aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
| * | | split rootless local and remote testingbaude2019-05-31
| | | | | | | | | | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3246 from mheon/run_the_testsOpenShift Merge Robot2019-05-31
|\ \ \ \ | | | | | | | | | | Small fix to readme to force tests to run
| * | | | Fix podman cp test by reordering operationsMatthew Heon2019-05-31
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Small fix to readme to force tests to runMatthew Heon2019-05-31
|/ / / / | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3227 from giuseppe/fix-warning-rootlessOpenShift Merge Robot2019-05-31
|\ \ \ \ | | | | | | | | | | rootless: skip check fo /etc/containers/registries.conf
| * | | | rootless: skip check fo /etc/containers/registries.confGiuseppe Scrivano2019-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the warning can be confusing when used in rootless mode as the unprivileged user has no way for setting it up. Closes: https://github.com/containers/libpod/issues/2955 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #3224 from haraldh/varlink_upgradeOpenShift Merge Robot2019-05-31
|\ \ \ \ \ | | | | | | | | | | | | Fix for varlink upgrade connections
| * | | | | Fix the varlink upgraded callsHarald Hoyer2019-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Although an upgraded call is requested, the server has to send at least one reply (can be an error) and the client has to check the reply, before assuming an upgraded connection. Signed-off-by: Harald Hoyer <harald@redhat.com>
* | | | | | Merge pull request #3238 from mheon/no_tmpcopyup_devOpenShift Merge Robot2019-05-31
|\ \ \ \ \ \ | | | | | | | | | | | | | | Do not set tmpcopyup on /dev
| * | | | | | Do not set tmpcopyup on /devMatthew Heon2019-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #3229 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | | Merge pull request #3147 from baude/testimagecacheOpenShift Merge Robot2019-05-30
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | use imagecaches for local tests
| * | | | | | | use imagecaches for local testsbaude2019-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when doing localized tests (not varlink), we can use secondary image stores as read-only image caches. this cuts down on test time significantly because each test does not need to restore the images from a tarball anymore. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | | | Merge pull request #3214 from mheon/resolve_symlinks_in_cpOpenShift Merge Robot2019-05-30
|\ \ \ \ \ \ \ \ | |_|_|_|_|/ / / |/| | | | | | | Resolve symlinks in cp
| * | | | | | | Fix podman cp testsMatthew Heon2019-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | Error when trying to copy into a running rootless ctrMatthew Heon2019-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can't pause them, so if that's requested, throw an error. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | We can't pause rootless containers during cpMatthew Heon2019-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rootless containers can't be paused (no CGroups, so no freezer). We could try and emulate this with a SIGSTOP to all PIDs in the container, but that's inherently racy, so let's avoid it for now. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | Fix bug in e2e tests for podman cpMatthew Heon2019-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | Tolerate non-running containers in paused cpMatthew Heon2019-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | Add test to ensure symlinks are resolved in ctr scopeMatthew Heon2019-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | Add --pause to podman cp manpage and bash completionsMatthew Heon2019-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | Pause containers while copying into themMatthew Heon2019-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Should fix CVE-2018-15664 for Podman. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | | | Use securejoin to merge paths in `podman cp`Matthew Heon2019-05-29
| | |_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Securejoin ensures that paths are resolved in the container, not on the host. Fixes #3211 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | | Merge pull request #3235 from baude/testnoremoteinpodmanOpenShift Merge Robot2019-05-30
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | do not run remote tests inside container
| * | | | | | do not run remote tests inside containerbaude2019-05-30
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when running the podman integration tests inside a container, we should not be running the remote tests. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | Merge pull request #3230 from ashley-cui/dnsdocOpenShift Merge Robot2019-05-29
|\ \ \ \ \ \ | |/ / / / / |/| | | | | add dns flags to docs
| * | | | | add dns flags to docsAshley Cui2019-05-29
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | Added same dns flags from buildah documentation to podman Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
* | | | | Merge pull request #3221 from josegonzalez/masterOpenShift Merge Robot2019-05-29
