| Commit message (Collapse) | Author | Age |
|
|
|
| |
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
|
|
|
|
|
|
|
| |
- Don't pointlessly repeat the names
- Improve documentation of the formats
- Use a table, per MANPAGE_SYNTAX.md
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
|\
| |
| | |
[CI:DOCS] Update doc to explictly mention using ed25519 in ssh keys
|
| |
| |
| |
| | |
Signed-off-by: Hongyi Shen <wilbeibi@gmail.com>
|
|\ \
| | |
| | | |
Fix possible rootless netns cleanup race
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
rootlessNetNS.Cleanup() has an issue with how it detects if cleanup
is needed, reading the container state is not good ebough because
containers are first stopped and than cleanup will be called. So at one
time two containers could wait for cleanup but the second one will fail
because the first one triggered already the cleanup thus making rootless
netns unavailable for the second container resulting in an teardown
error. Instead of checking the container state we need to check the
netns state.
Secondly, podman unshare --rootless-netns should not do the cleanup.
This causes more issues than it is worth fixing. Users also might want
to use this to setup the namespace in a special way. If unshare also
cleans this up right away we cannot do this.
[NO NEW TESTS NEEDED]
Fixes #12459
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| |/ /
|/| | |
podman, push: expose --compression-format
|
| |/
| |
| |
| |
| |
| | |
support overriding the compression format at push time.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
|
|
|
|
|
|
| |
Replace `multi-user.target` with `default.target` across the code base.
It seems like the multi-user one is not available for (rootless) users
on F35 anymore is causing issues in all kinds of ways, for instance,
enabling the podman.service or generated systemd units.
Fixes: #12438
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
| |
Helps Document https://github.com/containers/podman/issues/10116
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Support env variables based on ConfigMaps sent in payload
|
| |
| |
| |
| |
| |
| | |
Fixes #12363
Signed-off-by: Jakub Dzon <jdzon@redhat.com>
|
|\ \
| |/
|/| |
[CI:DOCS] Update basic_networking.md
|
| |
| |
| |
| |
| |
| | |
Correct a missing link in basic networking tutorial.
Signed-off-by: Mark Zhang <markzhang1994@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a new flag to set the start timeout for a generated systemd unit.
To make naming consistent, add a new --stop-timeout flag as well and let
the previous --time map to it.
Fixes: #11618
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Add note about volume with unprivileged container
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a note to the generated kube yaml if we detect a
volume is being mounted. The note lets the user know
what needs to be done to avoid permission denied error
when trying to access the volume for an unprivileged
container.
Add the same note to the man pages.
NO NEW TESTS NEEDED
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Add java TZ note to run manpage
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
Add a note to show how to workaround the `--tz` option
being ignored in the run command.
Related to: https://bugzilla.redhat.com/show_bug.cgi?id=1984251
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are at least two runtimes that support checkpoint and restore:
runc and crun. Although the checkpoints created by these are almost
compatible, it is not (yet) possible to restore a checkpoint created
with one runtime with the other runtime. To make checkpoint/restore
usage more comfortable this adds code to look into the checkpoint
archive during restore and to set the runtime to the one used during
checkpointing.
This also adds a check, if the user explicitly sets a runtime during
restore, that the runtime is also the same as used during checkpointing.
If a different runtime is selected than the one used during
checkpointing the restore will fail early.
If runc and crun will create compatible checkpoints in the future the
check can be changed to treat crun and runc as compatible
checkpoint/restore runtimes.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\
| |
| | |
[CI:DOCS] upload a translation file
|
| |
| |
| |
| |
| |
| | |
a tranlastion for the podman_tutorial.md
Signed-off-by: sixways <lw.2675@qq.com>
|
|\ \
| | |
| | | |
Do not store the exit command in container config
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
There is a problem with creating and storing the exit command when the
container was created. It only contains the options the container was
created with but NOT the options the container is started with. One
example would be a CNI network config. If I start a container once, then
change the cni config dir with `--cni-config-dir` ans start it a second
time it will start successfully. However the exit command still contains
the wrong `--cni-config-dir` because it was not updated.
To fix this we do not want to store the exit command at all. Instead we
create it every time the conmon process for the container is startet.
