summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Add support & documentation to run containers with different file typesDaniel J Walsh2019-08-13
| | | | | | | | | | Udica is adding new features to allow users to define container process and file types. This would allow us to setup trusted communications channels between multiple security domains. ContainerA -> ContainerB -> ContainerC Add tests to make sure users can change file types Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #3797 from mheon/test_events_revertOpenShift Merge Robot2019-08-13
|\ | | | | Revert #3745 and fix missing exit code for journald
| * Small optimization - only store exit code when nonzeroMatthew Heon2019-08-12
| | | | | | | | | | | | | | JSON optimizes it out in that case anyways, so don't waste cycles doing an Itoa (and Atoi on the decode side). Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix container exit code with Journald backendMatthew Heon2019-08-12
|/ | | | | | | | | | We weren't actually storing this, so we'd lose the exit code for containers run with --rm or force-removed while running if the journald backend for events was in use. Fixes #3795 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #3607 from cevich/cgroup2_vmOpenShift Merge Robot2019-08-12
|\ | | | | Add another Fedora VM with cgroups v2 enabled
| * Adjust get_ci_vm.sh for substitutionChris Evich2019-08-12
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Add verification for cgroupv2 imageChris Evich2019-08-12
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Add experimental fedora VM image & testChris Evich2019-08-12
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Minor, use newer Ubuntu base imageChris Evich2019-08-12
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #3753 from baude/varlinkrequiresrootOpenShift Merge Robot2019-08-12
|\ \ | | | | | | varlink endpoint for containerstats requires root
| * | varlink endpoint for containerstats requires rootbaude2019-08-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | obtaining containerstats requires the use of cgroups. at present, rootless users do not have privileges to create cgroups. add an error message that catches this for the varlink endpoint and return a proper error. Fixes: #3749 Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #3751 from TomSweeneyRedHat/dev/tsweeney/squishnitsOpenShift Merge Robot2019-08-12
|\ \ \ | | | | | | | | Squish a few tpyo nits in container.go doc
| * | | Squish a few tpyo nits in container.go docTomSweeneyRedHat2019-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A quick fix a few nits in documentation within cmd/podman/shared/containers.go. This gets the last bits as noted in #3577 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | Merge pull request #3789 from giuseppe/cirrus-add-crunOpenShift Merge Robot2019-08-12
|\ \ \ \ | | | | | | | | | | cirrus: run tests with crun
| * | | | tests: disable some tests currently failing when not using runcGiuseppe Scrivano2019-08-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | containers: look also for 'file not found' in the error messageGiuseppe Scrivano2019-08-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | cirrus: add tests with crun on Fedora 30Giuseppe Scrivano2019-08-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | cirrus: install crunGiuseppe Scrivano2019-08-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #3793 from stefanb2/topic-pr-3788OpenShift Merge Robot2019-08-12
|\ \ \ \ \ | |_|_|_|/ |/| | | | image: add user agent to Docker registry options
| * | | | image: add user agent to Docker registry optionsStefan Becker2019-08-12
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set the string to "libpod/VERSION" so that we don't use the unspecific default of "Go-http-client/xxx". Fixes #3788 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* | | | Merge pull request #3786 from giuseppe/fix-rootless-checksOpenShift Merge Robot2019-08-12
|\ \ \ \ | | | | | | | | | | rootless: drop some superflous checks
| * | | | cmd: drop check for euid==0Giuseppe Scrivano2019-08-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | storage: drop unused geteuid checkGiuseppe Scrivano2019-08-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it is always running with euid==0 at this point. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | cmd, stats: fix check for rootless modeGiuseppe Scrivano2019-08-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and enable rootless stats when running on cgroups v2. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | oci: drop check for euid==0Giuseppe Scrivano2019-08-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we are always running with euid==0 at this point. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #3787 from giuseppe/rootless-cherry-pick-oci-runtimeOpenShift Merge Robot2019-08-12
|\ \ \ \ \ | |_|/ / / |/| | | | rootless: cherry-pick runtime from the system configuration
| * | | | rootless: cherry-pick runtime from the system configurationGiuseppe Scrivano2019-08-12
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when creating the default libpod.conf file, be sure the default OCI runtime is cherry picked from the system configuration. Closes: https://github.com/containers/libpod/issues/3781 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #3785 from giuseppe/podman-build-use-configured-runtimeOpenShift Merge Robot2019-08-12
