-12-23
|\ \ | | | | | | add struct response for removal of images
| * | add struct response for removal of imagesbaude2019-12-23
| |/ | | | | | | | | | | | | | | when removing an image from storage, we should return a struct that details what was untagged vs deleted. this replaces the simple println's used previously and assists in API development. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #4740 from edsantiago/zsh_completion_flagfixOpenShift Merge Robot2019-12-23
|\ \ | | | | | | zsh completion: ignore multi-line output in Flags
| * | zsh completion: ignore multi-line output in FlagsEd Santiago2019-12-23
| |/ | | | | | | | | | | | | | | | | | | | | | | | | PR #4475 introduced an interesting twist on --help: a help string that spans multiple lines. This broke zsh completion. I'm not keen on that multi-line output, but it shouldn't break completion. Fix is simple: look only for flag lines beginning with '-', filter out anything else. Fixes: #4738 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #4697 from rhatdan/contextOpenShift Merge Robot2019-12-23
|\ \ | |/ |/| Set contextdir to current PWD if user did not specify a context dir.
| * Update containers/storage to v1.15.4Daniel J Walsh2019-12-23
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #4708 from ↵OpenShift Merge Robot2019-12-20
|\ | | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.1.0 build(deps): bump github.com/containers/image/v5 from 5.0.0 to 5.1.0
| * build(deps): bump github.com/containers/image/v5 from 5.0.0 to 5.1.0Daniel J Walsh2019-12-20
| | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.0.0 to 5.1.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.0.0...v5.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4727 from rhatdan/pidnsOpenShift Merge Robot2019-12-20
|\ \ | | | | | | if container is not in a pid namespace, stop all processes
| * | if container is not in a pid namespace, stop all processesDaniel J Walsh2019-12-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | When a container is in a PID namespace, it is enought to send the stop signal to the PID 1 of the namespace, only send signals to all processes in the container when the container is not in a pid namespace. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #4722 from giuseppe/drop-arbitrary-limitOpenShift Merge Robot2019-12-19
|\ \ \ | |_|/ |/| | libpod: drop arbitrary memory limit of 4M
| * | libpod: drop arbitrary memory limit of 4MGiuseppe Scrivano2019-12-17
| | | | | | | | | | | | | | | | | | drop the arbitrary limit of 4M for creating a container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #4723 from mheon/pod_volume_postremoveOpenShift Merge Robot2019-12-19
|\ \ \ | | | | | | | | Remove volumes after containers in pod remove
| * | | Remove volumes after containers in pod removeMatthew Heon2019-12-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When trying to reproduce #4704 I noticed that the named volumes from the Postgres containers in the reproducer weren't being removed by `podman pod rm -f` saying that the container they were attached to was still in use. This was rather odd, considering they were only in use by one container, and that container was in the process of being removed with the pod. After a bit of tracing, I realized that the cause is the ordering of container removal when we remove a pod. Normally, it's done in removeContainer() before volume removal (which is the last thing in that function). However, when we are removing a pod, we remove containers all at once, after removeContainer has already finished - meaning the container still exists when we try to remove its volumes, and thus the volume can't be removed. Solution: collect a list of all named volumes in use by the pod, and remove them all at once after every container in the pod is gone. This ensures that there are no dependency issues. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #4684 from vrothberg/systemd-improvementsOpenShift Merge Robot2019-12-19
|\ \ \ \ | |_|_|/ |/| | | container config: add CreateCommand
| * | | container config: add CreateCommandValentin Rothberg2019-12-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Store the full command plus arguments of the process the container has been created with. Expose this data as a `Config.CreateCommand` field in the container-inspect data as well. This information can be useful for debugging, as we can find out which command has created the container, and, if being created via the Podman CLI, we know exactly with which flags the container has been created with. The immediate motivation for this change is to use this information for `podman-generate-systemd` to generate systemd-service files that allow for creating new containers (in contrast to only starting existing ones). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4730 from vrothberg/update-buildahOpenShift Merge Robot2019-12-19
