| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
| |
Before, there were SELinux denials when a volume was bind-mounted by podman play kube.
Partially fix this by setting the default private label for mounts created by play kube (with DirectoryOrCreate)
For volumes mounted as Directory, the user will have to set their own SELinux permissions on the mount point
also remove left over debugging print statement
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\
| |
| | |
system df: reject invalid arguments
|
| |
| |
| |
| | |
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Add --dns=none
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Support in libpod was added in the previous commit. Wire it into
the frontend here.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Specifically, we want to be able to specify whether resolv.conf
and /etc/hosts will be create and bind-mounted into the
container.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
doc: add note that pod publish ports are static once defined
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
|
|\ \ \
| | | |
| | | | |
Sigh; disable pod-top test, it's unreliable (#2780)
|
| | |/
| |/|
| | |
| | | |
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| |_|/
|/| | |
rootless: fix regression when using exec on old containers
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
fallback to the previous behavior of joining only the user namespace,
when we cannot join the conmon userns+mount namespaces.
Closes: https://github.com/containers/libpod/issues/2673
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| |_|/
|/| | |
[ci skip] get_ci_vm.sh: Fix conflicting homedir files
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, the script would bind mount the user's home directory into
the container in order to execute gcloud commands. This was done
to preserve the `.config/gcloud` directory and new ssh keys in `.ssh`.
However, it's possible the user has modified `.bash*` or `.ssh/config`
files which do not play nicely with gcloud and/or the container.
Fix this by mounting the existing temporary directory on the host, as
the user's home directory. Then bind mount in a dedicated `gcloud/ssh`
sub-directory, and the libpod repo directory on top. Pre-create the
necessary mount-points as the user, so later removal does not require
root on the host.
The gcloud tool takes minutes to setup/manage its ssh-keys, so preserving
that work between runs is a necessary optimization. Similarly, saving the
`.gcloud` directory prevents repeatedly going through the lengthy
client-auth process.
Overall, these changes make the container environment much more selective
with the host-side data it has access to use/modify. Preventing unrelated
details from getting in the way, and preserving only the bare-minimum of
details on the host, between runs.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Cirrus: Verify manpages for all subcommands exist
|
| | |
| | |
| | |
| | |
| | |
| | | |
fixes #2630
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
docs/podman-pod-create.1.md: add example with port mapping
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
|
|\ \ \ \
| | | | |
| | | | | |
Touchup commands.md
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Remove the runlabel command as it's now covered by the
containers-runlabel command. Add the play command and remove
all of the video links that don't have a video attached to them.
Plus a little bit of table definition changes.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
size is optional for container inspection
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
on the remote client, if a user wants to know the rootfs size of a
container, a -s should be passed. this corrects a behavior where size
was shown by default.
Fixes #2765
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add "died" event
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We have a new event for container 'Exited' which has been renamed to
'died'.
also removed the stream bool from the varlink endpoint for events
because it can be determined by the varlink more value.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add three test cases for podman attach test
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add following test cases for podman attach test:
1. podman attach to a running container
2. podman attach to the latest container
3. podman attach to a container with --sig-proxy set to false
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
podman system df- show podman disk usage
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
podman health check phase3
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
podman will not start a transient service and timer for healthchecks.
this handles the tracking of the timing for health checks.
added the 'started' status which represents the time that a container is
in its start-period.
the systemd timing can be disabled with an env variable of
DISABLE_HC_SYSTEMD="true".
added filter for ps where --filter health=[starting, healthy, unhealthy]
can now be used.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
troubleshooting: explain setup user: invalid argument
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
replace an old issue that is not valid anymore, since we support
single UIDs mapped into the namespace.
Closes: https://github.com/containers/libpod/issues/2714
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
userns: mount the volumes from the intermediate namespace
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
when --uidmap is used, the user won't be able to access
/var/lib/containers/storage/volumes. Use the intermediate mount
namespace, that is accessible to root in the container, for mounting
the volumes inside the container.
Closes: https://github.com/containers/libpod/issues/2713
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
when we create a new volume we must be sure it is owned by root in the
container.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/ / / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Make "stopped" a valid state that maps to "exited"
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fixes #2526
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Update pull and pull-always in bud man page
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Update the `--pull` and `--pull-always` documentation in the build
command to clarify what each does.
Fixes: https://github.com/containers/buildah/issues/1381
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
Fix man page to mention race condition
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also modify man page to talk about podman-container-logs as well as podman-logs.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
docs/podman-run.1.md: remove extra whitespace in --read-only
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Cleber Rosa <crosa@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
fix Bug 1688041-podman image save removes existing image
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|