| Commit message (Collapse) | Author | Age |
|\
| |
| | |
podman network create: validate user input
|
| |
| |
| |
| |
| |
| |
| | |
Disallow invalid/confusing names such as '../bar' or 'foo '
Closes #4184
Signed-off-by: Mrigank Krishan <mrigankkrishan@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
|/
|
|
| |
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
|\
| |
| | |
podman import syntax fix
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
currently, podman import change do not support syntax like
- KEY val
- KEY ["val"]
This adds support for both of these syntax along with KEY=val
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
|
|\ \
| | |
| | | |
Correct use of reexec.Init()
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A true result from reexec.Init() isn't an error, but it indicates that
main() should exit with a success exit status.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Set log-level immediately, before rootless setup
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If we don't do this, we print WARN level messages that we should
not be printing by default.
Up one WARN message to ERROR so it still shows up by default.
Fixes: #4115
Fixes: #4012
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|/ /
| |
| |
| |
| |
| |
| | |
close #3894
This patch let podman cp return 'no such file or directory' error if DEST_PATH does not exist and ends with / when copying file.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \
| | |
| | | |
Document the required varlink build args
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The API document incorrectly documented the wrong varlink build
arguments. The output attribute is required.
Fixes: #3204
Signed-off-by: baude <bbaude@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
Fix the logic when getting the runtime for varlink to actually disable
SDNotify support.
Fixes: #4005
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
when using the remote client, users may need to specify a non-standard
port for ssh connections. we can do so on the command line and within
the remote-client configuration file.
Fixes: #3987
Signed-off-by: baude <bbaude@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
We want to default to secure when running containers as root,
in rootless, we need to change the default if the system does not
support cgroup v1.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
get runtime for podman-remote push earlier
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
to prevent client side panics, we should get the runtime earlier in the
process of push.
Fixes: #4013
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
rootless: report the correct error
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
do not shadow the err variable so that the correct error message can
be reported when utils.RunUnderSystemdScope fails.
Closes: https://github.com/containers/libpod/issues/4012
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Podman-remote run should wait for exit code
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We have leaked the exit number codess all over the code, this patch
removes the numbers to constants.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Stop glob'ing on podman cp
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | | |
* symlink processing and wildcarding led to unexpected files
being copied
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
enhance podman network rm
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when removing a podman network, we need to make sure we delete the
network interface if one was ever created (by running a container).
also, when removing networks, we check if any containers are using the
network. if they are, we error out unless the user provides a 'force'
option which will remove the containers in question.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| |/ /
|/| | |
fix podman sign signature store for rootless
|
| | |
| | |
| | |
| | |
| | |
| | | |
Store the the signature under graphroot when using rootless podman image sign.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \
| |_|/
|/| | |
rootless: automatically create a systemd scope
|
| | |
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
when running in rootless mode and using systemd as cgroup manager
create automatically a systemd scope when the user doesn't own the
current cgroup.
This solves a couple of issues:
on cgroup v2 it is necessary that a process before it can moved to a
different cgroup tree must be in a directory owned by the unprivileged
user. This is not always true, e.g. when creating a session with su
-l.
Closes: https://github.com/containers/libpod/issues/3937
Also, for running systemd in a container it was before necessary to
specify "systemd-run --scope --user podman ...", now this is done
automatically as part of this PR.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
|
|
| |
We should not be making it available, it does nothing.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Support running containers without CGroups
|
| |
| |
| |
| |
| |
| |
| | |
This is mostly used with Systemd, which really wants to manage
CGroups itself when managing containers via unit file.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Add explanation mounting named volumes for `podman run`
|
| | |
| | |
| | |
| | | |
Signed-off-by: xcffl <xcffl@outlook.com>
|
|\ \ \
| | | |
| | | | |
Add ability to look up volumes by unambiguous partial name
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This isn't included in Docker, but seems handy enough.
Use the new API for 'volume rm' and 'volume inspect'.
Fixes #3891
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| |/ /
|/| | |
podman network create
|
| |/
| |
| |
| |
| |
| |
| | |
initial implementation of network create. we only support bridging
networks with this first pass.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
cli-flags: use a consistent format for <size><unit>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use a consistent format for description of the <size><unit> flags.
Also, avoid backticks for /dev/shm, as that's interpreted as the format
by the flag parsing lib.
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| | |
Pass down the cgroup manager to use to buildah.
Closes: https://github.com/containers/libpod/issues/3938
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
We have had some issues with users squashing large images or pulling large
content from github, that could trigger crashes based on the size of /tmp.
Docker had an issue with this back in 2016. https://github.com/golang/go/issues/14021
The discussion there was to change the default to /var/tmp.
This change will only effect systems that do not set the TMPDIR environment variable.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
detect if the current user namespace doesn't match the configuration
in the /etc/subuid and /etc/subgid files.
If there is a mismatch, raise a warning and suggest the user to
recreate the user namespace with "system migrate", that also restarts
the containers.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
add --cert-dir image sign
|
| |
| |
| |
| |
| |
| |
| | |
Requirement from #2726
Add --cert-dir for `podman image sign`.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
* Improved error message
* Added documentation
* Updated messages to include missing data
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
generate systemd pod
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Support generating systemd unit files for a pod. Podman generates one
unit file for the pod including the PID file for the infra container's
conmon process and one unit file for each container (excluding the infra
container).
Note that this change implies refactorings in the `pkg/systemdgen` API.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|