|\ \ \ \ | | | | | | | | | | update c/buildah to v1.12.0
| * | | | update c/buildah to v1.12.0dependabot-preview[bot]2019-12-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also bump docker/docker. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #4689 from edsantiago/batsOpenShift Merge Robot2019-12-19
|\ \ \ \ \ | | | | | | | | | | | | podman images history test - clean up
| * | | | | podman images history test - clean upEd Santiago2019-12-12
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As initially written the test does not work other than in a CI environment because it relies on an empty tag history. Rewrite so we can guarantee that, by creating a new image. Also add slightly more helpful tests: the initial tests would just show "expected 0, got 1" which is unhelpful. Tweak so we test on actual history contents, which will show more informative messages on failure. And, finally, clean up after ourselves. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #4643 from adrianreber/masterOpenShift Merge Robot2019-12-17
|\ \ \ \ \ | | | | | | | | | | | | Correctly export the root file-system changes
| * | | | | Correctly export the root file-system changesAdrian Reber2019-12-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When doing a checkpoint with --export the root file-system diff was not working as expected. Instead of getting the changes from the running container to the highest storage layer it got the changes from the highest layer to that parent's layer. For a one layer container this could mean that the complete root file-system is part of the checkpoint. With this commit this changes to use the same functionality as 'podman diff'. This actually enables to correctly diff the root file-system including tracking deleted files. This also removes the non-working helper functions from libpod/diff.go. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | | Merge pull request #4487 from stefanb2/topic-pr-4477OpenShift Merge Robot2019-12-17
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | docs: add workaround for --device with rootless containers
| * | | | | docs: add workaround for --device with rootless containersStefan Becker2019-12-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4477 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* | | | | | Merge pull request #4681 from jvanz/issue4553OpenShift Merge Robot2019-12-17
|\ \ \ \ \ \ | | | | | | | | | | | | | | podman: mirror information
| * | | | | | runtime.go: show registries data and search tableJosé Guilherme Vanz2019-12-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update podman info command to show the registries data and the search table. Signed-off-by: José Guilherme Vanz <jvanz@jvanz.com>
| * | | | | | runtime.go: show search table in podman infoJosé Guilherme Vanz2019-12-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updates the podman info command to show registries from v1 config file in the search table format. Signed-off-by: José Guilherme Vanz <jvanz@jvanz.com>
| * | | | | | podman info man: example updateJosé Guilherme Vanz2019-12-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updates the command output example to show information about registries and their mirrors Signed-off-by: José Guilherme Vanz <jvanz@jvanz.com>
| * | | | | | podman: mirror informationJosé Guilherme Vanz2019-12-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updates the podman info command to show the mirror information Issue https://github.com/containers/libpod/issues/4553 Signed-off-by: José Guilherme Vanz <jvanz@jvanz.com>
* | | | | | | Merge pull request #4701 from jvanz/opensuse-depOpenShift Merge Robot2019-12-17
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | install.md: openSUSE dependencies
| * | | | | | install.md: openSUSE dependenciesJosé Guilherme Vanz2019-12-16
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds documentation about how to install dependencies on openSUSE Signed-off-by: José Guilherme Vanz <jvanz@jvanz.com>
* | | | | | Merge pull request #4714 from openSUSE/testflagsOpenShift Merge Robot2019-12-16
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | Allow the injection of TESTFLAGS
| * | | | | Allow the injection of TESTFLAGSSascha Grunert2019-12-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows to specify the tests to be run, for example when setting `--focus='my-test-regex'`. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | | | Merge pull request #4710 from raukadah/systemdfixOpenShift Merge Robot2019-12-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | Use systemd/sd-daemon.h headers for systemd presence
