summaryrefslogtreecommitdiff
path: root/cmd/podman
Commit message (Collapse)AuthorAge
* signal parsing - better input validationEd Santiago2019-12-26
| | | | | | | | | | | | | | | | | | | | | | The helper function we use for signal name mapping does not check for negative numbers nor invalid (too-high) ones. This can yield unexpected error messages: # podman kill -s -1 foo ERRO[0000] unknown signal "18446744073709551615" This PR introduces a small wrapper for it that: 1) Strips off a leading dash, allowing '-1' or '-HUP' as valid inputs; and 2) Rejects numbers <1 or >64 (SIGRTMAX) Also adds a test suite checking signal handling as well as ensuring that invalid signals are rejected by the command line. Fixes: #4746 Signed-off-by: Ed Santiago <santiago@redhat.com>
* add struct response for removal of imagesbaude2019-12-23
| | | | | | | | when removing an image from storage, we should return a struct that details what was untagged vs deleted. this replaces the simple println's used previously and assists in API development. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #4722 from giuseppe/drop-arbitrary-limitOpenShift Merge Robot2019-12-19
|\ | | | | libpod: drop arbitrary memory limit of 4M
| * libpod: drop arbitrary memory limit of 4MGiuseppe Scrivano2019-12-17
| | | | | | | | | | | | drop the arbitrary limit of 4M for creating a container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | container config: add CreateCommandValentin Rothberg2019-12-13
|/ | | | | | | | | | | | | | | | | | Store the full command plus arguments of the process the container has been created with. Expose this data as a `Config.CreateCommand` field in the container-inspect data as well. This information can be useful for debugging, as we can find out which command has created the container, and, if being created via the Podman CLI, we know exactly with which flags the container has been created with. The immediate motivation for this change is to use this information for `podman-generate-systemd` to generate systemd-service files that allow for creating new containers (in contrast to only starting existing ones). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #4677 from baude/execenvfileOpenShift Merge Robot2019-12-11
|\ | | | | allow exec to read files of environment variables
| * allow exec to read files of environment variablesbaude2019-12-11
| | | | | | | | | | | | | | | | | | we want the ability to define environment variables in files for the exec command. Fixes: #1782408 Signed-off-by: baude <bbaude@redhat.com>
* | move image filters under libpod/imagesbaude2019-12-10
|/ | | | | | | | to make things more effecient for the api work we are doing, we should process image filters internally (as opposed to in main). this allows for better api responses and more closely affiliated functions. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #4517 from baude/macvlanOpenShift Merge Robot2019-12-09
|\ | | | | macvlan networks
| * macvlan networksbaude2019-12-09
| | | | | | | | | | | | add the ability to a macvlan network with podman network create. Signed-off-by: baude <bbaude@redhat.com>
* | Use terminal detach keys sequence specified in the config fileMarco Vedovati2019-12-06
| | | | | | | | | | | | Fixes: #4556 Signed-off-by: Marco Vedovati <mv@sba.lat>
* | Merge pull request #4596 from kunalkushwaha/container-pruneOpenShift Merge Robot2019-12-02
|\ \ | | | | | | container prune command fixed as per docker prune command
| * | filter added to container prune commandKunal Kushwaha2019-11-29
| | | | | | | | | | | | | | | | | | | | | filter flag helps to filter the containers based on labels, until(time), name, etc for prune command. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
| * | command output fixed as per docker equivalentKunal Kushwaha2019-11-28
| | | | | | | | | | | | | | | | | | container prune command ask for confirmation by default. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | | Merge pull request #4608 from rhatdan/vendorOpenShift Merge Robot2019-12-02
|\ \ \ | | | | | | | | Fix podman-remote version to print client and server
| * | | Fix podman-remote version to print client and serverDaniel J Walsh2019-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the user specifies .Server.* on a non podman-remote, substitute .Client for .Server and return the value. This is for compatability with Docker. Since prior versions documented --format {{ .Version }}, we have to continue to support that. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #4493 from mheon/add_removing_stateOpenShift Merge Robot2019-12-02
|\ \ \ \ | |/ / / |/| | | Add ContainerStateRemoving
