| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
| |
Use GetDefaultAuthFile() from buildah.
For podman command(except login), if authfile does not exist returns error.
close #4328
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
change the default on cgroups v2 and create a new cgroup namespace.
When a cgroup namespace is used, processes inside the namespace are
only able to see cgroup paths relative to the cgroup namespace root
and not have full visibility on all the cgroups present on the
system.
The previous behaviour is maintained on a cgroups v1 host, where a
cgroup namespace is not created by default.
Closes: https://github.com/containers/libpod/issues/4363
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
We never verified that the context directory passed into the build
command was a valid directory. When we then slapped a default Containerfile
name onto it, things went south fast if the user had passed us a file and
not a directory.
Fixes: #4383
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\
| |
| | |
Refactor test to prevent panic
|
| | |
| |
| |
| | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
change the default to -1, so that we can change the semantic of
"--tail 0" to not print any existing log line.
Closes: https://github.com/containers/libpod/issues/4396
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| | |
| | | |
refactor libpod config into libpod/config
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Refactor the `RuntimeConfig` along with related code from libpod into
libpod/config. Note that this is a first step of consolidating code
into more coherent packages to make the code more maintainable and less
prone to regressions on the long runs.
Some libpod definitions were moved to `libpod/define` to resolve
circular dependencies.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Aleksey Chudov <aleksey.chudov@gmail.com>
|
| |\ \
| |/
|/| |
goland autocorrections
|
| | |
| |
| |
| |
| |
| |
| | |
just ran the autocorrect code corrections from goland and it found a few
nits.
Signed-off-by: baude <bbaude@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Currently podman play kube is not using the system default seccomp.json file.
This PR will use the default or override location for podman play.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Generate an image's RepoDigests list using all applicable digests, and
refrain from outputting a digest in the tag column of the "images"
output.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Be prepared to report multiple image digests for images which contain
multiple manifests but, because they continue to have the same set of
layers and the same configuration, are considered to be the same image.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Add --override-arch and --override-os as hidden flags, in line with the
global flag names that skopeo uses, so that we can test behavior around
manifest lists without having to conditionalize more of it by arch.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
Move to containers/image v5 and containers/buildah to v1.11.4.
Replace an equality check with a type assertion when checking for a
docker.ErrUnauthorizedForCredentials in `podman login`.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
when users create a new network and the dnsname plugin can be found by
podman, we will enable container name resolution on the new network.
there is an option to opt *out* as well.
tests cannot be added until we solve the packaging portion of the
dnsname plugin.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\
| |
| | |
rootless: detect no system session with --cgroup-manager=systemd
|
| | |
| |
| |
| |
| |
| |
| | |
if the cgroup manager is set to systemd, detect if dbus is available,
otherwise fallback to --cgroup-manager=cgroupfs.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| | |
| | | |
Add parsing for UID, GID in volume "o" option
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Everything else is a flag to mount, but "uid" and "gid" are not.
We need to parse them out of "o" and handle them separately.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Unless specified otherwise by --all, --latest or via arguments, list all
running containers. This matches the behaviour of Docker and is also
illustrated in the man pages where containers and options are marked to
be optional.
Fixes: #4274
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| |/
|/| |
Show volume options in 'volume inspect'
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We need to use the new Inspect() endpoint instead of trying to
JSON the actual volume structs. Currently, the output seems
completely nonsensical; it seems like we're JSONing the struct
for the Varlink connection itself? This should restore sanity and
match the format of remote and local inspect on volumes.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| |/
|/| |
Add ability to redirect bash for run -i
|
| | |
| |
| |
| | |
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| |/
|/| |
inspect: rename ImageID go field to Image
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The json field is called `Image` while the go field is called `ImageID`,
tricking users into filtering for `Image` which ultimately results in an
error. Hence, rename the field to `Image` to align json and go.
To prevent podman users from regressing, rename `Image` to `ImageID` in
the specified filters. Add tests to prevent us from regressing. Note
that consumers of the go API that are using `ImageID` are regressing;
ultimately we consider it to be a bug fix.
Fixes: #4193
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| | |
| | | |
systemd: accept also /sbin/init
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
it is a regression caused by
3ba3e1c7510d1780b6527a4aa52e40ac2c5b576a.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1761514
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| |/
|/| |
Add squash-all, fix squash option in build
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Translate the podman build --squash command to podman build --layers=false which
has the same functionality as docker build --squash. Add a new option --squash-all
which will squash all layers into one. This will be translated to buildah bud --squash
for the buildah bud api.
Also allow only one option, squash, layers or squash--all to be used per build command.
Fixes: https://github.com/containers/buildah/issues/1234
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
similar change to f7d55d64e7040cdad149684234ea150b0a90cf0e
with images --format=json, be sure the output is valid json also when
it is an empty list.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| |/
|/| |
Migrate can move containers to a user-defined runtime
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a horrible hack to work around issues with Fedora 31, but
other distros might need it to, so we'll move it upstream.
I do not recommend this functionality for general use, and the
manpages and other documentation will reflect this. But for some
upgrade cases, it will be the only thing that allows for a
working system.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | | |
container: initialize results list
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
it solves:
$ podman ps --format=json
null
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| | |
| | | |
Update build man page with latest Buildah changes
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Changes include: Containerfile by default, add --device flags to bud, allow buildah bud to be called without
arguments, and a couple of small typo corrections.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Fix default path for auth.json
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Default path should be ${XDG_RUNTIME_DIR}/containers/auth.json according
to the docs.
This regressed to ${XDG_RUNTIME_DIR}/auth.json in #3760.
Fixes: #4227
Signed-off-by: Hunor Csomortáni <csomh@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
systemd: expect full path /usr/sbin/init
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
it enforces the systemd mode also when the command name doesn't match
/usr/sbin/init or systemd.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
"init" is a quite common name for the command executed in a container
image and Podman ends up using the systemd mode also when not
required.
Be stricter on enabling the systemd mode and not enable it
automatically when the basename is "init" but expect the full path
"/usr/sbin/init".
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
rootless: automatically recreate the pause.pid file
|
| | |/
| |
| |
| |
| |
| |
| | |
if the pause process cannot be joined, remove the pause.pid while
keeping a lock on it, and try to recreate it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
|
|
|
|
|
| |
If it's explicitly set, use it, instead of trying to set a sane
default.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
Setup a reasonable default for pids-limit 4096
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
CRI-O defaults to 1024 for the maximum pids in a container. Podman
should have a similar limit. Once we have a containers.conf, we can
set the limit in this file, and have it easily customizable.
Currently the documentation says that -1 sets pids-limit=max, but -1 fails.
This patch allows -1, but also indicates that 0 also sets the max pids limit.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
This requires updating all import paths throughout, and a matching
buildah update to interoperate.
I can't figure out the reason for go.mod tracking
github.com/containers/image v3.0.2+incompatible // indirect
((go mod graph) lists it as a direct dependency of libpod, but
(go list -json -m all) lists it as an indirect dependency),
but at least looking at the vendor subdirectory, it doesn't seem
to be actually used in the built binaries.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