|\ \ \ \ \ | |_|_|_|/ |/| | | | Add missing 'container cp' alias and document missing 'container update' command
| * | | | add missing container cp commandJose Diaz-Gonzalez2019-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'docker cp' is an alias for 'docker container cp', and podman should have the equivalent alias. Signed-off-by: Jose Diaz-Gonzalez <email@josediazgonzalez.com>
| * | | | document missing container update commandJose Diaz-Gonzalez2019-05-29
| | |/ / | |/| | | | | | | | | | | | | | | | | | Also reorder the missing update command to better match the container update command (it is in the same management namespace) Signed-off-by: Jose Diaz-Gonzalez <email@josediazgonzalez.com>
* | | | Merge pull request #3228 from rhatdan/manOpenShift Merge Robot2019-05-29
|\ \ \ \ | | | | | | | | | | Podman logs man page shouldn't include timestamps
| * | | | Podman logs man page shouldn't include timestampsDaniel J Walsh2019-05-29
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | Change man page to reflect default output. Commands with timestamps should include `-t` option. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #2709 from haircommander/journaldOpenShift Merge Robot2019-05-29
|\ \ \ \ | |_|_|/ |/| | | Add libpod journald logging
| * | | Add --follow to journald ctr loggingPeter Hunt2019-05-28
| | | | | | | | | | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * | | Address commentsPeter Hunt2019-05-28
| | | | | | | | | | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * | | Implement podman logs with log-driver journaldPeter Hunt2019-05-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a journald reader that translates the journald entry to a k8s-file formatted line, to be added as a log line Note: --follow with journald hasn't been implemented. It's going to be a larger undertaking that can wait. Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * | | bump go-systemd versionPeter Hunt2019-05-28
| | | | | | | | | | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * | | Added --log-driver and journald loggingPeter Hunt2019-05-28
| | | | | | | | | | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * | | Update completions and docs to use k8s file as log driverPeter Hunt2019-05-28
| | | | | | | | | | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | Merge pull request #3223 from cevich/multi-zone-hackOpenShift Merge Robot2019-05-29
|\ \ \ \ | | | | | | | | | | hack: support setting local region/zone
| * | | | hack: support setting local region/zoneChris Evich2019-05-29
| | |/ / | |/| | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #3188 from giuseppe/fix-join-existing-containersOpenShift Merge Robot2019-05-29
|\ \ \ \ | |/ / / |/| | | rootless: new function to join existing conmon processes
| * | | rootless: make JoinUserAndMountNS privateGiuseppe Scrivano2019-05-25
| | | | | | | | | | | | | | | | | | | | | | | | as it is used only by the rootless package now. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | Revert "rootless: change default path for conmon.pid"Giuseppe Scrivano2019-05-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | since we now enter the user namespace prior to read the conmon.pid, we can write the conmon.pid file again to the runtime dir. This reverts commit 6c6a8654363457a9638d58265d0a7e8743575d7a. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | rootless: enable loginctl lingerGiuseppe Scrivano2019-05-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | otherwise the processes we leave around will be killed once the session terminates. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | rootless: new function to join existing conmon processesGiuseppe Scrivano2019-05-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | move the logic for joining existing namespaces down to the rootless package. In main_local we still retrieve the list of conmon pid files and use it from the rootless package. In addition, create a temporary user namespace for reading these files, as the unprivileged user might not have enough privileges for reading the conmon pid file, for example when running with a different uidmap and root in the container is different than the rootless user. Closes: https://github.com/containers/libpod/issues/3187 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | rootless: block signals for pauseGiuseppe Scrivano2019-05-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | block signals for the pause process, so it can't be killed by mistake. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #3210 from haircommander/conmon-0.2.0OpenShift Merge Robot2019-05-28
|\ \ \ \ | |_|_|/ |/| | | bump conmon to v0.2.0
| * | | bump conmon to v0.2.0Peter Hunt2019-05-28
| | | | | | | | | | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | Merge pull request #3208 from vrothberg/fix-3207OpenShift Merge Robot2019-05-28
|\ \ \ \ | | | | | | | | | | runtime: unlock the alive lock only once
| * | | | runtime: unlock the alive lock only onceValentin Rothberg2019-05-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unlock the alive lock only once in the deferred func call. Fixes: #3207 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>