| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
We have leaked the exit number codess all over the code, this patch
removes the numbers to constants.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
rootless: automatically create a systemd scope
|
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
when running in rootless mode and using systemd as cgroup manager
create automatically a systemd scope when the user doesn't own the
current cgroup.
This solves a couple of issues:
on cgroup v2 it is necessary that a process before it can moved to a
different cgroup tree must be in a directory owned by the unprivileged
user. This is not always true, e.g. when creating a session with su
-l.
Closes: https://github.com/containers/libpod/issues/3937
Also, for running systemd in a container it was before necessary to
specify "systemd-run --scope --user podman ...", now this is done
automatically as part of this PR.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
|
|
| |
We should not be making it available, it does nothing.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Support running containers without CGroups
|
| |
| |
| |
| |
| |
| |
| | |
This is mostly used with Systemd, which really wants to manage
CGroups itself when managing containers via unit file.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Add explanation mounting named volumes for `podman run`
|
| | |
| | |
| | |
| | | |
Signed-off-by: xcffl <xcffl@outlook.com>
|
|\ \ \
| | | |
| | | | |
Add ability to look up volumes by unambiguous partial name
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This isn't included in Docker, but seems handy enough.
Use the new API for 'volume rm' and 'volume inspect'.
Fixes #3891
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| |/ /
|/| | |
podman network create
|
| |/
| |
| |
| |
| |
| |
| | |
initial implementation of network create. we only support bridging
networks with this first pass.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
cli-flags: use a consistent format for <size><unit>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use a consistent format for description of the <size><unit> flags.
Also, avoid backticks for /dev/shm, as that's interpreted as the format
by the flag parsing lib.
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| | |
Pass down the cgroup manager to use to buildah.
Closes: https://github.com/containers/libpod/issues/3938
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
We have had some issues with users squashing large images or pulling large
content from github, that could trigger crashes based on the size of /tmp.
Docker had an issue with this back in 2016. https://github.com/golang/go/issues/14021
The discussion there was to change the default to /var/tmp.
This change will only effect systems that do not set the TMPDIR environment variable.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
detect if the current user namespace doesn't match the configuration
in the /etc/subuid and /etc/subgid files.
If there is a mismatch, raise a warning and suggest the user to
recreate the user namespace with "system migrate", that also restarts
the containers.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
add --cert-dir image sign
|
| |
| |
| |
| |
| |
| |
| | |
Requirement from #2726
Add --cert-dir for `podman image sign`.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
* Improved error message
* Added documentation
* Updated messages to include missing data
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
generate systemd pod
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Support generating systemd unit files for a pod. Podman generates one
unit file for the pod including the PID file for the infra container's
conmon process and one unit file for each container (excluding the infra
container).
Note that this change implies refactorings in the `pkg/systemdgen` API.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Drop the support for remote clients to generate systemd-service files.
The generated files are machine-dependent and hence relate only to the
a local machine. Furthermore, a proper service management when using
a remote-client is not possible as systemd has no access to a process.
Dropping the support will also reduce the risk of making users believe
that the generated services are usable in a remote scenario.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Need to include command name in error message
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
I hit this error and it told be to system migrate`
as opposed to `podman system migrate`
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
podman-remote: cp crashes
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
prune unwanted messages when running a container remotely. also, cp is
not remote-enabled yet and as such should not be available on the remote
client.
Fixes: #3861
Signed-off-by: baude <bbaude@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the digestfile option to the push command so the digest can
be stored away in a file when requested by the user. Also have added
a debug statement to show the completion of the push.
Emulates Buildah's https://github.com/containers/buildah/pull/1799/files
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \
| | |
| | | |
Fix error message on podman stats on cgroups v1 rootless environments
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
podman stats does not work in rootless environments with cgroups V1.
Fix error message and document this fact.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Use GetRuntimeDir to setup auth.json for login
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously unimplemented. Works the same way the local one does, except its remote.
Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Change backend code for 'volume inspect'
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Begin to separate the internal structures and frontend for
inspect on volumes. We can't rely on keeping internal data
structures for external presentation - separating presentation
and internal data format is good practice.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| | | | |
| | | | | |
Allow customizing pod hostname
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* set hostname in pod yaml file
* set --hostname in pod create command
Signed-off-by: Chen Zhiwei <zhiweik@gmail.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
do not activate sd_notify support when varlink
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
add ability to not activate sd_notify when running under varlink as it
causes deadlocks and hangs.
Fixes: #3572
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
add --pull flag for podman create&run
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Requirement from https://github.com/containers/libpod/issues/3575#issuecomment-512238393
Added --pull for podman create and pull to match the newly added flag in docker CLI.
`missing`: default value, podman will pull the image if it does not exist in the local.
`always`: podman will always pull the image.
`never`: podman will never pull the image.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
adding podman network and the subcommands inspect, list, and rm. the
inspect subcommand displays the raw cni network configuration. the list
subcommand displays a summary of the cni networks ala ps. and the rm
subcommand removes a cni network.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
varlink endpoint for containerstats requires root
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
obtaining containerstats requires the use of cgroups. at present,
rootless users do not have privileges to create cgroups. add an error
message that catches this for the varlink endpoint and return a proper
error.
Fixes: #3749
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Squish a few tpyo nits in container.go doc
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
A quick fix a few nits in documentation within
cmd/podman/shared/containers.go. This gets the last
bits as noted in #3577
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | | |
and enable rootless stats when running on cgroups v2.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|