| * | | Add ContainerStateRemovingMatthew Heon2019-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When Libpod removes a container, there is the possibility that removal will not fully succeed. The most notable problems are storage issues, where the container cannot be removed from c/storage. When this occurs, we were faced with a choice. We can keep the container in the state, appearing in `podman ps` and available for other API operations, but likely unable to do any of them as it's been partially removed. Or we can remove it very early and clean up after it's already gone. We have, until now, used the second approach. The problem that arises is intermittent problems removing storage. We end up removing a container, failing to remove its storage, and ending up with a container permanently stuck in c/storage that we can't remove with the normal Podman CLI, can't use the name of, and generally can't interact with. A notable cause is when Podman is hit by a SIGKILL midway through removal, which can consistently cause `podman rm` to fail to remove storage. We now add a new state for containers that are in the process of being removed, ContainerStateRemoving. We set this at the beginning of the removal process. It notifies Podman that the container cannot be used anymore, but preserves it in the DB until it is fully removed. This will allow Remove to be run on these containers again, which should successfully remove storage if it fails. Fixes #3906 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | Merge pull request #4558 from rhatdan/resetOpenShift Merge Robot2019-11-29
|\ \ \ \ | | | | | | | | | | Add podman system reset command
| * | | | Add podman system reset commandDaniel J Walsh2019-11-29
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | This command will destroy all data created via podman. It will remove containers, images, volumes, pods. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / | | Do not initialize store on rootless podmanSascha Grunert2019-11-29
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | This fixes a double-locking issue of the container storage when running rootless podman. Closes #4591 Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | Merge pull request #4568 from openSUSE/historyOpenShift Merge Robot2019-11-27
|\ \ \ | | | | | | | | Add support for image name history
| * | | Add support for image name historySascha Grunert2019-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We leverage the containers/storage image history tracking feature to show the previously used image names when running: `podman images --history` Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | Merge pull request #4443 from QiWang19/prune_podOpenShift Merge Robot2019-11-26
|\ \ \ \ | | | | | | | | | | Remove containers when pod prune & pod rm.
| * | | | Remove containers when pruning a stopped pod.Qi Wang2019-11-26
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | This path allows pod prune & pod rm to remove stopped containers in the pod before deleting the pod. PrunePods and RemovePod should be able to remove containers without force removal of stopped pods. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #4475 from rhatdan/tmpdirOpenShift Merge Robot2019-11-26
|\ \ \ \ | |/ / / |/| | | Add missing information to podman.1 man page
| * | | Add missing information to podman.1 man pageDaniel J Walsh2019-11-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add missing options. Define the use of the TMPDIR environment variable for the storing of container images when they are being pulled to the system. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #4514 from mheon/discard_cleanup_errorsOpenShift Merge Robot2019-11-26
|\ \ \ \ | | | | | | | | | | Discard errors from Shutdown in `system renumber`
| * | | | Discard errors from Shutdown in `system renumber`Matthew Heon2019-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Every other Podman command discards errors from Shutdown, which will error if containers are running. Mirror that behavior, just ignore the errors. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | podman {pod,} rm/stop: add --ignore flagValentin Rothberg2019-11-25
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an --ignore flag to podman rm and stop. When specified, Podman will ignore "no such {container,pod}" errors that occur when a specified container/pod is not present in the store (anymore). The motivation behind adding this flag is to write more robust systemd services using Podman. A user might have manually decided to remove a container/pod which would lead to a failure during the `ExecStop` directive of a systemd service referencing that container/pod. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4512 from kunalkushwaha/prune-filterOpenShift Merge Robot2019-11-22
|\ \ \ \ | |_|/ / |/| | | image prune command fixed as per docker image prune.
