| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
to avoid segvs, we should clean up as much of the socket and regular
files from podman machine as possible on stop. also, on start, we
should add logic to remove these files before starting in case the start
process is stopped prematurely (due to an error for example).
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When /etc/resolv.conf is a symlink to an absolute path use it and not
join it the the previous path.
[NO TESTS NEEDED] This depends on the host layout.
Fixes #11358
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
| |
Description adjusted to the standard seen in other man pages.
[CI:DOCS]
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
we were adding a negative duration in podman events, causing inputs like
-5s to be correct and 5s to be incorrect.
fixes #11158
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Add response.Body.Close() where needed to release HTTP
connections to API server.
* Add tests to ensure no general leaks occur. 100% coverage would be
required to ensure no leaks on any call.
* Update code comments to be godoc correct
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Make sure we close our private connection to the bus, even if we're not
successful in in using it to ask systemd to move a unit's processes to a
specific control group.
[NO TESTS NEEDED]
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
When `--pod-id-file` is used do not parse the default network namespace
and let specgen handle it instead.
This regression was introduced in commit 7ef3981abe24.
Fixes #11303
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/11201
The STORAGE_FS is hard code in test/e2e/config_amd64.go, it will
hit error like this "overlay: Unknown option vfs.imagestore" when
setting STORAGE_OPTIONS="--storage-driver overlay". With this patch,
the STORAGE_FS is exported as environment variable, if STORAGE_FS is set,
then set storageOptions to --storage-driver $STORAGE_FS.
Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
|
| |\
| |
| | |
change error comparison for exec.ErrNotFound
|
| |/
|
|
|
|
|
|
|
| |
it seeems exec.ErrNotFound does not work with simple equality checks and
needs errors.Is() to work correctly.
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\
| |
| | |
[3.3] generate systemd: use --cidfile again
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 9ac5267 changed the type of the generated systemd units from
`forking` to `notify`. It further stopped using `--cidfile` and instead
intended systemd to take care of stopping the container, which turned
out to be a bad idea.
Systemd will send the stop/kill signals to conmon which in turn may exit
non-zero, depending on the signal, and ultimately breaking container
cleanup.
Hence, we need to use --cidfile again and let podman stop and remove the
container to make sure that everything's in order.
Backport of commit 74ab2aaf9f27e1495a74c37932a634c82af9a57b.
Fixes: #11304
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] Bump to v3.3.0
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
v3.3.0 Final Backports and Release Notes
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a network id is used to create a container we translate it to use the
name internally for the db. The network aliases are also stored with the
network name as key so we have to also translate them for the db.
Also removed some outdated skips from the e2e tests.
Fixes #11285
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
It avoids to have the full file in memory.
[NO TESTS NEEDED]
Signed-off-by: Guillaume Rose <gurose@redhat.com>
|
| | |
| |
| |
| |
| |
| | |
[NO TESTS NEEDED]
Signed-off-by: Guillaume Rose <gurose@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When setting path names in the build context archive, convert path names
to use forward slashes, as is normal for those archives, so that
directory hierarchies archived on Windows hosts extract correctly
everywhere.
Not really sure how to run the remote client in CI on a system that uses
`\` as a path separator, which is where this error crops up, so
[NO TESTS NEEDED]
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Originally, Podman would unconditionally remove volumes from the
DB, even if they failed to be removed from the volume plugin;
this was a safety measure to ensure that `volume rm` can always
remove a volume from the database, even if the plugin is
misbehaving.
However, this is a significant deivation from Docker, which
refuses to remove if the plugin errors. These errors can be
legitimate configuration issues which the user should address
before the volume is removed, so Podman should also use this
behaviour.
Fixes #11214
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Endpoint /build logs an info entry when a client uses the wrong
Content-Type for build payload. Given Content-Type is ignored and
assumed to be "application/x-tar".
Endpoint /libpod/build will fail unless "application/x-tar" or
"application/tar" is given for Content-Type. "application/tar" will
be logged as an info entry.
