| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
automatically pick an empty range and create an user namespace for the
container.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
|
| |
vendor in c/common config pkg for containers.conf
Signed-off-by: Qi Wang qiwan@redhat.com
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I wrote a script to cross-reference podman --help against
man pages. It found a bunch of inconsistencies fix them:
* options missing from man pages
* options misspelled or misformatted in man pages (usually
misplaced asterisks or missing dashes, but see --dns-opt)
* one spurious comma in the actual source file --help
This is a fix in which I iterate over 'podman CMD --help'
and check for presence in man pages. The other way around
(look for flags in man pages, check podman CMD --help)
is probably impossible: there are too many special cases
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|
|
|
|
|
|
| |
Some users have small /var/tmp directories and need to be able to specify a different location
for temporary files, which includes more space.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
The --rmi flag will delete the container image after its execution
unless that image is already been used by another container(s).
This is useful when one wants to execute a container once and remove
any resources attached to it.
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
|\
| |
| | |
Add --no-healthcheck command to create/run
|
| |
| |
| |
| |
| |
| |
| |
| | |
Now support --no-healthcheck option to disable defined healthchecks in a container image. --health-cmd=none remains supported as well.
Fixes: #5299
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
|
| |
Also apply changes from commit 3fd9f0c028f9dab7c8923629d4dc5d38e594db1a
to the other two commands that have the --device option.
Documents #4550
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I saw some bad formatting when reading "man podman-run" and
proceeded to fix it. I have now opened a can of worms...
This commit tries to fix some of the formatting, wording and
other bugs I came across (unfortunately not all of them).
Can't list every fix that I made here, but in general:
- format lists as such (prepend items with "- ");
- format examples as such (enclose in ```...```);
- format literal values (option names, literal values) as **bold**;
- format man page references as **page**(1).
- format replacements (option values) and file names as _italic_;
- remove some duplicate info (such as what's the default value);
- move option value description to option syntax;
- end sentences with a period.
To test:
```console
$ make docs
$ man ./docs/build/man/podman-run.1 ### check terminal formatting
$ man -Tps ./docs/build/man/podman-run.1 > podman-run.ps
$ ps2pdf podman-run.ps ### optional
$ evince podman-run.pdf ### check printer formatting (or use ps viewr
```
NOTE
- there is much more to do here;
- I haven't checked any factual contents, this is about formatting
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Update documentation for crun >= 0.11.
See https://github.com/containers/crun/commit/6df930821d80a8e151674f0fda1321fba93bb92d
Fixes #4477
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
|
|
|
|
|
|
| |
The conversion of markdown to man pages is causing "_" to cover entire lines.
This PR cleans this up and fixes some of the english.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
| |
Move the seccomp profile from a manifest annotation to a config label.
This way, we can support it for Docker images as well and provide an
easy way to add that data via Dockerfiles.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
|
|
| |
it allows to disable cgroups creation only for the conmon process.
A new cgroup is created for the container payload.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
|
| |
We have a lot of cludgy code trying to make --net and --network equivalent.
This will allow --net to still exists but will eliminate the help and confusion.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
policy for seccomp-profile selection
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Implement a policy for selecting a seccomp profile. In addition to the
default behaviour (default profile unless --security-opt seccomp is set)
add a second policy doing a lookup in the image annotation.
If the image has the "io.containers.seccomp.profile" set its value will be
interpreted as a seccomp profile. The policy can be selected via the
new --seccomp-policy CLI flag.
Once the containers.conf support is merged into libpod, we can add an
option there as well.
Note that this feature is marked as experimental and may change in the
future.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Add codespell to validate spelling mistakes in code.
|
| | |
| | |
| | |
| | |
| | |
| | | |
Fix all errors found by codespell
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/ /
| |
| |
| |
| |
| | |
As discussed in https://github.com/containers/libpod/issues/4840
Signed-off-by: Mark Stosberg <mark@rideamigos.com>
|
|/
|
|
|
|
|
|
|
|
| |
support a custom tag to add to each log for the container.
It is currently supported only by the journald backend.
Closes: https://github.com/containers/libpod/issues/3653
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
| |
Fixes #4477
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
| |
Signed-off-by: Dmitry Smirnov <onlyjob@member.fsf.org>
|
|\
| |
| | |
mount: add new options nocopyup|copyup for tmpfs
|
| |
| |
| |
| |
| |
| | |
add a way to disable tmpcopyup for tmpfs.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| |/
|/| |
Allow users to disable detach keys
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If user specifies --detach-keys="", this will disable the feature.
Adding define.DefaultDetachKeys to help screen to help identify detach keys.
Updated man pages with additonal information.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
change the default on cgroups v2 and create a new cgroup namespace.
When a cgroup namespace is used, processes inside the namespace are
only able to see cgroup paths relative to the cgroup namespace root
and not have full visibility on all the cgroups present on the
system.
The previous behaviour is maintained on a cgroups v1 host, where a
cgroup namespace is not created by default.
Closes: https://github.com/containers/libpod/issues/4363
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
* Refactored code and Makefile to support new docs layout
* Removed some old code packaging code
* Add Readme.md to document what we're doing
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: baude <bbaude@redhat.com>
|