| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
| |
Fixes the ability to run (create,start) a container and attach to its
console correctly. We can now also exit from the console without
hanging the remote client.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\
| |
| | |
Initial remote flag clean up
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The remote client should not honor most of the local podman "global"
options. Many of them are only applicable to where the podman backend
is actually running.
Also, removing some options for push and pull that also are not
applicable to the remote client environment.
Additionally, take some of the code from main and pop it into functions
that can be called whether local or not. This helps the remote client
and darwin builds.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| |/
|/| |
(minor): fix misspelled 'Healthcheck'
|
| | |
| |
| |
| | |
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also, you can now podman-remote run -it. There are some bugs that need
to be ironed out but I would prefer to merge this so we can make both
progress on start and exec as well as the bugs.
* when doing podman-remote run -it foo /bin/bash, you have to press
enter to get the prompt to display. with the localized podman, we had to
teach it connect to the console first and then start the container so we
did not miss anything.
* when executing "exit" in the console, we get a hard lockup likely
because nobody knows what to do.
* custom detach keys are not supported
* podman-remote run -it alpine ls does not currently work. only
dropping to a shell works.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\
| |
| | |
podman-remote ps
|
| | |
| |
| |
| |
| |
| | |
add the ability to run ps on containers using the remote client.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
Implement podman-remote umount and rm command
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
* refactor command output to use one function
* Add new worker pool parallel operations
* Implement podman-remote umount
* Refactored podman wait to use printCmdOutput()
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
| |
Revert the error check from #2832. This is not strictly
necessary, since 'podman ps --size' now works perfectly
fine in nonroot because some recent change (Giuseppe's,
presumably) masked os.Geteuid() return 0... but removing
for maintainability's sake.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
podman-remote create|run
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add the ability to create and run containers via the podman-remote
client.
we now create an intermediate layer from the the create/run cli flags.
the intermediate layer can be converted into a createconfig or into a
varlink struct. Once transported, the varlink struct can be converted
back to an intermediate layer and then to a createconfig.
remote terminals are not supported yet.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| |/
|/| |
fix bug podman cp directory
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
`podman cp` used to copy the contents under the source directory to the destination. But according to the specification in podman-cp.md. it should copy the whole directory to the destination if the destination directory already exists.
- src dir ends with /., copy the contents to dest dir
- src dir does not end with /.
- dest dir /home does not exist, copy the contents
- dest dir /home exists, copy the directory
```
$ sudo podman cp /home/qiwan/Documents/empty 7c47:/home
$ sudo podman exec -it 7c47 ls /home
$
$ sudo podman cp /home/qiwan/Documents/empty 7c47:/home
$ sudo podman exec -it 7c47 ls /home
empty
```
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
Switch to golangci-lint
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
| |\ \ \
| | | |
| | | | |
Respect image entrypoint in play kube
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Before we ignored an entrypoint specified in an image, which lead to crashes when a user assumed the entrypoint would be used
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Closes: https://github.com/containers/libpod/issues/2852
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |/
|/|
| |
| |
| |
| |
| | |
add the ability for the podman-remote client to be able to print an
image tree.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| |/
|/| |
rootless: single user namespace
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
simplify the rootless implementation to use a single user namespace
for all the running containers.
This makes the rootless implementation behave more like root Podman,
where each container is created in the host environment.
There are multiple advantages to it: 1) much simpler implementation as
there is only one namespace to join. 2) we can join namespaces owned
by different containers. 3) commands like ps won't be limited to what
container they can access as previously we either had access to the
storage from a new namespace or access to /proc when running from the
host. 4) rootless varlink works. 5) there are only two ways to enter
in a namespace, either by creating a new one if no containers are
running or joining the existing one from any container.
Containers created by older Podman versions must be restarted.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
in the few places where we care about skipping the storage
initialization, we can simply use the process effective UID, instead
of relying on a global boolean flag.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
| |\ \
| | |
| | | |
--size does not work with rootless at present
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We'd need to join multiple container's user namespaces, which is
not possible for now. The rootless single userns patches under
development by Giuseppe will fix this, but won't land in 1.2.x.
For now, disable --size as rootless.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | | |
Fix a potential segfault in podman search
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When generating headers for search, we unconditionally
access element 0 of an array, and I saw this segfault in our CI.
There's no reason we have to do this, we're just going through it
to get field names with reflect, so just make a new copy of the
struct in question.
Also, move this code, which is only for CLI display, into
cmd/podman from libpod/image.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/
|
|
|
|
|
| |
the remote client now can run the diff command to report changes,
modifications, and deletions in an image or container.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
| |
--trace, --help and --version were not capatilized like the rest of the
global options. This patch fixes this problem.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
Add watch mode to podman ps
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
allows users to "watch" the output of podman ps on a set interval in
seconds. in watch mode, the screen is cleared between intervals as well.
podman -ps -w1 watches on 1 second intervals
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
Set blob cache directory based on GraphDriver
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remove references to image2 in source code. Makes the code
slightly more readable.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently in rootless containers, we end up not using the blob cache.
We also don't store the blob cache based on the users specified graph
storage. This change will cause the cache directory to be stored with
the rest of the containe images.
While doing this patch, I found that we had duplicated GetSystemContext in
two places in libpod. I cleaned this up.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Default to SELinux private label for play kube mounts
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before, there were SELinux denials when a volume was bind-mounted by podman play kube.
Partially fix this by setting the default private label for mounts created by play kube (with DirectoryOrCreate)
For volumes mounted as Directory, the user will have to set their own SELinux permissions on the mount point
also remove left over debugging print statement
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\ \
| | |
| | | |
fix bug remote-podman images --digests
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add `digest` field to Image struct and update API.md
Show image digests when using --digests in podman-remote.
```
$ PODMAN_VARLINK_ADDRESS="tcp:127.0.0.1:1234" sudo bin/podman-remote images --digests
REPOSITORY TAG DIGEST IMAGE ID CREATED SIZE
docker.io/library/alpine latest sha256:d05ecd4520cab5d9e5d877595fb0532aadcd6c90f4bbc837bc11679f704c4c82 5cb3aa00f899 2 weeks ago 5.79 MB
docker.io/library/busybox latest sha256:4415a904b1aca178c2450fd54928ab362825e863c0ad5452fd020e92f7a6a47e d8233ab899d4 5 weeks ago 1.42 MB
```
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \
| | | |
| | | | |
fix bug `system df` add a space to the output
|
| | |/ /
| | |
| | |
| | |
| | |
| | | |
fix typo in Containers space usage: of podman system df -v, add a space for created time Change format string to const
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Remove ulele/deepcopier in favor of JSON deep copy
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The jsoniterator library believes that panic() is a reasonable
response to being told to indent JSON with a tab. So use spaces
instead.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We have a very high performance JSON library that doesn't need to
perform code generation. Let's use it instead of our questionably
performant, reflection-dependent deep copy library.
Most changes because some functions can now return errors.
Also converts cmd/podman to use jsoniter, instead of pkg/json,
for increased performance.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| |/
|/| |
system df: reject invalid arguments
|
