summaryrefslogtreecommitdiff
path: root/cmd/podman/system
Commit message (Collapse)AuthorAge
* Return error in podman system service if URI scheme is not unix/tcpBoaz Shuster2022-10-06
| | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* podman machine ssh handlingCharlie Doern2022-09-26
| | | | | | | | | | add the key used in newly initialized machines to the user's known_hosts file. This ensures that golang will be able to ssh into the machine using podman-remote. Also, remove the /dev/null redirection for podman machine ssh's known_hosts file. resolves #15347 Signed-off-by: Charlie Doern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* Add support for podman context as alias to podman system connectionDaniel J Walsh2022-09-15
| | | | | | | | | | | | | | | | Alias podman --context -> podman --connection podman context use -> podman system connection default podman context rm -> podman system connection rm podman context create -> podman system connection add podman context ls ->podman system connection ls podman context inspect ->podman system connection ls --json (For specified connections) Podman context is a hidden command, but can be used for existing scripts that assume Docker under the covers. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman version: use report.Formatter over TemplatePaul Holzinger2022-09-13
| | | | | | | | | | | | | | | Currently the podman command --format output code uses a mix of report.Formatter and report.Template. I patched report.Formatter to correctly handle newlines[1]. Since we cannot fix this with report.Template we have to migrate all users to report.Formatter. This ensures consistent behavior for all commands. This change does not change the output. [1] https://github.com/containers/common/pull/1146 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* podman info: use report.Formatter over TemplatePaul Holzinger2022-09-13
| | | | | | | | | | | | | | | Currently the podman command --format output code uses a mix of report.Formatter and report.Template. I patched report.Formatter to correctly handle newlines[1]. Since we cannot fix this with report.Template we have to migrate all users to report.Formatter. This ensures consistent behavior for all commands. This change does not change the output. [1] https://github.com/containers/common/pull/1146 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* podman events --format: fix duplicated newlinePaul Holzinger2022-09-12
| | | | | | | The --format changes caused a duplicated newline. PR #15678 should have a test for this. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* fix race where podman events exits to earlyPaul Holzinger2022-09-12
| | | | | | | In order to display all events we have to read until the event channel is closed. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* event backend none: return an error when reading eventsPaul Holzinger2022-09-12
| | | | | | | | | podman --events-backend none events should return with an error since it will never be able to actually list events. Fixes part three of #15688 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Fix stuttersDaniel J Walsh2022-09-10
| | | | | | | | | | | | | | Podman adds an Error: to every error message. So starting an error message with "error" ends up being reported to the user as Error: error ... This patch removes the stutter. Also ioutil.ReadFile errors report the Path, so wrapping the err message with the path causes a stutter. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #15634 from bbalp/update-system-reset-warning-messageOpenShift Merge Robot2022-09-07
|\ | | | | Update system reset warning message regarding deletion of volumes
| * Update system reset warning message to warn against deletion of all volumesBarnabé BALP2022-09-05
| | | | | | Signed-off-by: Barnabé BALP <contact@barnabebalp.fr>
* | fix podman events with custom formatPaul Holzinger2022-09-06
|/ | | | | | | podman events --format {{.ID}} was not working since the template was converted to a range but we only render each event individually. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* service: make move to sub-cgroup non fatalGiuseppe Scrivano2022-08-26
| | | | | | | | | | | | | if we are running in a container in the root cgroup, Podman tries to move itself to a sub-cgroup. This could be a problem in a setup where the cgroups are not writeable, so just log a debug message and continue, since anyway it is a best-effort operation. Closes: https://github.com/containers/podman/issues/15498 [NO NEW TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* podman ssh work, using new c/common interfaceCharlie Doern2022-08-09
| | | | | | | | | | | | | | | | | | | implement new ssh interface into podman this completely redesigns the entire functionality of podman image scp, podman system connection add, and podman --remote. All references to golang.org/x/crypto/ssh have been moved to common as have native ssh/scp execs and the new usage of the sftp package. this PR adds a global flag, --ssh to podman which has two valid inputs `golang` and `native` where golang is the default. Users should not notice any difference in their everyday workflows if they continue using the golang option. UNLESS they have been using an improperly verified ssh key, this will now fail. This is because podman was incorrectly using the ssh callback method to IGNORE the ssh known hosts file which is very insecure and golang tells you not yo use this in production. The native paths allows for immense flexibility, with a new containers.conf field `SSH_CONFIG` that specifies a specific ssh config file to be used in all operations. Else the users ~/.ssh/config file will be used. podman --remote currently only uses the golang path, given its deep interconnection with dialing multiple clients and urls. My goal after this PR is to go back and abstract the idea of podman --remote from golang's dialed clients, as it should not be so intrinsically connected. Overall, this is a v1 of a long process of offering native ssh, and one that covers some good ground with podman system connection add and podman image scp. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* podman info: hide `--debug`Valentin Rothberg2022-08-04
| | | | | | | | | It's a NOP since Podman v2.0 (#5738). [NO NEW TESTS NEEDED] - does not change behavior. Fixes: #15185 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Add podman events -f to be alias for --filterDaniel J Walsh2022-07-13
