| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Add filepath glob support to --security-opt unmask
|
| |
| |
| |
| |
| |
| |
| |
| | |
Want to allow users to specify --security-opt unmask=/proc/*.
This allows us to run podman within podman more securely, then
specifing umask=all, also gives the user more flexibilty.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
add --mac-address to podman play kube
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a new --mac-address flag to podman play kube. This is used to specify
a static MAC address which should be used for the pod. This option can be
specified several times because play kube can create more than one pod.
Fixes #9731
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Migrate the Podman code base over to `common/libimage` which replaces
`libpod/image` and a lot of glue code entirely.
Note that I tried to leave bread crumbs for changed tests.
Miscellaneous changes:
* Some errors yield different messages which required to alter some
tests.
* I fixed some pre-existing issues in the code. Others were marked as
`//TODO`s to prevent the PR from exploding.
* The `NamesHistory` of an image is returned as is from the storage.
Previously, we did some filtering which I think is undesirable.
Instead we should return the data as stored in the storage.
* Touched handlers use the ABI interfaces where possible.
* Local image resolution: previously Podman would match "foo" on
"myfoo". This behaviour has been changed and Podman will now
only match on repository boundaries such that "foo" would match
"my/foo" but not "myfoo". I consider the old behaviour to be a
bug, at the very least an exotic corner case.
* Futhermore, "foo:none" does *not* resolve to a local image "foo"
without tag anymore. It's a hill I am (almost) willing to die on.
* `image prune` prints the IDs of pruned images. Previously, in some
cases, the names were printed instead. The API clearly states ID,
so we should stick to it.
* Compat endpoint image removal with _force_ deletes the entire not
only the specified tag.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
| |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
Co-authored-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
Autoupdate Local
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
changed struct to policyMapper
change "image" to "registry" in multiple locations
Updated documentation with registry alias & autoupdate local
Added relevant test
Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
|
|\ \
| | |
| | | |
[NO TESTS NEEDED] Check if another VM is running on machine start
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Only one VM can be up at a time. If another VM is running, or the current VM is running, error out on a podman machine start
[NO TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When building Sphinx HTML docs, preprocess markdown files and convert
pandoc-style title lines into recommonmark eval_rst blocks
This gives command HTML pages the same title as the equivalent manpage
Fixes: containers/podman.io#385
Signed-off-by: Rob Cowsill <42620235+rcowsill@users.noreply.github.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Add more documentation on conmon
|
| |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Add podman run --timeout option
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This option allows users to specify the maximum amount of time to run
before conmon sends the kill signal to the container.
Fixes: https://github.com/containers/podman/issues/6412
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
| |
* Add missing backticks to mark the end
of the code block.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\
| |
| | |
Add '--group-add keep-groups': supplementary groups into container
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently we have rootless users who want to leak their groups access
into containers, but this group access is only able to be pushed in by
a hard to find OCI Runtime annotation. This PR makes this option a lot
more visable and hides the complexity within the podman client.
This option is only really needed for local rootless users. It makes
no sense for remote clients, and probably makes little sense for
rootfull containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Typo fix to usage text of --compress option
|
| |/
| |
| |
| |
| |
| | |
Correction of `--format-docker-dir` in to `--format=docker-dir`
Signed-off-by: Nick Piper <nick.piper@cgi.com>
|
|/
|
|
|
|
|
|
|
|
| |
Currently we have only podman images list --noheading.
This PR Adds this option to volumes, containers, pods, networks,
machines, and secrets.
Fixes: https://github.com/containers/podman/issues/10065
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
| |
* Fix the Markdown table layout bugs that manifest themselves in
corrupted tables in the generated HTML pages
http://docs.podman.io/en/latest/markdown/podman-create.1.html
http://docs.podman.io/en/latest/markdown/podman-run.1.html
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Introduce the concept of "intermediate UID" to explain
how --uidmap works when running rootless.
Add Markdown tables to show examples of how UIDs are mapped.
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|
|
|
|
|
|
| |
The `--verbose` option in the import man page was
missing a dash, this corrects it.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\
| |
| | |
Add flag "--pidfile" for podman create/run
|
| |
| |
| |
| | |
Signed-off-by: chenkang <kongchen28@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: chenkang <kongchen28@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: chenkang <kongchen28@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes a small typo on the introduction pages.
Fixes: #10042
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|/
|
|
|
|
|
|
|
|
| |
Add a new --ip flag to podman play kube. This is used to specify a
static IP address which should be used for the pod. This option can be
specified several times because play kube can create more than one pod.
Fixes #8442
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|
|
|
|
|
|
| |
The "U" option is accepted by `--volume` in `podman-build`,
but documentation is missing
Signed-off-by: Pablo Correa Gómez <ablocorrea@hotmail.com>
|
|
|
|
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/9405
Add system runlabel tests.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Add support for play/generate kube PersistentVolumeClaims and Podman volumes
|
| |
| |
| |
| | |
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
|
|\ \
| | |
| | | |
podman unshare: add --rootless-cni to join the ns
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a new --rootless-cni option to podman unshare to also join the
rootless-cni network namespace. This is useful if you want to connect
to a rootless container via IP address. This is only possible from the
rootless-cni namespace and not from the host namespace. This option also
helps to debug problems in the rootless-cni namespace.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
An apostrophe as the first character of the line is a formatting request
in troff, so the words "'Containerfile' or 'Dockerfile'" are not
visible when viewing 'man podman-build'.
Signed-off-by: Jonathan Wakely <jwakely@redhat.com>
|
|\ \
| |/
|/| |
Add --requires flag to podman run/create
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Podman has, for a long time, had an internal concept of
dependency management, used mainly to ensure that pod infra
containers are started before any other container in the pod. We
also have the ability to recursively start these dependencies,
which we use to ensure that `podman start` on a container in a
pod will not fail because the infra container is stopped. We have
not, however, exposed these via the command line until now.
Add a `--requires` flag to `podman run` and `podman create` to
allow users to manually specify dependency containers. These
containers must be running before the container will start. Also,
make recursive starting with `podman start` default so we can
start these containers and their dependencies easily.
Fixes #9250
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
[CI:DOCS] Add transport and destination info to manifest doc
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Initially I was missing transport information on podman manifest add.
Especially the `containers-storage` transport which references the
local image store. Had a use case where this came in quite handy and it
is not stated anywhere else in the docs. Suppose it does not make sense
for podman pull & push.
I've only added containers-storage and docker transports for
manifest add since I know those work. Maybe others work too.
I then also added the destination section to manifest push as it is done
in podman push & pull. I've added all transports here, but I don't know
if all are supported. Please review.
Signed-off-by: Alexander Wellbrock <a.wellbrock@mailbox.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We define in the man page that this overrides the default storage
options, but the code was appending to the existing options.
This PR also makes a change to allow users to specify --storage-opt="".
This will turn off all storage options.
https://github.com/containers/podman/issues/9852
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Adjust Markdown layout for --userns.
* Make the --userns sections identical for podman-run.1.md and podman-create.1.md
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Fix typos --uidmapping and --gidmapping in podman-run.1.md
* Add the corresponding sentence in podman-create.1.md
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When initing a VM, create two add connections - one to user, one to
root.
podman machine remove removes both connections as well.
[NO TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The --execute flag ended up serving no purpose. It was removed and
documentation was updated.
Fixed a panic when no VM name was provided.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] Fix unmount doc reference in image.rst
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
This pointed to the container-unmount doc page. It now points to the
expected podman-image-unmount doc page.
Signed-off-by: Alexander Wellbrock <a.wellbrock@mailbox.org>
|