Fixes #11012
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \
| |/
|/| |
[v3.3] Bump c/image 5.15.2, buildah v1.22.3
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bump c/image to v5.15.2 and Buildah to v1.22.3
in preparation for the Podman v3.3.0 release
[NO TESTS NEEDED]
[NO NEW TESTS NEEDED]
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \
| |/
|/| |
[3.3] Implement SD-NOTIFY proxy in conmon
|
| |/
|
|
|
|
|
|
|
|
|
| |
This leverages conmon's ability to proxy the SD-NOTIFY socket.
This prevents locking caused by OCI runtime blocking, waiting for
SD-NOTIFY messages, and instead passes the messages directly up
to the host.
Backport of commit c22f3e8b4e25.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
[v3.3] backport rootless networking fixes
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a host uses systemd-resolved but not the resolved stub resolver the
following symlinks are created: `/etc/resolv.conf` ->
`/run/systemd/resolve/stub-resolv.conf` -> `/run/systemd/resolve/resolv.conf`.
Because the code uses filepath.EvalSymlinks we put the new resolv.conf
to `/run/systemd/resolve/resolv.conf` but the `/run/systemd/resolve/stub-resolv.conf`
link does not exists in the mount ns.
To fix this we will walk the symlinks manually until we reach the first
one under `/run` and use this for the resolv.conf file destination.
This fixes a regression which was introduced in e73d4829900c.
Fixes #11222
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the rootlessport process is started the stdout/stderr are attached
to the podman process. However once everything is setup podman exits and
when the rootlessport process tries to write to stdout it will fail with
SIGPIPE. The code handles this signal and puts /dev/null to stdout and
stderr but this is not robust. I do not understand the exact cause but
sometimes the process is still killed by SIGPIPE. Either go lost the
signal or the process got already killed before the goroutine could
handle it.
Instead of handling SIGPIPE just set /dev/null to stdout and stderr
before podman exits. With this there should be no race and no way to
run into SIGPIPE errors.
[NO TESTS NEEDED]
Fixes #11248
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
[V3.3] Update images
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These tests were originally enabled in a situation where CI provided
false-positive results. Now that has been corrected, these tests all
fail under a CGv1 container environment with the error:
```
Error: unable to load cgroup at
/machine.slice/libpod-e4f...086.scope/libpod_parent/libpod-fbd...425:
cgroup deleted
```
This commit simply disables the tests under this specific environment.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This becomes a problem on hosts with upgraded policies. Ref:
https://github.com/containers/podman/issues/10522
Also, made a small change to compose-test setup to reduce runtime.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Ref:
https://github.com/containers/podman/pull/10829#issuecomment-881355983
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 404d5edb1557e3d2cb255d38bd89274586c4c100.
The replacement (updated) images include a fix for:
https://github.com/containers/common/issues/631
Also minor update to an unrelated FIXME comment.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The `ls` command is not intended for this purpose and may behave in
unexpected ways, leading to false positive or negative results. Update
the tests to use the purpose built `test` command instead.
Also added several *TODO* comments for possible future testing
enhancements.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Update test to confirm the negative-case, proving the `--privileged`
"option is required" for this character device to be present in a
container (including rootless).
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This test has been failing for a long time but nobody noticed because CI
doesn't have the device node (nested-VM support was disabled). After
having enabled nested VM support, tests fail due to some unknown
special-handling of this device.
Fix both problems by removing the `skip()` and switching to a more generic
device which is only present when `--privileged` is used.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| | |
Ref: https://github.com/containers/podman/issues/11165
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |/
|
|
|
|
|
| |
Previously we were generating the annotated results but never uploading
them. Fix this so visiting the advertised URL actually works.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] Bump to v3.3.0-RC3
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
[v3.3] Bump c/storage to v1.34.1 and c/image to v5.15.1
|
| |/
|
|
|
|
|
|
|
|
| |
Bump c/storage to v1.34.1 and c/image to v5.15.1 for
Podman v3.3 rc3
[NO TESTS NEEDED]
[NO NEW TESTS NEEDED]
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\
| |
| | |
fix gvproxy path search for macos
|
| |/
|
|
|
|
|
|
|
|
|
| |
macos does not have /usr/libexec/ so we look in the executable paths
first.
Fixes: #11226
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