| | | | | | Needed for Docker compatibility. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman: move MaybeMoveToSubCgroup to utils/Giuseppe Scrivano2022-07-13
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #14805 from jakecorrenti/df-format-outputopenshift-ci[bot]2022-07-05
|\ | | | | Podman system df JSON format outputs `Size` and `Reclaimable`
| * Podman system df JSON format outputs `Size` and `Reclaimable`Jake Correnti2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, `podman system df --format "{{json .}}"` would not output `Size` and `Reclaimable` like `podman system df` would. ``` {"Type":"Images","Total":5,"Active":0,"Size":39972240,"Reclaimable":39972240} {"Type":"Containers","Total":0,"Active":0,"Size":0,"Reclaimable":0} {"Type":"Local Volumes","Total":0,"Active":0,"Size":0,"Reclaimable":0} ``` Closes: #14769 Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* | Merge pull request #14787 from giuseppe/move-systemd-service-to-subcgroupopenshift-ci[bot]2022-06-30
|\ \ | | | | | | service: do not run under the root cgroup
| * | service: do not run under the root cgroupGiuseppe Scrivano2022-06-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | at startup, when running on a cgroup v2 system, check if the current process is running in the root cgroup and move it to a sub-cgroup, otherwise Podman is not able to create cgroups and move processes there. Closes: https://github.com/containers/podman/issues/14573 [NO NEW TESTS NEEDED] it needs nested podman Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | cmd/podman: switch to golang native error wrappingSascha Grunert2022-06-30
|/ / | | | | | | | | | | | | We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* / podman image scp remote support & podman image scp taggingcdoern2022-06-28
|/ | | | | | | | | | | | | | | | | | | add support for podman-remote image scp as well as direct access via the API. This entailed a full rework of the layering of image scp functions as well as the usual API plugging and type creation also, implemented podman image scp tagging. which makes the syntax much more readable and allows users t tag the new image they are loading to the local/remote machine: allow users to pass a "new name" for the image they are transferring `podman tag` as implemented creates a new image im `image list` when tagging, so this does the same meaning that when transferring images with tags, podman on the remote machine/user will load two images ex: `podman image scp computer1::alpine computer2::foobar` creates alpine:latest and localhost/foobar on the remote host implementing tags means removal of the flexible syntax. In the currently released podman image scp, the user can either specify `podman image scp source::img dest::` or `podman image scp dest:: source::img`. However, with tags this task becomes really hard to check which is the image (src) and which is the new tag (dst). Removal of that streamlines the arg parsing process Signed-off-by: Charlie Doern <cdoern@redhat.com>
* Fix spelling "setup" -> "set up" and similarErik Sjölund2022-06-22
| | | | | | | | | | * Replace "setup", "lookup", "cleanup", "backup" with "set up", "look up", "clean up", "back up" when used as verbs. Replace also variations of those. * Improve language in a few places. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* Merge pull request #14556 from sstosh/system-prune-networkopenshift-ci[bot]2022-06-20
|\ | | | | podman system prune support prune unused networks
| * podman system prune support prune unused networksToshiki Sonoda2022-06-14
| | | | | | | | | | | | | | | | | | | | | | | | This is an enhancement for the podman system prune feature. In this issue, it is mentioned that 'network prune' should be wired into 'podman system prune' https://github.com/containers/podman/issues/8673 Therefore, I add the function to remove unused networks. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | systemd socker activation: check listener to prevent panicPaul Holzinger2022-06-15
| | | | | | | | | | | | | | | | | | | | Commit 5fa6f686db added a regression which was fixed in eb71712626f9. Apply the same fix again to prevent a panic and return a proper error instead. To not regress again I added a e2e test which makes sure we do not panic. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | golangci-lint: enable nolintlintPaul Holzinger2022-06-14
|/ | | | | | | | | | The nolintlint linter does not deny the use of `//nolint` Instead it allows us to enforce a common nolint style: - force that a linter name must be specified - do not add a space between `//` and `nolint` - make sure nolint is only used when there is actually a problem Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14466 from mheon/fix_9075OpenShift Merge Robot2022-06-03
|\ | | | | Improve robustness of `podman system reset`
| * Improve robustness of `podman system reset`Matthew Heon2022-06-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Firstly, reset is now managed by the runtime itself as a part of initialization. This ensures that it can be used even with runtimes that would otherwise fail to be created - most notably, when the user has changed a core path (runroot/root/tmpdir/staticdir). Secondly, we now attempt a best-effort removal even if the store completely fails to be configured. Third, we now hold the alive lock for the entire reset operation. This ensures that no other Podman process can start while we are running a system reset, and removes any possibility of a race where a user tries to create containers or pull images while we are trying to perform a reset. [NO NEW TESTS NEEDED] we do not test reset last I checked. Fixes #9075 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | podman machine ssh: set correct exit codePaul Holzinger2022-05-30
|/ | | | | | | | | Forward the ssh exit code to the podman caller. This is useful for scripts. Use the same logic as podman unshare. Fixes #14401 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14037 from rhatdan/remoteuriOpenShift Merge Robot2022-05-04
|\ | | | | Report correct RemoteURI
