| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
| |
We weren't actually halting the goroutine that sent events, so it
would continue sending even when the channel closed (the most
notable cause being early hangup - e.g. Control-c on a curl
session). Use a context to cancel the events goroutine and stop
sending events.
Fixes #6805
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\
| |
| | |
container: move volume chown after spec generation
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
move the chown for newly created volumes after the spec generation so
the correct UID/GID are known.
Closes: https://github.com/containers/libpod/issues/5698
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
This change ensures that we only override a container's entrypoint if it
is set to something other than `nil`.
Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
|
|\ \
| | |
| | | |
Allow empty host port in --publish flag
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I didn't believe that this was actually legal, but it looks like
it is. And, unlike our previous understanding (host port being
empty means just use container port), empty host port actually
carries the same meaning as `--expose` + `--publish-all` (that
is, assign a random host port to the given container port). This
requires a significant rework of our port handling code to handle
this new case. I don't foresee this being commonly used, so I
optimized having a fixed port number as fast path, which this
random assignment code running after the main port handling code
only if necessary.
Fixes #6806
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Windows terminal handling is different than darwin and linux. It needs to have the terminal mode set to enable virtual terminal processing. This allows colors and other things to work.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix error handling problem in APIv2 network remove
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
instead of nil
Signed-off-by: Maximilian Müller <maxm123@techie.com>
|
|\ \ \
| | | |
| | | | |
generate systemd: improve pod-flags filter
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When generating systemd unit for pods, we need to remove certain
pod-related flags from the containers' create commands. Make sure
to account for all the syntax including a single argument with key and
value being split by `=`.
Fixes: #6766
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We need a umask of 0022 to ensure containers are created
correctly, but we set a different one prior to starting the
server (to ensure the unix socket has the right permissions).
Thus, we need to set the umask after the socket has been bound,
but before the server begins accepting requests.
Fixes #6787
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also make sure that the limits we set for rootless are not higher than
what we'd set for root containers.
Rootless containers failed to start when the calling user already
had ulimit (e.g. on NOFILE) set.
This is basically a cherry-pick of 76f8efc0d0d into specgen
Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
|
|\ \
| | |
| | | |
Add support for dangling filter to volumes
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The dangling filter determine whether a volume is dangling - IE,
it has no containers attached using it. Unlike our other filters,
this one is a boolean - must be true or false, not arbitrary
values.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Print port mappings in `ps` for ctrs sharing network
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In Podman v1.9, we printed port mappings for the container, even
if it shared its network namespace (and thus ports) with another
container. We regressed on this in Podman v2.0, which is fixed
here.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/
|/|
| |
| |
| |
| |
| |
| | |
Allow manual restarts of container units that are part of a pod.
This allows for configuring these containers for auto updates.
Fixes: #6770
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| |/
|/| |
Set syslog for exit commands on log-level=debug
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We have a flag, --syslog, for telling logrus to log to syslog as
well as to the terminal. Previously, this flag also set the exit
command for containers to use `--syslog` (otherwise all output
from exit commands is lost). I attempted to replicate this with
Podman v2.0, but quickly ran into circular import hell (the flag
is defined in cmd/podman, I needed it in cmd/podman/containers,
cmd/podman imports cmd/podman/containers already, etc). Instead,
let's just set the syslog flag automatically on
`--log-level=debug` so we log exit commands automatically when
debug-level logs are requested. This is consistent with Conmon
and seems to make sense.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|/
|
|
|
|
|
|
|
|
| |
this is a leftover from the first implementation of rootless. This
code is never hit by podman rootless anymore as podman automatically
creates a user namespace now.
Fixes an issue with podman remote when used with uid != 0.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
APIv2: Return `StatusCreated` from volume creation
|
| |
| |
| |
| |
| |
| |
| |
| | |
The swagdoc in `register_volumes.go` already correctly notes that a 201
should be returned upon success, so we only need to change the handler
to match the spec.
Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
|
|\ \
| | |
| | | |
APIv2:fix: Remove `/json` from compat network EPs
|
| |/
| |
| |
| | |
Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
|
|\ \
| | |
| | | |
Fix ssh-agent support
|
| |/
| |
| |
| |
| |
| |
| | |
* An identity of "" implies ssh-agent and user/password to be used
* Fixed example
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|/
|
|
| |
Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
|
|\
| |
| | |
Add JSON output field for ps
|
| |
| |
| |
| |
| |
| | |
the toolbox team needs a field in our ps json that represents a human readable time.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
|
| |
* Implement command
* Refactor podman-remote to pull from containers.conf by default
* podman-remote defaults to --remote being true
* Write podman-system-connection.1.md
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\
| |
| | |
libpod/containers/json: alias last -> limit
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Support both `last` and `limit` for in the containers listing endpoint.
We intended to use `limit` which is also mentioned in the docs, but the
implementation ended up using `last` as the http parameter; likely being
caused by the CLI using `--last`. To avoid any regression, we decided
for supporting both and aliasing `last`.
Fixes: #6413
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Add --preservefds to podman run
|
| | |
| | |
| | |
| | |
| | |
| | | |
Add --preservefds to podman run. close https://github.com/containers/libpod/issues/6458
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The `--privileged` flag does not conflict with `--group-add`
(this one was breaking Toolbox) and does not conflict with most
parts of `--security-opt` (this was breaking Openstack).
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/
|/|
| |
| |
| |
| |
| | |
Improve the error message for rootless mode.
Git-Url: https://github.com/containers/libpod/issues/6572
Signed-off-by: Douglas Schilling Landgraf <dougsland@redhat.com>
|
|\ \
| | |
| | | |
search: allow wildcards
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow wildcards in the search term. Note that not all registries
support wildcards and it may only work with v1 registries.
Note that searching implies figuring out if the specified search term
includes a registry. If there's not registry detected, the search term
will be used against all configured "unqualified-serach-registries" in
the registries.conf. The parsing logic considers a registry to be the
substring before the first slash `/`.
With these changes we now not only support wildcards but arbitrary
input; ultimately it's up to the registries to decide whether they
support given input or not.
Fixes: bugzilla.redhat.com/show_bug.cgi?id=1846629
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
correct the absolute path of `rm` executable
|
| |/
| |
| |
| | |
Signed-off-by: Yuan-Hao Chen <yhchen0906@gmail.com>
|
|/
|
|
|
|
| |
* Move check for requesting output into case statement
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of APIv2 Attach, we need to be able to attach to freshly
created containers (in ContainerStateConfigured). This isn't
something Libpod is interested in supporting, so we use Init() to
get the container into ContainerStateCreated, in which attach is
possible. Problem: Init() will fail if dependencies are not
started, so a fresh container in a fresh pod will fail. The
simplest solution is to extend the existing recursive start code
from Start() to Init(), allowing dependency containers to be
started when we initialize the container (optionally, controlled
via bool).
Also, update some comments in container_api.go to make it more
clear how some of our major API calls work.
Fixes #6646
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\
| |
| | |
Don't ignore --user flag in rootless --userns keepid
|
| |
| |
| |
| |
| |
| |
| |
| | |
Currently podman run --userns keep-id --user root:root fedora id
The --user flag is ignored. Removing this makes the code work correctly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Move logs functionality to separate file for APIv2
|
| |
| |
| |
| |
| |
| |
| |
| | |
This simply moves the function for the log handler for
APIv2 to a separate file to be consistent with other parts
of the code base.
Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
|
|\ \
| | |
| | | |
fix misc remote build issues
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
address problem when multiple -t were sent. and rework remote build's tarball if a context dir is given other than ".".
Fixes: #6578
Fixes: #6577
Signed-off-by: Brent Baude <bbaude@redhat.com>
|