| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This addresses:
Symlinks don't work on podman machine on macOS Monterey when using volumes feature #13784
This change does NOT exactly fix the bug, but it does allow the user to
work around it via 'podman init' option, e.g.:
podman machine init -v "$HOME/git:$HOME/git:ro:security_model=none"
If the default security model were to be changed to 'none', then that
would fix the bug, at the possible cost of breaking any use cases that
depend on 'mapped-xattr'.
The documentation of the purpose and behavior of the different security
models seems to be rather light:
https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly
From testing, it appears that the mapped-xattr security model intends to
manage symlinks such that the guest can see the symlinks but the host
only sees regular files (with extended attributes). As far as I can
tell, this behavior only makes sense when the guest is the only thing
that ever needs to create and read symlinks. Otherwise, symlinks created
on the host are unusable on the guest, and vice versa.
As per the original commit: 8e7eeaa4dd14621bda15e396fcd7b9187bc500c5
[NO NEW TESTS NEEDED]
Also document existing ro and rw options.
Also remove misleading statement about /mnt. By my observation, this
line is incorrect. If the intended meaning is different, then I don't
understand.
The default volume is mounted read/write and is not within /mnt.
[core@localhost ~]$ mount | grep 9p
vol0 on /Users/chickey type 9p (rw,relatime,sync,dirsync,access=client,trans=virtio)
Signed-off-by: Corey Hickey <chickey@tagged.com>
|
|\
| |
| | |
podman-play-kube template: rename to podman-kube
|
| |
| |
| |
| |
| |
| | |
Mention the template in the docs for play-kube and generate-systemd.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| |/
|/| |
podman volume create --opt=o=timeout...
|
| |
| |
| |
| |
| |
| |
| | |
add an option to configure the driver timeout when creating a volume.
The default is 5 seconds but this value is too small for some custom drivers.
Signed-off-by: cdoern <cdoern@redhat.com>
|
|\ \
| | |
| | | |
Only allow Rootless runs of Podman Machine
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Podman Machine crashes if run as root. When creating the machine, we write the ignition so that the UID of the core user matches the UID of the user on the host. We by default, create the root user on the machine with UID 0. If the user on the host is root, the core UID and the Root UID collide, causing a the VM not to boot.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \
| | | |
| | | | |
volume: add two new options copy and nocopy
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add two new options to the volume create command: copy and nocopy.
When nocopy is specified, the files from the container image are not
copied up to the volume.
Closes: https://github.com/containers/podman/issues/14722
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Libpod requires that all volumes are stored in the libpod db. Because
volume plugins can be created outside of podman, it will not show all
available plugins. This podman volume reload command allows users to
sync the libpod db with their external volume plugins. All new volumes
from the plugin are also created in the libpod db and when a volume from
the db no longer exists it will be removed if possible.
There are some problems:
- naming conflicts, in this case we only use the first volume we found.
This is not deterministic.
- race conditions, we have no control over the volume plugins. It is
possible that the volumes changed while we run this command.
Fixes #14207
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Replace "setup", "lookup", "cleanup", "backup" with
"set up", "look up", "clean up", "back up"
when used as verbs. Replace also variations of those.
* Improve language in a few places.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \
| | |
| | | |
allow filter networks by dangling status
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add the ability to filter networks by their dangling status via:
`network ls --filter dangling=true/false`
Fixes: #14595
Signed-off-by: Carlo Lobrano <c.lobrano@gmail.com>
|
|\ \ \
| | | |
| | | | |
podman pod create --shm-size
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
expose the --shm-size flag to podman pod create and add proper handling and inheritance
for the option.
resolves #14609
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
podman system prune support prune unused networks
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is an enhancement for the podman system prune feature.
In this issue, it is mentioned that 'network prune' should be
wired into 'podman system prune'
https://github.com/containers/podman/issues/8673
Therefore, I add the function to remove unused networks.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Add docs about trailing * functionality in podman-exec.1.md
* Rewrite --env description in podman-create.1.md and podman-run.1.md
* Rewrite the --env examples in podman-create.1.md and podman-run.1.md
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
implement podman pod clone
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
implement podman pod clone, a command to create an exact copy of a pod while changing
certain config elements
current supported flags are:
--name change the pod name
--destroy remove the original pod
--start run the new pod on creation
and all infra-container related flags from podman pod create (namespaces etc)
resolves #12843
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | | |
The manpage for `podman system service` should mention that this
is not safe for external consumption unless you are comfortable
giving anyone who accesses it full root on the system.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| |_|/
|/| | |
podman-remote push --remove-signatures support
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I don't see a reason why we don't support --remove-signatures
from remote push, so adding support.
Fixes: https://github.com/containers/podman/issues/14558
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a new `--overwrite` flag to `podman cp` to allow for overwriting in
case existing users depend on the behavior; they will have a workaround.
By default, the flag is turned off to be compatible with Docker and to
have a more sane behavior.
Fixes: #14420
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| | |
Note that the bud-logfile-with-split-logfile-by-platform test is skipped
on the remote client (see #14544).
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| |/
|/| |
[CI:DOCS] Mount propagation works with named volumes
|
| |
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/13939
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
flouthoc/support-additional-build-context-on-remote
remote: enable support for additional `--build-context` on macOS and remote
|
| | |
| | |
| | |
| | | |
Signed-off-by: Aditya R <arajan@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Feature of additional build context added here https://github.com/containers/buildah/pull/3978
already exists on `podman` following PR just enables this feature of
`podman-remote` and `podman on macOS` setups.
Signed-off-by: Aditya R <arajan@redhat.com>
|
|\ \ \
| | | |
| | | | |
Align docker load and podman load output
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In podman run --help, the message said megabyte, gigabyte, etc. In reality podman takes mebibytes, gibibytes, etc.
[CI:DOCS]
Signed-off-by: Karthik Elango <kelango@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Document protocol usage for --publish
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
This also unifies the documentation of `--publish` for `podman create`, `podman run`, and `podman pod create`.
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
|
|\ \ \ \
| |/ / /
|/| | | |
podman machine ssh: set correct exit code
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Forward the ssh exit code to the podman caller. This is useful for
scripts. Use the same logic as podman unshare.
Fixes #14401
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
When the volume does not exist we should output an error stating so and
not some generic one.
Fixes #14411
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
| |
| |
| |
| |
| | |
Bump buildah to v1.26.1-0.20220524184833-5500333c2e06
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Most of these are no longer relevant, just drop the comments.
Most notable change: allow `podman kill` on paused containers.
Works just fine when I test it.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \
| | |
| | | |
Allow podman pod create --share +pid
|
| |/
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/13422
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
I am constantly attempting to add the podname to the last
argument to podman pod create. Allowing this makes it match
podman volume create and podman network create.
It does not match podman container create, since podman container create
arguments specify the arguments to run with the container.
Still need to support the --name option for backwards compatibility.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
| |
Signed-off-by: Cosmin Tupangiu <cosmin@redhat.com>
|
|
|
|
| |
Signed-off-by: Cosmin Tupangiu <cosmin@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
The init binary until now has been bind-mounted to /dev/init which
breaks when bind-mounting to /dev. Instead mount the init to
/run/podman-init. The reasoning for using /run is that it is already
used for other runtime data such as secrets.
Fixes: #14251
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
|
|
|
|
| |
As part of work done in #14046, fix bugs found in man pages,
basically just moving a few descriptions to the right place
and removing some undesired asterisks.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|
|
|
|
|
|
|
| |
add support to override the user namespace to use for the pod.
Closes: https://github.com/containers/podman/issues/7504
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Disable `build --output` for remote clients and update docs.
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|