| * Report correct RemoteURIDaniel J Walsh2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | Rather than assuming a filesystem path, the API service URI is recorded in the libpod runtime configuration and then reported as requested. Note: All schemes other than "unix" are hard-coded to report URI exists. Fixes #12023 Signed-off-by: Jhon Honce <jhonce@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #14066 from ashley-cui/sysresOpenShift Merge Robot2022-05-04
|\ \ | |/ |/| podman system reset removed machines incorrectly
| * podman system reset removed machines incorrectlyAshley Cui2022-05-04
| | | | | | | | | | | | | | podman system reset did not clean up machines fully, leaving some config files, and breaking machines. Now it removes all machines files fully. Signed-off-by: Ashley Cui <acui@redhat.com>
* | Add podman machine eventsJhon Honce2022-05-03
|/ | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* enable errcheck linterPaul Holzinger2022-04-29
| | | | | | | | The errcheck linter makes sure that errors are always check and not ignored by accident. It spotted a lot of unchecked errors, mostly in the tests but also some real problem in the code. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* shell completion --format: use structs by referencePaul Holzinger2022-04-28
| | | | | | | | | | | | For the AutocompleteFormat function we expect the correct template struct which is used in the golang template. The function can handle both struct and pointer to a struct. Using the reference is more efficient since it doe snot have to copy the whole struct. Also change some structs to use he actual type from the template instead of some nested one to make sure it has to correct fields. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* shell completion --format: work with nil structsPaul Holzinger2022-04-28
| | | | | | | | | | | | | AutocompleteFormat() takes the format struct as argument. Often the structs are deeply nested and contain other structs. Up until now if there was a pointer to a struct the logic was not able to get the field names from that, simply because the pointer was nil. However it is possible to create a new initialized type with reflect.New(). This allows us to complete all struct fields/functions even when there nil pointers. Therefore we can drop the extra initialization which was done by some callers. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* enable gocritic linterPaul Holzinger2022-04-26
| | | | | | | | | | | | | | | | | | | | | | The linter ensures a common code style. - use switch/case instead of else if - use if instead of switch/case for single case statement - add space between comment and text - detect the use of defer with os.Exit() - use short form var += "..." instead of var = var + "..." - detect problems with append() ``` newSlice := append(orgSlice, val) ``` This could lead to nasty bugs because the orgSlice will be changed in place if it has enough capacity too hold the new elements. Thus we newSlice might not be a copy. Of course most of the changes are just cosmetic and do not cause any logic errors but I think it is a good idea to enforce a common style. This should help maintainability. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* enable unparam linterPaul Holzinger2022-04-25
| | | | | | | The unparam linter is useful to detect unused function parameters and return values. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* system service: remove unnecessary pointer to listnerPaul Holzinger2022-04-21
| | | | | | | Since the listener is already an interface there is no reason to use a extra pointer for it. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Remove error stutterDaniel J Walsh2022-03-25
| | | | | | | | | | | | | | | | | When podman gets an error it prints out "Error: " before printing the error string. If the error message starts with error, we end up with Error: error ... This PR Removes all of these stutters. logrus.Error() also prints out that this is an error, so no need for the error stutter. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* fix a number of errcheck issuesValentin Rothberg2022-03-22
| | | | | | Numerous issues remain, especially in tests/e2e. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* fix a number of `godot` issuesValentin Rothberg2022-03-22
| | | | | | | Still an unknown number remains but I am running out of patience. Adding dots is not the best use of my time. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* linter: enable nilerrValentin Rothberg2022-03-22
| | | | | | | A number of cases looked suspicious, so I marked them with `FIXME`s to leave some breadcrumbs. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* podman system df: fix percent calculationPaul Holzinger2022-03-21
| | | | | | | | | | | | | | | | The calculate the percentage we need floating point numbers. The current code however casted the result of reclaimable/size to an int first. Casting to an int in go will just discard the decimal points, thus the result was either 0 or 1 so if multiplied by 100 it would show up as 0% or 100%. To fix this we have to multiply by 100 first before casting the result to an int. Also add a check for div by zero which results in NaN and use math.Round() to correctly round a number. Ref #13516 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* go fmt: use go 1.18 conditional-build syntaxValentin Rothberg2022-03-18
| | | | Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* fix empty newline in version outputPaul Holzinger2022-03-15
| | | | | | | | | | | | | When podman is build without git commit information it will print a empty newline instead. This is undesirable and a regression introduced in commit 7d22cc88ef38. To test build podman with `go build -mod=vendor -o bin/podman ./cmd/podman` and check the output of bin/podman version with and without this commit. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* system prune: remove all networksPaul Holzinger2022-02-03
| | | | | | | | | | | | | | | podman system prune should also remove all networks. When we want to users to migrate to the new network stack we recommend to run podman system reset. However this did not remove networks and if there were still networks around we would continue to use cni since this was considered an old system. There is one exception for the default network. It should not be removed since this could cause other issues when it no longer exists. The network backend detection logic ignores the default network so this is fine. Signed-off-by: Paul Holzinger <pholzing@redhat.com>