| * | | filter added to image pruge command.Kunal Kushwaha2019-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | filter option accepts two filters. - label - until label supports "label=value" or "label=key=value" format until supports all golang compatible time/duration formats. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
| * | | warning added before image prune commandKunal Kushwaha2019-11-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Warning message added before executing image prune Added a force option, to execute without user input. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | | | Merge pull request #4523 from vrothberg/systemd-improvementsOpenShift Merge Robot2019-11-19
|\ \ \ \ | | | | | | | | | | podman rm/stop --cidfile
| * | | | podman rm/stop --cidfileValentin Rothberg2019-11-18
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a --cidfile flag to podman rm/stop to pass a container ID via a file. Podman run already provides the functionaly to store the ID in a specified file which we now complete with rm/stop. This allows for a better life-cycle management in systemd services. Note that --cdifile can be specified multiple times to rm/stop. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4505 from vrothberg/archOpenShift Merge Robot2019-11-16
|\ \ \ \ | | | | | | | | | | container create: os/arch check
| * | | | container create: os/arch checkValentin Rothberg2019-11-12
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | Unless explicitely overridden, check if the image's OS and architecture and throw an errors in case of a mismatch. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4368 from haircommander/pod-annotationsOpenShift Merge Robot2019-11-15
|\ \ \ \ | |_|/ / |/| | | Add pod annotations to container
| * | | Add pod annotations to containerPeter Hunt2019-11-08
| | | | | | | | | | | | | | | | | | | | | | | | We have the annotations SandboxID, let's use them. This also allows kata containers to be created in pods and share a VM with the infra container. Note: as of now, this sharing only works if the pod has an infra container Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | codespell: spelling correctionsDmitry Smirnov2019-11-13
| |/ / |/| | | | | | | | Signed-off-by: Dmitry Smirnov <onlyjob@member.fsf.org>
* | | Merge pull request #4408 from slimjim2234/masterOpenShift Merge Robot2019-11-08
|\ \ \ | | | | | | | | Fixed issue #4391; podman info --format '{{ json . }}'
| * | | Fixed the JSON go template format for the 'info' actionJimmy Crumpler2019-11-01
| | | | | | | | | | | | | | | | Signed-off-by: Jimmy Crumpler <slimjim2234@gmail.com>
* | | | Merge pull request #4337 from QiWang19/check_auth_pathOpenShift Merge Robot2019-11-08
|\ \ \ \ | | | | | | | | | | fix bug check nonexist authfile
| * | | | fix bug check nonexist authfileQi Wang2019-11-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use GetDefaultAuthFile() from buildah. For podman command(except login), if authfile does not exist returns error. close #4328 Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | Merge pull request #4427 from rst0git/docs-rm-vOpenShift Merge Robot2019-11-08
|\ \ \ \ \ | |_|_|/ / |/| | | | docs: Update "podman container rm -v" description
| * | | | docs: Update "podman container rm -v" descriptionRadostin Stoyanov2019-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In commit 52df1fa (Fix volume handling in podman) was implemented the --volume option for podman remove. However, its behaviour changed after 83db80c (Only remove image volumes when removing containers). This commit updates the description of this option to reflect the new behaviour. Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
* | | | | Split up create config handling of namespaces and securityPeter Hunt2019-11-07
| |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | As it stands, createconfig is a huge struct. This works fine when the only caller is when we create a container with a fully created config. However, if we wish to share code for security and namespace configuration, a single large struct becomes unweildy, as well as difficult to configure with the single createConfigToOCISpec function. This PR breaks up namespace and security configuration into their own structs, with the eventual goal of allowing the namespace/security fields to be configured by the pod create cli, and allow the infra container to share this with the pod's containers. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | Merge pull request #4451 from giuseppe/set-macOpenShift Merge Robot2019-11-07
|\ \ \ \ | | | | | | | | | | podman: add support for specifying MAC
| * | | | podman: add support for specifying MACJakub Filak2019-11-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I basically copied and adapted the statements for setting IP. Closes #1136 Signed-off-by: Jakub Filak <jakub.filak@sap.com>
* | | | | Merge pull request #4468 from nalind/image-digestsOpenShift Merge Robot2019-11-07
|\ \ \ \ \ | | | | | | | | | | | | podman images --digest: always list a digest