This guarantees us that the container cleanup process is startet with
the correct settings.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
volumes: add new option idmap
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
pass down the "idmap" mount option to the OCI runtime.
Needs: https://github.com/containers/crun/pull/780
Closes: https://github.com/containers/podman/issues/12154
[NO NEW TESTS NEEDED] there is no crun version yet that support the
new feature.
Test case (must run as root):
podman run --rm -v foo:/foo alpine touch /foo/bar
podman run --uidmap 0:1:1000 --rm -v foo:/foo:idmap alpine ls -l /foo
total 0
-rw-r--r-- 1 root root 0 Nov 15 14:01 bar
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | | |
CRIU supports checkpoint/restore of file locks. This feature is
required to checkpoint/restore containers running applications
such as MySQL.
Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Support `checkpoint --pre-checkpoint`
* Support `checkpoint --with-previous`
* Disable `restore --import-previous` for the remote client since we had
to send two files which in turn would require to tar them up and hence
be a breaking change. Podman 4.0 would be the chance and I hope we'll
find time before that to remote-restore prettier.
Note that I did not run over swagger yet to check whether all parameters
are actually documented due to time constraints.
Fixes: #12334
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Podman adds a few environment variables by default, and
currently there is no way to get rid of them from your container.
This option will allow you to specify which defaults you don't
want.
--unsetenv-all will remove all default environment variables.
Default environment variables can come from podman builtin,
containers.conf or from the container image.
Fixes: https://github.com/containers/podman/issues/11836
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Support template unit files in podman generate systemd
|
| |
| |
| |
| | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
This commit updates the man pages for checkpoint and restore to describe
the '--print-stats' parameter.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \
| | |
| | | |
--authfile command line argument for image sign command.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adds the --authfile command line argument to allow users to use
alternative authfile paths when signing images.
Replaces: https://github.com/containers/podman/pull/10975
Fixes: https://github.com/containers/podman/issues/10866
Signed-off-by: José Guilherme Vanz <jvanz@jvanz.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Podman Image SCP transfer patch
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixed syntax so that podman image scp transfer works with no user specified.
This command can only be executed as root so to obtain the default user, I searched for
the SUDO_USER environmental variable. If that is not found, we error out and inform the user
to set this variable and make sure they are running as root
Signed-off-by: cdoern <cdoern@redhat.com>
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] Fix Zsh completion command documentation
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: yahavi <yahavi@jfrog.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Add CI check for SEE ALSO in man pages
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add new CI check to confirm that links and references
in SEE ALSO sections are properly formatted and that
links are valid (at least in theory: we do no actual
URL fetching to test for 404).
The check is piggybacked into existing xref-helpmsgs-manpages
script. It could conceivably be more elegant to write a
separate tool for this purpose, but I don't wish to duplicate
the logic for finding and reading markdown files.
Script identified various problems, which I fix in this PR:
. missing '**' (asterisks) around some references, or '**'
in the wrong place.
. links pointing to github.com/.../tree/ instead of /blob/
(github redirects those automatically, but I like
consistency)
. a few copy-paste errors, e.g. subgid linking to subuid.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
podman load: support downloading files
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Support downloading files, for instance via
`podman load -i server.com/image.tar`. The specified URL is downloaded
in the frontend and stored as a temp file that gets passed down to the
backend.
Also vendor in c/common@main to use the new `pkg/download`.
Fixes: #11970
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/ / / /
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
system: Adds support for removing all named destination via `--all`
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Adds support of dropping all named destination from system connections via `--all`.
Closes: https://github.com/containers/podman/issues/12018
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
|\ \ \ \
| | |/ /
| |/| | |
Podman Image SCP rootful to rootless transfer
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Added functionality for users to transfer images from root storage to rootless storage without using sshd. This is
done through rootful podman by running `sudo podman image scp root@localhost::image user@localhost:: the user is needed
in order to find and use their uid/gid to exec a new process.
added necessary tests, and functions for this implementation. Created new image function Transfer so that
the underlying code is majorly removed from CLI
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A comment was made on internal mailing list about confusion on SELinux
labeling of volumes. This PR makes it a little more clear about when
you should or should not relabel.
We need a similar comment in podman pod create, but it does not support
--security-opt processing yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|