| * | | | | | Use systemd/sd-daemon.h headers for systemd presenceChandan Kumar (raukadah)2019-12-16
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Finding systemd devel packages using libsystemd does not work as in RHEL based distro the package name is systemd-devel and for deb/ubunutu it is libsystemd. It is also giving false result when podman rpm is built with systemd but hack/systemd_tag.sh does not return anything. Install systemd-devel package in build_rpm.sh script Moving to systemd/sd-daemon.h header files which comes from devel packages fixes the issue. Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
* | | | | | Merge pull request #4713 from openSUSE/remove-coverprofileOpenShift Merge Robot2019-12-16
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Remove coverprofile from the repository
| * | | | | Remove coverprofile from the repositorySascha Grunert2019-12-16
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The profile should not be part of the repo and is already in the gitignore. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | | Merge pull request #4583 from nitrocode/patch-1OpenShift Merge Robot2019-12-14
|\ \ \ \ \ | | | | | | | | | | | | troubleshooting.md: added #19 not enough ids
| * | | | | troubleshooting.md: rebased master and bumped 18 to 19nitrocode2019-12-13
| | |_|/ / | |/| | | | | | | | | | | | | Signed-off-by: nitrocode <nitrocode@users.noreply.github.com>
* | | | | Merge pull request #4699 from mheon/fix_f31_migrationOpenShift Merge Robot2019-12-13
|\ \ \ \ \ | | | | | | | | | | | | Fix F30-F31 migration for Podman 1.7.0
| * | | | | Fix F30-F31 migration for Podman 1.7.0Matthew Heon2019-12-13
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The earlier attempt to re-add config migration only worked with user-specified configs (podman run --config). This version works more in line with that we want - the first rootless config file will be changed from runc to crun. Verified on my system after an F31 migration - everything seems to be working well. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #4682 from raukadah/hackpathOpenShift Merge Robot2019-12-13
|\ \ \ \ \ | |_|/ / / |/| | | | Fixed the path of hack scripts in spec file
| * | | | Fixed the path of hack scripts in spec fileChandan Kumar (raukadah)2019-12-13
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While building the spec file on fedora, in rpmbuild log, .sh: No such file or directory error is shown as full path of hack directory is not resolved leading to file not found error. Appending the builddir and libpod path with hack will fix the issue. Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
* | | | Merge pull request #4692 from mheon/reap_exec_sessionsOpenShift Merge Robot2019-12-13
|\ \ \ \ | | | | | | | | | | Reap exec sessions on cleanup and removal
| * | | | Reap exec sessions on cleanup and removalMatthew Heon2019-12-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently rely on exec sessions being removed from the state by the Exec() API itself, on detecting the session stopping. This is not a reliable method, though. The Podman frontend for exec could be killed before the session ended, or another Podman process could be holding the lock and prevent update (most notable in `run --rm`, when a container with an active exec session is stopped). To resolve this, add a function to reap active exec sessions from the state, and use it on cleanup (to clear sessions after the container stops) and remove (to do the same when --rm is passed). This is a bit more complicated than it ought to be because Kata and company exist, and we can't guarantee the exec session has a PID on the host, so we have to plumb this through to the OCI runtime. Fixes #4666 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #4690 from Foxboron/morten/fix-ldflagsOpenShift Merge Robot2019-12-13
|\ \ \ \ \ | | | | | | | | | | | | [Makefile] `LDFLAGS` is reserved for the GCC linker
| * | | | | [Makefile] `LDFLAGS` is reserved for the GCC linkerMorten Linderud2019-12-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The env variable `LDFLAGS` belongs to the gcc linker, while the Makefile currently expects these to be valid go compiler flags. Move them to `-extldflags` as appropriate. The equivalent flag in go is `CGO_LDFLAGS`. Ensure test files are also using `LDFLAGS_PODMAN` instead of `LDFLAGS`. Signed-off-by: Morten Linderud <morten@linderud.pw>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-30 05:17:10 +0000