| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #936
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
If the file exists, use it to read the configuration.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #936
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #936
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
Additional groups are not allowed in an userNS.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #936
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #936
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
When running podman as non root user always create an userNS and let
the OCI runtime use it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #936
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1002
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a bug where we might try saving back to the database during
cleanup, which would fail as the container was already removed
from the database.
Signed-off-by: Matthew Heon <mheon@redhat.com>
Closes: #1001
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
Since podman search requires credentials to search private registries,
add the --authfile flag to allow users to pass in credentials from a
different authfile than the default one.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #998
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
Fixes issue with podman search of private registries. Podman search
was not picking up the credentials from the authfile. This fixes it.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #998
Approved by: rhatdan
|
|\
| |
| | |
Vendor in go-selinux again
|
| |
| |
| |
| |
| |
| | |
Baude found an error in non linux bindings.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
podman client that is capable of:
* images
* ps
* rm
* rmi
this is only a mockup to frame out and prove python library and ssh
tunnelling usage.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #986
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
THis should make libpod easier to build on non linux platforms.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1000
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
| |
Between the time that ps command gets the list of containers
and is able to ask for more data, the container could have
exited. This patch logs Clibpod.ErrNoSuchCtr errors and just continues
processing.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #996
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
podman image and podman container have alternate CLI
to standard CLI for a lot of commands. The man pages
can be shared between both. This patch adds links so that
of some executes
`podman image load`, they will actually see the `podman load` man page.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #993
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
Closes: #991
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
some platforms and operating systems do not have varlink. in those cases,
we need to be able to turn off enablement of varlink in podman. this can now
be done with BUILDTAGS passed to the build though perhaps in the future
will be better.
the default is to build with varlink
Signed-off-by: baude <bbaude@redhat.com>
squash! make varlink optional for podman
The API.md and cmd/podman/varlink/ioprojectatomicpodman.go targets
will continue to work regardless of the presence (or not) of 'varlink'
is in BUILDTAGS. However, cmd/podman/varlink/ioprojectatomicpodman.go
is now only required by the podman target when BUILDTAGS contains
'varlink'.
API.md had also been an podman dependency since 5b2627dd (Makefile:
Drop find-godeps.sh for podman target, 2018-05-15, #776) when I
expanded varlink_api_generate. It had been an indirect podman
dependency (via varlink_api_generate) since 25263558 (Generate varlink
API documentation automatically, 2018-05-07, #734). But the podman
executable obviously doesn't depend on the Markdown file, so I'm
removing that dependency here.
Signed-off-by: baude <bbaude@redhat.com>
squash! make varlink optional for podman
The command-pointer approach will scale well if/when we add additional
optional commands behind their own build tags, because those tags
won't all be competing for the same getOptionalCommands namespace.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #987
Approved by: rhatdan
|
|\
| |
| | |
Bump to 0.6.4
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
|/
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #981
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #981
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #981
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #981
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #981
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #981
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #981
Approved by: baude
|
|
|
|
|
|
|
|
|
|
| |
The Refresh() function is used to reset a container's state after
a database format change to state is made that requires migration
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #981
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #988
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
* Improved error messages
* Improved checking of user input
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #978
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
Signals are proxied to the container process whether or not
the tty is used
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #984
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
If the intermediate image exists in the store, podman history
will show the IDs of the intermediate image of each layer.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #982
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #968
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
| |
Everytime we add a new option for create, we end up having to also
add it to run, this makes it error prone. Moving these to the same
function makes it easier to develop and prevents user mistakes.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #975
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
- Set srcPath permissions so that the container user can R/W it.
- Fix uninitialized spec.Mount when restarting a container.
- Check for srcPath instead of volumePath existence when setting up a
volume mount point for a container.
- Set the overlay volumePath with the same owner and permissions as
srcPath to allow proper access by the container user.
Closes #844
Closes: #951
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
Since we are checking if err is non nil in defer function we need
to define it, so that the check will work correctly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #985
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
Also start using podmin in /usr/libexec/podman rather then crio.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #979
Approved by: baude
|
|\
| |
| | |
libpod: fix race with attach/start
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Move the StartContainer call after the attach to the UNIX socket. It
solves a race where the StartContainer could be done earlier and a
short-lived container could already exit by the time we tried to
attach to the socket.
Closes: https://github.com/projectatomic/libpod/issues/835
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
install: need to install make on Fedora-like distros
|
|/ /
| |
| |
| |
| |
| |
| | |
Somehow `make` fails to get brought in with all the build tools, so
explicitly install it.
Signed-off-by: Micah Abbott <miabbott@redhat.com>
|
|\ \
| | |
| | | |
Implement SSH tunnels between client and podman server
|
| |/
| |
| |
| |
| |
| |
| |
| | |
* client currently forks ssh client pending finding a well
maintained ssh library for python. Including support for
AF_UNIX forwarding.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|/
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #971
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Add a raw text formatter for logrus to be used when terminal is in raw
mode (i.e. when allocating a pseudo-TTY for the container). The raw text
formatter terminates the log messages with the corret \r\n sequence.
Closes: #967
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upon updating a container, if its network namespace has been
removed, we attempt to clean up the network namespace locally,
to ensure we don't leave hanging file descriptors. This triggers
cleanup code which assumes the network namespace still exists,
but it almost certainly was removed by whoever removed it from
the database. As such, we end up with unavoidable errors if we
don't want to leak FDs. Make these errors nonfatal and log them
because of this.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #962
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
This should fix the issue with iptables being denied execution on
container cleanup
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #966
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
Also podman ps now allows user to only output size of root FS, changed language of images and ps --sort to be by "created" as opposed to "time", and refactored the way templates are created (converted from psJSONParams type).
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #948
Approved by: rhatdan
|