| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Add support for --userns=nomap
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
From a security point of view, it would be nice to be able to map a
rootless usernamespace that does not use your own UID within the
container.
This would add protection against a hostile process escapping the
container and reading content in your homedir.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Switch all rootful to rootfull
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
We are inconsistent on the name, we should stick with rootfull.
[NO NEW TESTS NEEDED] Existing tests should handle this and no tests for
machines exists yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Run codespell on code
|
| |/
| |
| |
| |
| |
| | |
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
podman container clone -f
|
| |
| |
| |
| |
| |
| |
| |
| | |
add the option -f to force remove the parent container if --destory is specified
resolves #13917
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
|\ \
| | |
| | | |
Add support for checkpoint image
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is an enhancement proposal for the checkpoint / restore feature of
Podman that enables container migration across multiple systems with
standard image distribution infrastructure.
A new option `--create-image <image>` has been added to the
`podman container checkpoint` command. This option tells Podman to
create a container image. This is a standard image with a single layer,
tar archive, that that contains all checkpoint files. This is similar to
the current approach with checkpoint `--export`/`--import`.
This image can be pushed to a container registry and pulled on a
different system. It can also be exported locally with `podman image
save` and inspected with `podman inspect`. Inspecting the image would
display additional information about the host and the versions of
Podman, criu, crun/runc, kernel, etc.
`podman container restore` has also been extended to support image
name or ID as input.
Suggested-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
|
|/
|
|
|
|
|
| |
Document the *missing* pull policy in `podman build`.
Fixes: #13864
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We already have ipv6 enabled as default via the containers.conf setting.
However the documentation did not reflect this. Also if no options were
set in contianers.conf it would have ipv6 disabled.
We can now remove the extra option from containers.conf.
Also fix another outdated option description for host.containers.internal
and add that the options can also be set in contianers.conf.
[NO NEW TESTS NEEDED]
Fixes #13914
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| | |
Add missing events to podman-events man page
|
| |
| |
| |
| |
| |
| | |
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
[CI:DOCS] Fix selinux docs for kubernetes yaml
|
| |
| |
| |
| | |
Signed-off-by: Federico Rizzo <fulminemizzega@users.noreply.github.com>
|
| |
| |
| |
| | |
Signed-off-by: Federico Rizzo <fulminemizzega@users.noreply.github.com>
|
|\ \
| | |
| | | |
Add --quiet to machine ls
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The podman machine ls command would benefit from a --quiet flag which
would only print the machine names without the extra information. It
also implies --noheader as well. This can be helpful for scripting with
the podman cli.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
Add support for ipc namespace modes "none, private, sharable"
|
| |
| |
| |
| |
| |
| | |
Fixes: #13265
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Mount $HOME:$HOME by default in podman machine init
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
containers.conf now has a default volumes field for podman machine.
this pr inserts those values as the default volumes in init.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix Memory Swappiness passing in Container Clone
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
`DefineCreateFlags` was excluding clone from using the memory-swappiness flag leading the value to be zero
when our deafult is -1. Rearrange the if/else to give clone these memory related options
resolves #13856
Signed-off-by: cdoern <cdoern@redhat.com>
|
|\ \ \
| |_|/
|/| | |
run, create: add --passwd-entry
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It allows to customize the entry that is written to the `/etc/passwd`
file when --passwd is used.
Closes: https://github.com/containers/podman/issues/13185
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Revert "images --size"
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit e133a06d2f4a3e94bfbd60b647046f2f515c9c24.
@nalind found a proper fix in c/storage [1] to address the performance
issue. So we really don't need the flag anymore. Note the flag has
never made it into any release.
[1] https://github.com/containers/storage/commit/d76b3606fc9ca975bf436379f91105f0fac1555f
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
chuanchang/fix_typo_in_podman_container_clone_docs
[CI:DOCS] fix typo in podman-container-clone.1.md
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
|
|\ \ \
| |/ /
|/| | |
Introduce machine inspect
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow users to inspect their podman virtual machines. This will be
helpful for debug and development alike, because more details about the
machine can be collected.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
| |
Fixes: #13337
I added newline only on options IE Begin with "-"
[NO NEW TESTS NEEDED]
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
[CI:DOCS] Rewrite rootless --userns=auto docs
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Remove the statement that rootless --userns=auto does not work.
* Mention that --userns=keep-id consumes all subuids and subgids.
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|/
|
|
|
|
|
|
|
| |
Add a new flag to set the ipam-driver. Also adds a new ipam driver none
mode which only creates interfaces but does not assign addresses.
Fixes #13521
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| | |
Vendor in new opencontainers/selinux
|
| |
| |
| |
| |
| |
| |
| |
| | |
Also update vendor of containers/common,buildah,storage,image
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2069586
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
| |
Add a --size option to podman images to allow for disabling computing
the size of listed images. If listing images is critical to
performance, user may chose to turn off size computation to speed things
up.
Context: #13755
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
| |
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
|
|
|
|
| |
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Krzysztof Baran <krysbaran@gmail.com>
Signed-off-by: gcalin <caling@protonmail.com>
|
|
|
|
|
|
|
| |
This commit adjusts example sections across several man pages
to the format seen in other pages.
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
|
|\
| |
| | |
[CI:DOCS] clarifying "loginctl enable-linger" section in doc
|
| |
| |
| |
| | |
Signed-off-by: Adam Maryniuk <adamaze@gmail.com>
|
|\ \
| | |
| | | |
[CI:DOCS]: Update docs for image filters
|
| | |
| | |
| | |
| | |
| | |
| | | |
[NO NEW TESTS NEEDED]
Signed-off-by: rvandernoort <s.r.vandernoort@student.tudelft.nl>
|
| | |
| | |
| | |
| | |
| | |
| | | |
it was released more than two years ago.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
When running systemd in a container set container_uuid
|