| Commit message (Collapse) | Author | Age |
|\
| |
| | |
rootless: fix clone syscall on s390 and cris archs
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
from the clone man page:
On the cris and s390 architectures, the order of the first two
arguments is reversed:
long clone(void *child_stack, unsigned long flags,
int *ptid, int *ctid,
unsigned long newtls);
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1672714
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Support podman-remote kill container(s)
|
| | |
| | |
| | |
| | | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |_|/
|/| | |
exec: support --preserve-fds
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Allow to pass additional FDs to the process being executed.
Closes: https://github.com/containers/libpod/issues/2372
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
Change timestamp format for podman logs
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The Golang standard library implementation of RFC3339Nano will
trim trailing 0s from the nanoseconds portion of timestamps. This
is undesirable for lining everything up nicely during terminal
output. As the Golang developers have not seen fit to give us a
better way, use the one that was proposed on the issue tracker
but rejected.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Fix #2521
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
* Bad merge against podman stop, restored overwritten code
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Ensure that each log line is newline-terminated
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When we log time timestamps, don't print a new timestamp for each
input - instead, print one at the start of every line, and then
wait until we hit a newline to print a new timestamp.
This still doesn't exactly mirror the Docker behavior (they don't
print until they receive an entire line, while we print any time
the logs file is appended to - so you can see partial lines being
typed in our system). Also, timestamps are recorded as the start
of a line being typed, as opposed to when the enter key is
pressed (on Docker).
(Worth noting that, while characters are printed as they are
typed, logs does respect the backspace key - so you'll also see
them disappear as the person typing realizes they've made a
mistake and retypes their command).
This is the closest we can get to Docker without major surgery on
the Kubernetes log-printing library, so I'm content to call this
an adequate solution.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When writing logs with timestamps to the terminal, ensure that
each line is newline-terminated, so we don't end up with an
unreadable mess with timestamps interspersed with the actual
content being displayed.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| | |
* Clean up adapter code
* Add GetContainersByContext to Varlink API
* Add missing comments
* Restore save command
* Restore error type mapping when using varlink
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|/
|
|
|
|
|
| |
if any of the mapping tools for setting up the user namespace fail,
then include their output in the error message.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
When using a user namespace, we create the mount point under
`mountPrefix` so that the uid != 0 can access that directory.
Change the addFIPSModeSecret code to honor that, and also ensure we
are creating the directories with the right ownership.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
| |
Fixes #2459
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
|
|
|
|
| |
No reason to do it in util/ anymore. It's always going to be a
subdirectory of c/storage graph root by default, so we can just
set it after the return.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
|
|
|
|
| |
There are some cases where we might not be properly adjusting the
volume path after setting the storage graph root. Ensure that we
always set volume path to be a child of graph root.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
|
|
|
|
|
|
|
| |
if there is already a bind mount specified for the target, do not
create a new volume.
Regression introduced by 52df1fa7e054d577e8416d1d46db1741ad324d4a
Closes: https://github.com/containers/libpod/issues/2441
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
|
| |
enable the ability for the remote client to pause, unpause, and
restart pods.
Signed-off-by: baude <bbaude@redhat.com>
|
|\
| |
| | |
podman-remote create|ps
|
| |
| |
| |
| |
| |
| |
| | |
enable the podman-remote client to be able to create and list
pods on a remote system.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Fix up handling of user defined network namespaces
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If user specifies network namespace and the /etc/netns/XXX/resolv.conf
exists, we should use this rather then /etc/resolv.conf
Also fail cleaner if the user specifies an invalid Network Namespace.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is a workaround for the runc issue:
https://github.com/opencontainers/runc/issues/1247
If the source of a bind mount has any of nosuid, noexec or nodev, be
sure to propagate them to the bind mount so that when runc tries to
remount using MS_RDONLY, these options are also used.
Closes: https://github.com/containers/libpod/issues/2312
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | |/
| |/| |
Enable more podman-remote pod commands
|
| |/
| |
| |
| |
| |
| | |
enable pod start, stop, and kill subcommands for the remote-client.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
make remote-client error messaging more robust
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
the remote-client is currently weak for carrying error messages
over the varlink interface and displaying something useful to users
and developers for the purposes of debug. this is a starting point
to improve that user experience.
Signed-off-by: baude <bbaude@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| | |
when joining an existing namespace, we were not maintaining the
current working directory, causing commands like export -o to fail
when they weren't referring to absolute paths.
Closes: https://github.com/containers/libpod/issues/2381
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
|
|
|
|
| |
enable the remote client to be able to inspect a pod. also, bonus of
enabling the podman pod exists command which returns a 0 or 1 depending
on whether the given pod exists.
Signed-off-by: baude <bbaude@redhat.com>
|
|
|
|
|
|
|
| |
enable the ability to load an image into remote storage
using the remote client.
Signed-off-by: baude <bbaude@redhat.com>
|
|\
| |
| | |
enable podman-remote pod rm
|
| |
| |
| |
| |
| |
| | |
add the ability to delete a pod from the remote client.
Signed-off-by: baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
| |
Because the varlink server honors the socket activation protocol,
LISTEN_PID has to be adjusted with the new PID.
https://varlink.org/FAQ.html#how-does-socket-activation-work
Signed-off-by: Harald Hoyer <harald@redhat.com>
|
|
|
|
|
|
|
| |
Add the ability to save an image from the remote-host to the
remote-client.
Signed-off-by: baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also add some argument checks to the Varlink function to avoid
referencing nil pointers, and complement the API.md descriptions.
The varlink endpoint can be tested via varlink CLI:
$ varlink call -m unix:/run/podman/io.podman/io.podman.SearchImages \
'{"query": "ruby", "limit": 0, "tlsVerify": false, "filter": {}}'
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
|
| |
Use an `image.SearchFilter` instead of a `[]string` in the SearchImages
API.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
| |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
|
|
| |
Refactor the image-search logic from cmd/podman/search.go to
libpod/image/search.go and update podman-search and the Varlink API to
use it.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
| |
Add status for remote users and podman remote-client pull.
Signed-off-by: baude <bbaude@redhat.com>
|
|
|
|
|
|
| |
Drop context.Context field from cli.Context
Signed-off-by: Sebastian Jug <sejug@redhat.com>
|
|\
| |
| | |
Add registry name to fields returned by varlink image search
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cockpit team wants to list the registry name where the image was
found.
Also fix up SearchImages code to check if the user specified a registry
in his call to use that rather then all the registries, This matches
podman search command.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
| |
or attached.
Prior, a pod would have to be started immediately when created, leading to confusion about what a pod state should be immediately after creation. The problem was podman run --pod ... would error out if the infra container wasn't started (as it is a dependency). Fix this by allowing for recursive start, where each of the container's dependencies are started prior to the new container. This is only applied to the case where a new container is attached to a pod.
Also rework container_api Start, StartAndAttach, and Init functions, as there was some duplicated code, which made addressing the problem easier to fix.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\
| |
| | |
Add tlsVerify bool to SearchImage for varlink
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cockpit wants to be able to search images on systems without
tlsverify turned on.
tlsverify should be an optional parameter, if not set then we default
to the system defaults defined in /etc/containers/registries.conf.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
volume prune
|