| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
Add a MissingRuntime implementation
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a container is created with a given OCI runtime, but then it
is uninstalled or removed from the configuration file, Libpod
presently reacts very poorly. The EvictContainer code can
potentially remove these containers, but we still can't see them
in `podman ps` (aside from the massive logrus.Errorf messages
they create).
Providing a minimal OCI runtime implementation for missing
runtimes allows us to behave better. We'll be able to retrieve
containers from the database, though we still pop up an error for
each missing runtime. For containers which are stopped, we can
remove them as normal.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | | |
rootless v2 cannot collect network stats
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
network statistics cannot be collected for rootless network devices with
the current implementation. for now, we return nil so that stats will
at least for users.
Fixes:#4268
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| |/
|/| |
Ensure volumes can be removed when they fail to unmount
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also, ensure that we don't try to mount them without root - it
appears that it can somehow not error and report that mount was
successful when it clearly did not succeed, which can induce this
case.
We reuse the `--force` flag to indicate that a volume should be
removed even after unmount errors. It seems fairly natural to
expect that --force will remove a volume that is otherwise
presenting problems.
Finally, ignore EINVAL on unmount - if the mount point no longer
exists our job is done.
Fixes: #4247
Fixes: #4248
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | | |
inspect: rename ImageID go field to Image
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The json field is called `Image` while the go field is called `ImageID`,
tricking users into filtering for `Image` which ultimately results in an
error. Hence, rename the field to `Image` to align json and go.
To prevent podman users from regressing, rename `Image` to `ImageID` in
the specified filters. Add tests to prevent us from regressing. Note
that consumers of the go API that are using `ImageID` are regressing;
ultimately we consider it to be a bug fix.
Fixes: #4193
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| | | |
| | | | |
systemd: accept also /sbin/init
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
it is a regression caused by
3ba3e1c7510d1780b6527a4aa52e40ac2c5b576a.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1761514
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
vendor github.com/containers/storage@v1.13.5
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* Do not discard errors when panicing on lockfile open
* config: drop skip_mount_home
* storage: drop ostree deduplication
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Add squash-all, fix squash option in build
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Translate the podman build --squash command to podman build --layers=false which
has the same functionality as docker build --squash. Add a new option --squash-all
which will squash all layers into one. This will be translated to buildah bud --squash
for the buildah bud api.
Also allow only one option, squash, layers or squash--all to be used per build command.
Fixes: https://github.com/containers/buildah/issues/1234
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Unwrap errors before comparing them
|
| | | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Unwrap errors before directly comparing them with errors defined by the
storage and image libraries.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
change error wording when conmon fails without logs
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In some cases, conmon can fail without writing logs. Change the wording
of the error message from
"error reading container (probably exited) json message"
to
"container create failed (no logs from conmon)"
to have a more helpful error message that is more consistent with other
errors at that stage of execution.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
images: empty list is valid json with --format=json
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
similar change to f7d55d64e7040cdad149684234ea150b0a90cf0e
with images --format=json, be sure the output is valid json also when
it is an empty list.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
Fix sample's JSON syntax error in oci-hooks.5.md
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Kenta Tada <Kenta.Tada@sony.com>
|
| |\ \ \
| | | |
| | | | |
Allow giving path to Podman for cleanup command
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
For non-Podman users of Libpod, we don't want to force the exit
command to use ARGV[0], which probably does not support a cleanup
command.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \
| |_|/ /
|/| | | |
Touch up bad math in run man page
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | | |
We'd an off by one error in the run man page spotted by @leorochael in
Fixes: #4239
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \ \
| | | |
| | | | |
tests: enable ps --size tests for rootless
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
rootless podman is using a single user namespace for all the containers
so it can safely access the storage for all of them.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Move OCI runtime implementation behind an interface
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously, `podman checkport restore` with exported containers,
when told to create a new container based on the exported
checkpoint, would create a new container, with a new container
ID, but not reset CGroup path - which contained the ID of the
original container.
If this was done multiple times, the result was two containers
with the same cgroup paths. Operations on these containers would
this have a chance of crossing over to affect the other one; the
most notable was `podman rm` once it was changed to use the --all
flag when stopping the container; all processes in the cgroup,
including the ones in the other container, would be stopped.
Reset cgroups on restore to ensure that the path matches the ID
of the container actually being run.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
For future work, we need multiple implementations of the OCI
runtime, not just a Conmon-wrapped runtime matching the runc CLI.
As part of this, do some refactoring on the interface for exec
(move to a struct, not a massive list of arguments). Also, add
'all' support to Kill and Stop (supported by runc and used a bit
internally for removing containers).
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Migrate can move containers to a user-defined runtime
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is a horrible hack to work around issues with Fedora 31, but
other distros might need it to, so we'll move it upstream.
I do not recommend this functionality for general use, and the
manpages and other documentation will reflect this. But for some
upgrade cases, it will be the only thing that allows for a
working system.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
container: initialize results list
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
it solves:
$ podman ps --format=json
null
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Update build man page with latest Buildah changes
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Changes include: Containerfile by default, add --device flags to bud, allow buildah bud to be called without
arguments, and a couple of small typo corrections.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \ \ \ \ \ \
| |_|_|_|_|/ /
|/| | | | | | |
Fix default path for auth.json
|
| | | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Default path should be ${XDG_RUNTIME_DIR}/containers/auth.json according
to the docs.
This regressed to ${XDG_RUNTIME_DIR}/auth.json in #3760.
Fixes: #4227
Signed-off-by: Hunor Csomortáni <csomh@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
rootless: do not set PIDs limit if --cgroup-manager=cgroupfs
|
| | | |_|/ / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
even if the system is using cgroups v2, rootless is not able to setup
limits when the cgroup-manager is not systemd.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Make user io.podman.service unit WantedBy=default.target
|
| | | |/ / / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
`multi-user.target` doesn't exist in the systemd *user* instance.
We can't hook up the startup of a user unit to a system target.
Doing so causes systemd to error out in Fedora CoreOS builds
during presets.
Make it depend on `default.target` instead.
(Having the same unit in both system and user sessions has some
tricky bits like this)
Signed-off-by: Colin Walters <walters@verbum.org>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
troubleshooting: fix useradd no-log-init argument
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
--log-no-init should be --no-log-init
Signed-off-by: Simon Li <spli@dundee.ac.uk>
|
| |\ \ \ \ \ \ \
| |_|_|_|/ / /
|/| | | | | | |
show uid_map in podman info
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
show uid_map gid_map in podman info
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
systemd: expect full path /usr/sbin/init
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
it enforces the systemd mode also when the command name doesn't match
/usr/sbin/init or systemd.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
"init" is a quite common name for the command executed in a container
image and Podman ends up using the systemd mode also when not
required.
Be stricter on enabling the systemd mode and not enable it
automatically when the basename is "init" but expect the full path
"/usr/sbin/init".
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
