| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1167
Approved by: baude
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, getRuntimeSpec always fails on non-Linux because
spec.CreateConfigToOCISpec always fails, because the podman CLI
sets up a seccomp path, and processing that on non-Linux is not supported. This
breaks testing of entirely unrelated options.
We can either skip the tests on non-Linux, or explicitly disable seccomp
inside the tests. Linux testing matters much more than other platforms,
and the tests are more reliable when they don't change supposedly
unrelated options; so, skip the tests on non-Linux.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1115
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
| |
None of the functions are used within the package, and it does not build
on non-Linux systems.
(Similar code continues to exist in pkg/chrootuser, and is unaffected.)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1115
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
With tests, man page, and completions.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1125
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
With tests, man page and completions.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1152
Approved by: rhatdan
|
|\
| |
| | |
Add Pod and Container namespaces
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
Allows joining libpod to a specific namespace when running a
Podman command.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
|/
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
Make this clear in the docs and Command.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1138
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Addresses a regression in `podman mount` due to our mount changes
to allow concurrency by letting c/storage handle mounting and
unmounting.
Combine Mounted() and Mountpoint() into one function and query
c/storage directly to ensure we get accurate information.
Fixes: #1143
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1144
Approved by: baude
|
|
|
|
|
|
|
|
|
| |
Check at runtime if AppArmor is enabled on the host.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1128
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
Trying to play with podman top, I had a hard time
finding info on format options.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1134
Approved by: umohnani8
|
|
|
|
|
|
|
|
|
| |
Before, errors in containers would never be printed, and a generic error would only be shown.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1132
Approved by: mheon
|
|\
| |
| | |
Add pod start and stop
|
| |
| |
| |
| |
| |
| |
| | |
As well as added tests, man pages, and completions.
Also reformatted and refactored a couple of other small things in the other pod commands.
Signed-off-by: haircommander <pehunt@redhat.com>
|
|\ \
| | |
| | | |
Pod ps now uses pod.Status()
|
| |/
| |
| |
| |
| |
| | |
It used to call ctr.State() to figure out what the pod status was, which certainly locked/unlocked excessively. Status now uses the libpod/pod function that bypasses this.
Signed-off-by: haircommander <pehunt@redhat.com>
|
|\ \
| | |
| | | |
Podman load/tag/save prepends localhost when no registry is present
|
| |/
| |
| |
| |
| |
| | |
Instead of having docker.io/library as its repository. Test included.
Signed-off-by: haircommander <pehunt@redhat.com>
|
|\ \
| | |
| | | |
Let containers/storage keep track of mounts
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently we unmount storage that is still in use.
We should not be unmounting storeage that we mounted
via a different command or by podman mount. This
change relies on containers/storage to umount keep track of
how many times the storage was mounted before really unmounting
it from the system.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|/|
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use github.com/containers/psgo instead of execing `ps (1)`. The psgo
library enables a much more flexible interface with respect to which
data to be printed (e.g., capabilities, seccomp mode, PID, PCPU, etc.)
while the output can be parsed reliably. The library does not use
ps (1) but parses /proc and /dev instead. To list the processes of a
given container, psgo will join the mount namespace of the given
container and extract all data from there.
Notice that this commit breaks compatibility with docker-top.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1113
Approved by: rhatdan
|
|
|
|
|
| |
Closes: #1101
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's no reason --size cannot be used together with a Go
template - in fact, using a Go template for {{.Size}} without
--size being passed will not work.
Allow use of --namespace and --size with Go templates, but not
with --quiet. Do not allow --namespace and --size at the same
time.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
| |
To do this, move it into a separate struct, and embed that in
the JSON we return.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
We're printing them unconditionally now, even if --size is not
passed, which is confusing (you see a pair of 0s for container
size, when it is clearly not 0).
This may introduce bugs related to containers with an rwsize of 0
(freshly created from an image) and --size specified, but is
definitely better than what we have now.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A number of fields were never being populated. Populate them as
best we can.
Add a new field, exited, to indicate whether the exit code has
meaning (IE, the container has exited).
Fix handling of running time - it stops ticking when the
container stops. There is further work needed here, I suspect.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
| |
Use this to supplement exit codes returned from containers, to
make sure we know when exit codes are invalid (as the container
has not yet exited)
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\
| |
| | |
rootless: fix usage on Fedora Silverblue/CoreOS
|
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| | |
Closes: https://github.com/projectatomic/libpod/issues/1073
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Podman pod create/rm/ps commands with man pages and tests
|
| | |
| | |
| | |
| | | |
Signed-off-by: haircommander <pehunt@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Includes a very stripped down version of podman pod ps, just for testing
Signed-off-by: haircommander <pehunt@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes a race condition where conmon is still writing the exit
file and the container is exiting.
Also we should not be ignoring the -a stdin flag if the user specifies
--interactive mode.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1086
Approved by: baude
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This way ^c will actually kill the host process if the container is not
actually running.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1086
Approved by: baude
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1084
Approved by: baude
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman rmi was deleting an image even if it was a parent of
another image. This fix just untags the image instead.
This also fixes podman rmi to remove intermediate images of
an image when the image is removed.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #1055
Approved by: mheon
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1083
Approved by: rhatdan
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make users of libpod more secure by adding the libpod/apparmor package
to load a pre-defined AppArmor profile. Large chunks of libpod/apparmor
come from github.com/moby/moby.
Also check if a specified AppArmor profile is actually loaded and throw
an error if necessary.
The default profile is loaded only on Linux builds with the `apparmor`
buildtag enabled.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1063
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
podman now supports --volumes-from flag, which allows users
to add all the volumes an existing container has to a new one.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #931
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1031
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
if we snip the requirement to use a buildah const in the libpod image library,
we can save something on the order of 85 vendored files in consumers of the
the library.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1054
Approved by: mheon
|