summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* Merge pull request #2543 from giuseppe/fix-rootless-s390x-crisOpenShift Merge Robot2019-03-06
|\ | | | | rootless: fix clone syscall on s390 and cris archs
| * rootless: fix clone syscall on s390 and cris archsGiuseppe Scrivano2019-03-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | from the clone man page: On the cris and s390 architectures, the order of the first two arguments is reversed: long clone(void *child_stack, unsigned long flags, int *ptid, int *ctid, unsigned long newtls); Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1672714 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #2519 from jwhonce/wip/remote_killOpenShift Merge Robot2019-03-05
|\ \ | | | | | | Support podman-remote kill container(s)
| * | Support podman-remote kill container(s)Jhon Honce2019-03-04
| | | | | | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #2426 from giuseppe/exec-preserve-fdsOpenShift Merge Robot2019-03-05
|\ \ \ | |_|/ |/| | exec: support --preserve-fds
| * | exec: support --preserve-fdsGiuseppe Scrivano2019-03-02
| | | | | | | | | | | | | | | | | | | | | | | | Allow to pass additional FDs to the process being executed. Closes: https://github.com/containers/libpod/issues/2372 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #2522 from mheon/fix_timestamp_format_logsOpenShift Merge Robot2019-03-04
|\ \ \ | | | | | | | | Change timestamp format for podman logs
| * | | Change timestamp format for podman logsMatthew Heon2019-03-04
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Golang standard library implementation of RFC3339Nano will trim trailing 0s from the nanoseconds portion of timestamps. This is undesirable for lining everything up nicely during terminal output. As the Golang developers have not seen fit to give us a better way, use the one that was proposed on the issue tracker but rejected. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #2523 from jwhonce/bug/2521OpenShift Merge Robot2019-03-04
|\ \ \ | | | | | | | | Fix #2521
| * | | Fix #2521Jhon Honce2019-03-04
| | |/ | |/| | | | | | | | | | | | | * Bad merge against podman stop, restored overwritten code Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #2513 from mheon/log_timestamps_newlineOpenShift Merge Robot2019-03-04
|\ \ \ | |/ / |/| | Ensure that each log line is newline-terminated
| * | Add additional defense against 0-length log segfaultsMatthew Heon2019-03-03
| | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | When logging with timestamps, append only until newlineMatthew Heon2019-03-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we log time timestamps, don't print a new timestamp for each input - instead, print one at the start of every line, and then wait until we hit a newline to print a new timestamp. This still doesn't exactly mirror the Docker behavior (they don't print until they receive an entire line, while we print any time the logs file is appended to - so you can see partial lines being typed in our system). Also, timestamps are recorded as the start of a line being typed, as opposed to when the enter key is pressed (on Docker). (Worth noting that, while characters are printed as they are typed, logs does respect the backspace key - so you'll also see them disappear as the person typing realizes they've made a mistake and retypes their command). This is the closest we can get to Docker without major surgery on the Kubernetes log-printing library, so I'm content to call this an adequate solution. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | Ensure that each log line is newline-terminatedMatthew Heon2019-03-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | When writing logs with timestamps to the terminal, ensure that each line is newline-terminated, so we don't end up with an unreadable mess with timestamps interspersed with the actual content being displayed. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Support podman-remote stop container(s)Jhon Honce2019-03-02
| |/ |/| | | | | | | | | | | | | | | | | * Clean up adapter code * Add GetContainersByContext to Varlink API * Add missing comments * Restore save command * Restore error type mapping when using varlink Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | rootless, new[ug]idmap: on failure add outputGiuseppe Scrivano2019-02-28
|/ | | | | | | if any of the mapping tools for setting up the user namespace fail, then include their output in the error message. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* secrets: fix fips-mode with user namespacesGiuseppe Scrivano2019-02-27
| | | | | | | | | | When using a user namespace, we create the mount point under `mountPrefix` so that the uid != 0 can access that directory. Change the addFIPSModeSecret code to honor that, and also ensure we are creating the directories with the right ownership. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Fix build for non-Varlink-tagged PodmanMatthew Heon2019-02-27
| | | | | | Fixes #2459 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Centralize setting default volume pathMatthew Heon2019-02-26
| | | | | | | | No reason to do it in util/ anymore. It's always going to be a subdirectory of c/storage graph root by default, so we can just set it after the return. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Ensure volume path is set appropriately by defaultMatthew Heon2019-02-26
| | | | | | | | There are some cases where we might not be properly adjusting the volume path after setting the storage graph root. Ensure that we always set volume path to be a child of graph root. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* volume: do not create a volume if there is a bindGiuseppe Scrivano2019-02-26
| | | | | | | | | | | if there is already a bind mount specified for the target, do not create a new volume. Regression introduced by 52df1fa7e054d577e8416d1d46db1741ad324d4a Closes: https://github.com/containers/libpod/issues/2441 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* podman-remote pod pause|unpause|restartbaude2019-02-25
| | | | | | | enable the ability for the remote client to pause, unpause, and restart pods. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #2422 from baude/remotepodcreateOpenShift Merge Robot2019-02-25
|\ | | | | podman-remote create|ps
| * podman-remote create|psbaude2019-02-25
| | | | | | | | | | | | | | enable the podman-remote client to be able to create and list pods on a remote system. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #2358 from rhatdan/namespaceOpenShift Merge Robot2019-02-25
|\ \ | | | | | | Fix up handling of user defined network namespaces
