summaryrefslogtreecommitdiff
path: root/cmd/podman/runlabel.go
Commit message (Collapse)AuthorAge
* Changes to container runlabel for toolbox projectbaude2019-01-30
| | | | | | | | | | The toolbox project would benefit from a few changes to more closely resembe the original atomic cli project. Changes made are: * only pull image for container runlabel if the label exists in the image * if a container image does not have the desired label, exit with non-zero Signed-off-by: baude <bbaude@redhat.com>
* Minimally update for the DockerInsecureSkipTLSVerify type changeMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | Following SystemContext.DockerInsecureSkipTLSVerify, make the DockerRegistryOne also an OptionalBool, and update callers. Explicitly document that --tls-verify=true and --tls-verify unset have different behavior in those commands where the behavior changed (or where it hasn't changed but the documentation needed updating). Also make the --tls-verify man page sections a tiny bit more consistent throughout. This is a minimal fix, without changing the existing "--tls-verify=true" paths nor existing manual insecure registry lookups. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Adding more varlink endpointsbaude2018-12-03
| | | | | | | | | | | * runlabel * checkpoint * restore * container|image exists * mount * unmount Signed-off-by: baude <bbaude@redhat.com>
* runlabel: run any commandValentin Rothberg2018-10-24
| | | | | | | | | | | | | | | | As discussed [1], the runlabel command should execute any command specified in a label. The reasoning behind is that we cannot restrict which options are passed to Podman which thereby has full access to the host (runlabels must be used with care). With the updated semantics, runlabel will substitute the commands with a basepath equal to "docker" or "podman" with "/proc/self/exe", and otherwise leave the command unchanged to execute any other command on the host. [1] https://github.com/containers/libpod/pull/1607#issuecomment-428321382 Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
* Support auth file environment variable & add change to man pagesQi Wang2018-10-12
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* Sort all command flagsQi Wang2018-10-11
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* fix runlabel functions based on QA feedbackbaude2018-10-11
| | | | Signed-off-by: baude <bbaude@redhat.com>
* runlabel: execute /proc/self/exe and avoid recursionValentin Rothberg2018-10-05
| | | | | | | | | | | | | Execute /proc/self/exe instead of podman. This makes the runlabel command more portable as it works for binaries outside the path as well as for local builds. Also, avoid redundantly executing the runlabel command by setting the PODMAN_RUNLABEL_NESTED environment variable to "1". Podman now checks for this variable before executing the runlabel command and will throw an error in case the variable is set. Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
* Add container runlabel commandbaude2018-09-28
Execute the command as described by a container image. The value of the label is processed into a command by: 1. Ensuring the first argument of the command is podman. 2. Substituting any variables with those defined by the environment or otherwise. If no label exists in the container image, nothing is done. podman container runlabel LABEL IMAGE extra_args Signed-off-by: baude <bbaude@redhat.com>