| Commit message (Collapse) | Author | Age |
|\
| |
| | |
podman: support --userns=ns|container
|
| |
| |
| |
| |
| |
| |
| |
| | |
allow to join the user namespace of another container.
Closes: https://github.com/containers/libpod/issues/3629
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
do not attempt to join the user namespace if the pod is running in the
host user namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Small cirrus and image-build fixes
|
| | |
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It's somewhat hard to predict which units are certinly present
for any given base-image. Therefore, at image-build time, it's
distracting and unhelpful to see all the errors about units that
don't exist, on every platform. Simply ignore them and rely on
the `check_image.sh` test to confirm none are enabled.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
Documenation & make tar.gz for remote
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Created shell script to automatically compile remote-only docs & rename
Added make brew-pkg to automatically package files needed for homebrew
Add missing docs
Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
Use systemd cgroups for Ubuntu
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
It seems like our VM images now support systemd CGroups with the
Ubuntu LTS images. No reason to keep testing CGroupfs as such,
systemd is much less racy (and CGroupfs on systemd-enabled
systems can be iffy).
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
Improved hooks monitoring
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
...to work for specific edge cases with a simpler solution.
Re-reads hooks directories after any changes are detected by the watchers.
Added monitoring test for adding a different invalid hook to primary directory.
Some issues with prior code:
- ReadDir would stop when it encounters an invalid hook, rather than registering an error but continuing to read the valid hook.
- Wouldn’t account for Rename and Chmod events.
- After doing a mv of the hooks file instead of rm, it would still think the hooks file is in the directory, but it has been moved to another location.
- If a hook file was renamed, it would register the renamed file as a separate hook and not delete the original, so it would then execute the hook twice - once for the renamed file, and once for the original name which it did not delete.
Signed-off-by: samc24 <sam.chaturvedi24@gmail.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Fix possible runtime panic if image history len is zero
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
We now return an empty string for the `Comment` field if an OCI v1 image
contains no history.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|\ \ \
| | | |
| | | | |
Document SELinux label requirements for the rootfs argument
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When using the rootfs argument, SELinux systems fails silently
when the files are not properly labeled.
Related #3628
Signed-off-by: Tristan Cacqueray <tdecacqu@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
fix import not ignoring url path
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
fix #3609
Podman import used to check filename to only allow tarball path as a file. It should also allow an url as the doc mentioned. This PR allows the program to continue if the input is a valid URL
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
When retrieving volumes, only use exact names
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We should not be fuzzy matching on volume names. Docker doesn't
do it, and it doesn't make much sense. Everything requires exact
matches for names - only IDs allow partial matches.
Fixes #3635
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| |/ /
|/| | |
Fix a segfault on Podman no-store commands with refresh
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a command (like `ps`) requests no store be created, but also
requires a refresh be performed, we have to ignore its request
and initialize the store anyways to prevent segfaults. This work
was done in #3532, but that missed one thing - initializing a
storage service. Without the storage service, Podman will still
segfault. Fix that oversight here.
Fixes #3625
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| | | |
| | | | |
install.md: mention all build tags
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add remote exec
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
There's no way to get the error if we successfully get an exit code (as it's just printed to stderr instead).
instead of relying on the error to be passed to podman, and edit based on the error code, process it on the varlink side instead
Also move error codes to define package
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
including changing -l to the container id
and separating a case of setting the env that remote can't handle
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | |/ /
| |/| |
| | | |
| | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
fix build --network=container
|
| | |_|/
| |/| |
| | | |
| | | | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Fixes issue #3577.
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix punctuation and wording in some places.
Signed-off-by: John Hooks <hooksie11@gmail.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Re-add int64 casts for ctime to fix 32-bit build
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The variables here are 64-bit on 64-bit builds, so the linter
recommends stripping them. Unfortunately, they're 32-bit on
32-bit builds, so stripping them breaks that. Readd with a nolint
to convince it to not break.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Cirrus: Temp. workaround missing imgprune image
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The 'image_prune' task only runs on master, post-merge and
is currently failing for all builds. This is because it
references a non-existent image. The person with access
to add/enable this image is on PTO. Fix this by temporarily
using a hand-built image until an automatic build can be added.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
golangci-lint cleanup
|