| * | Fix up handling of user defined network namespacesDaniel J Walsh2019-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | If user specifies network namespace and the /etc/netns/XXX/resolv.conf exists, we should use this rather then /etc/resolv.conf Also fail cleaner if the user specifies an invalid Network Namespace. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | podman: fix ro bind mounts if no* opts are on the sourceGiuseppe Scrivano2019-02-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a workaround for the runc issue: https://github.com/opencontainers/runc/issues/1247 If the source of a bind mount has any of nosuid, noexec or nodev, be sure to propagate them to the bind mount so that when runc tries to remount using MS_RDONLY, these options are also used. Closes: https://github.com/containers/libpod/issues/2312 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #2413 from baude/remotepodstopOpenShift Merge Robot2019-02-24
|\ \ \ | | |/ | |/| Enable more podman-remote pod commands
| * | Enable more podman-remote pod commandsbaude2019-02-22
| |/ | | | | | | | | | | enable pod start, stop, and kill subcommands for the remote-client. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #2404 from baude/remoteerrorsOpenShift Merge Robot2019-02-23
|\ \ | | | | | | make remote-client error messaging more robust
| * | make remote-client error messaging more robustbaude2019-02-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | the remote-client is currently weak for carrying error messages over the varlink interface and displaying something useful to users and developers for the purposes of debug. this is a starting point to improve that user experience. Signed-off-by: baude <bbaude@redhat.com>
* | | rootless: force same cwd when re-execingGiuseppe Scrivano2019-02-22
| |/ |/| | | | | | | | | | | | | | | | | when joining an existing namespace, we were not maintaining the current working directory, causing commands like export -o to fail when they weren't referring to absolute paths. Closes: https://github.com/containers/libpod/issues/2381 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | podman-remote pod inspect|existsbaude2019-02-22
|/ | | | | | | | enable the remote client to be able to inspect a pod. also, bonus of enabling the podman pod exists command which returns a 0 or 1 depending on whether the given pod exists. Signed-off-by: baude <bbaude@redhat.com>
* podman-remote load imagebaude2019-02-21
| | | | | | | enable the ability to load an image into remote storage using the remote client. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #2387 from baude/remotepodrmOpenShift Merge Robot2019-02-21
|\ | | | | enable podman-remote pod rm
| * enable podman-remote pod rmbaude2019-02-21
| | | | | | | | | | | | add the ability to delete a pod from the remote client. Signed-off-by: baude <bbaude@redhat.com>
* | Adjust LISTEN_PID for reexec in varlink modeHarald Hoyer2019-02-21
|/ | | | | | | | Because the varlink server honors the socket activation protocol, LISTEN_PID has to be adjusted with the new PID. https://varlink.org/FAQ.html#how-does-socket-activation-work Signed-off-by: Harald Hoyer <harald@redhat.com>
* podman-remote save [image]baude2019-02-20
| | | | | | | Add the ability to save an image from the remote-host to the remote-client. Signed-off-by: baude <bbaude@redhat.com>
* iopodman.SearchImages: add ImageSearchFilter to Varlink APIValentin Rothberg2019-02-20
| | | | | | | | | | | | Also add some argument checks to the Varlink function to avoid referencing nil pointers, and complement the API.md descriptions. The varlink endpoint can be tested via varlink CLI: $ varlink call -m unix:/run/podman/io.podman/io.podman.SearchImages \ '{"query": "ruby", "limit": 0, "tlsVerify": false, "filter": {}}' Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* image.SearchImages: use SearchFilter typeValentin Rothberg2019-02-20
| | | | | | | Use an `image.SearchFilter` instead of a `[]string` in the SearchImages API. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* SearchImages: extend API with filter parameterValentin Rothberg2019-02-20
| | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* podman-search: refactor code to libpod/image/search.goValentin Rothberg2019-02-20
| | | | | | | | Refactor the image-search logic from cmd/podman/search.go to libpod/image/search.go and update podman-search and the Varlink API to use it. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* podman-remote pullbaude2019-02-19
| | | | | | Add status for remote users and podman remote-client pull. Signed-off-by: baude <bbaude@redhat.com>
* OpenTracing support added to start, stop, run, create, pull, and psSebastian Jug2019-02-18
| | | | | | Drop context.Context field from cli.Context Signed-off-by: Sebastian Jug <sejug@redhat.com>
* Merge pull request #2354 from rhatdan/varlinkOpenShift Merge Robot2019-02-18
|\ | | | | Add registry name to fields returned by varlink image search
| * Add registry name to fields returned by varlink image searchDaniel J Walsh2019-02-15
| | | | | | | | | | | | | | | | | | | | | | Cockpit team wants to list the registry name where the image was found. Also fix up SearchImages code to check if the user specified a registry in his call to use that rather then all the registries, This matches podman search command. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | pod infra container is started before a container in a pod is run, started, ↵Peter Hunt2019-02-15
|/ | | | | | | | | | or attached. Prior, a pod would have to be started immediately when created, leading to confusion about what a pod state should be immediately after creation. The problem was podman run --pod ... would error out if the infra container wasn't started (as it is a dependency). Fix this by allowing for recursive start, where each of the container's dependencies are started prior to the new container. This is only applied to the case where a new container is attached to a pod. Also rework container_api Start, StartAndAttach, and Init functions, as there was some duplicated code, which made addressing the problem easier to fix. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* Merge pull request #2305 from rhatdan/tlsverifyOpenShift Merge Robot2019-02-15
|\ | | | | Add tlsVerify bool to SearchImage for varlink
| * Add tlsVerify bool to SearchImage for varlinkDaniel J Walsh2019-02-14
| | | | | | | | | | | | | | | | | | | | Cockpit wants to be able to search images on systems without tlsverify turned on. tlsverify should be an optional parameter, if not set then we default to the system defaults defined in /etc/containers/registries.conf. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2332 from baude/remotevolumepruneOpenShift Merge Robot2019-02-14
|\ \ | | | | | | volume prune