| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
add missing implementation for userns=keep-id and enable the user
namespaces tests.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
|
| |
and handle differently the user namespace as it supports additional
options.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Namespaces have now been changed to properly handle all cases.
Spec handling code for namespaces was consolidated in a single
function.
Still missing:
- Image ports
- Pod namespaces likely still broken in Podmanv2
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Enable running podman V2 rootless
* Fixed cobra.PersistentPreRunE usage in all the commands
* Leveraged cobra.PersistentPreRunE/cobra.PersistentPostRunE to manage:
* rootless
* trace (--trace)
* profiling (--cpu-profile)
* initializing the registry copies of Image/Container engines
* Help and Usage templates autoset for all sub-commands
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
|
|
| |
use libpod only in the specgen/generate package so that the remote clients do not inherit libpod bloat.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
| |
create a container in podmanv2 using specgen approach. this is the core implementation and still has quite a bit of code commented out specifically around volumes, devices, and namespaces. need contributions from smes on these parts.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
during container creation, if no network is provided, we need to add a default value so the container can be later started.
use apiv2 container creation for RunTopContainer instead of an exec to the system podman. RunTopContainer now also returns the container id and an error.
added a libpod commit endpoint.
also, changed the use of the connections and bindings slightly to make it more convenient to write tests.
Fixes: 5366
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch allows users to specify the list of capabilities required
to run their container image.
Setting a image/container label "io.containers.capabilities=setuid,setgid"
tells podman that the contained image should work fine with just these two
capabilties, instead of running with the default capabilities, podman will
launch the container with just these capabilties.
If the user or image specified capabilities that are not in the default set,
the container will print an error message and will continue to run with the
default capabilities.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
| |
Previously --uts=container: expected the full container ID.
Closes: https://github.com/containers/libpod/issues/5289
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
this uses the specgen structure to create containers rather than the outdated createconfig. right now, only the apiv2 create is wired up. eventually the cli will also have to be done.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|