|\ \ \ \ | |/ / / |/| | | build: use the configured runtime
| * | | build: use the configured runtimeGiuseppe Scrivano2019-08-11
|/ / / | | | | | | | | | | | | | | | | | | | | | Now buildah honors the runtime configured with podman. Closes: https://github.com/giuseppe/crun/issues/69 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #3782 from eriksjolund/fix_realloc_in_rootless_linux.cOpenShift Merge Robot2019-08-11
|\ \ \ | | | | | | | | Fix incorrect use of realloc()
| * | | Fix incorrect use of realloc()Erik Sjölund2019-08-11
| | | | | | | | | | | | | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | Merge pull request #3783 from eriksjolund/fix_read_countOpenShift Merge Robot2019-08-11
|\ \ \ \ | |/ / / |/| | | Adjust read count so that a newline can be added afterwards
| * | | Adjust read count so that a newline can be added afterwardsErik Sjölund2019-08-11
|/ / / | | | | | | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | Merge pull request #3748 from rhatdan/covscanOpenShift Merge Robot2019-08-10
|\ \ \ | |_|/ |/| | Fix a couple of errors descovered by coverity
| * | Fix a couple of errors descovered by coverityDaniel J Walsh2019-08-09
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #3594 from cevich/second_partitionOpenShift Merge Robot2019-08-10
|\ \ \ | | | | | | | | Add Second partition for storage-drive testing
| * | | Cirrus: Add Second partition for storage testingChris Evich2019-08-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is mainly/initially to support use of Cirrus-CI in https://github.com/containers/buildah since that setup re-uses the VM images from this project. However, it also opens doors here, if libpod ever needs/wants to do things with a dedicated storage device and/or storage-drivers. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #3746 from baude/enablewindowsremoteOpenShift Merge Robot2019-08-10
|\ \ \ \ | | | | | | | | | | enable windows remote client
| * | | | enable windows remote clientbaude2019-08-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rework an error path so that users can run the windows remote client. also, create the basedir path for the podman-remote.conf file if it does not exist already. Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #3742 from adrianreber/ConmonPidFileOpenShift Merge Robot2019-08-10
|\ \ \ \ \ | | | | | | | | | | | | Conmon pid file
| * | | | | Test that restored container does not depend on the original containerAdrian Reber2019-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the restore from external checkpoint archive test, the second restore using a new name and ID is now done first to ensure that nothing in the restored container depends on the original container. Test has been adapted to catch errors like the one fixed with the previous commit to adapt ConmonPidFile for restored containers. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | | Fix up ConmonPidFile after restoreAdrian Reber2019-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After restoring a container with a different name (ID) the ConmonPidFile was still pointing to the path of the original container. This means that the last restored container will overwrite the ConmonPidFile of the original container. It was also not possible to restore a container with a new name (ID) if the original container was not running. The ConmonPidFile is only changed if the ConmonPidFile starts with the value of RunRoot. This assumes that if RunRoot is part of ConmonPidFile the user did not specify --conmon-pidfile' during run or create. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | | Merge pull request #3758 from edsantiago/batsOpenShift Merge Robot2019-08-10
|\ \ \ \ \ \ | | | | | | | | | | | | | | implement 'make remotesystem'
| * | | | | | implement 'make remotesystem'Ed Santiago2019-08-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman-remote rm now works; that's the only thing we were waiting for to enable podman-remote (varlink) system tests. Add a (too-complicated, sorry) Makefile target that will define a random socket path, start the podman varlink server, and run the test suite using podman-remote. Also: add two convenience functions, is_rootless and is_remote, and use those in skip_if_rootless/if_remote and elsewhere Also: workarounds for broken tests: - basic version test: podman-remote emits an empty 'Client' line. Just ignore it. - looks like 'podman-remote pod' doesn't work; skip test. Also: minor documentation update Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | | Merge pull request #3770 from cevich/updates_testingOpenShift Merge Robot2019-08-10
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Cirrus: Enable updates-testing repo for Fedora
| * | | | | | | Cirrus: Enable updates-testing repo for FedoraChris Evich2019-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | | | Merge pull request #3776 from mheon/bump-1.5.0OpenShift Merge Robot2019-08-09
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Bump to v1.5.0
| * | | | | | | | Bump gitvalidation epochMatthew Heon2019-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | | Bump to v1.5.1-devMatthew Heon2019-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | | Bump to v1.5.0v1.5.0Matthew Heon2019-08-09
|/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>