| Commit message (Collapse) | Author | Age |
|\
| |
| | |
generate systemd: add network dependencies
|
| |
| |
| |
| |
| |
| |
| |
| | |
Add network dependencies to generated systemd services to allow for
enabling them at system startup and have a working network if needed.
Fixes: #4130
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
env: set "container" to current binary
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Leave setting the "container" variable to consumers of pkg/env.
Podman is now hard-setting it to "podman" while "libpod" will
set it internally to "libpod" if it's unset.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
avoid adding to nil map
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
we need to make the environment map to avoid throwing an error when trying to add an environment value from file.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Add the rmi flag to podman-run to delete container image
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The --rmi flag will delete the container image after its execution
unless that image is already been used by another container(s).
This is useful when one wants to execute a container once and remove
any resources attached to it.
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
|\ \ \
| |_|/
|/| | |
Allow devs to set labels in container images for default capabilities.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch allows users to specify the list of capabilities required
to run their container image.
Setting a image/container label "io.containers.capabilities=setuid,setgid"
tells podman that the contained image should work fine with just these two
capabilties, instead of running with the default capabilities, podman will
launch the container with just these capabilties.
If the user or image specified capabilities that are not in the default set,
the container will print an error message and will continue to run with the
default capabilities.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| | |
Env-variable related code is scattered across several packages making it
hard to maintain and extend. Consolidate the code into a new pkg/env
package.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| |/
|/| |
more swagger fixes
|
| |
| |
| |
| | |
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| |/
|/| |
rework apiv2 wait endpoint|binding
|
| |
| |
| |
| |
| |
| |
| |
| | |
added the ability to wait on a condition (stopped, running, paused...) for a container. if a condition is not provided, wait will default to the stopped condition which uses the original wait code paths. if the condition is stopped, the container exit code will be returned.
also, correct a mux issue we discovered.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
container Exists: fix URL
|
| | |
| | |
| | |
| | | |
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|\ \ \
| | | |
| | | | |
Add test to validate prune pod apiv2 binding.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Modify the pod inspect bindings to hold current pod status.
Includes test to validate on pod status and added test to check
no or few pods are pruned,if the pods are in exited state.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
| |_|/
|/| |
| | |
| | |
| | |
| | | |
Thanks for Brent Baude <bbaude@redhat.com> for the fix.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
Cninetfix
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
when creating a network, podman should add the firewall plugin to the config but not specify a backend. this will allow cni to determine whether it should use an iptables|firewalld backend.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
add binding tests for volumes: inspect(get), create, remove, prune, and list
implement filters ability for volumes
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Previously --uts=container: expected the full container ID.
Closes: https://github.com/containers/libpod/issues/5289
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
fix trivial typo
|
| | |
| | |
| | |
| | | |
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|\ \ \
| | | |
| | | | |
Remove 1 sec delay
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Stop closing net.Listener() twice on interrupt
* Do not report error if closing server twice
Fixes #5311
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| | | |
| | | | |
Cirrus: Support testing with F31
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
rootless: raise error if the process is not found
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
we need to store the pause process PID file so that it can be re-used
later.
commit e9dc2120925d9bc32b87ed3c4122aa40f7413db5 introduced this
regression.
Closes: https://github.com/containers/libpod/issues/5246
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
if there are more than FD_SETSIZE open fds passed down to the Podman
process, the initialization code could crash as it attempts to store
them into a fd_set. Use an array of fd_set structs, each of them
holding only FD_SETSIZE file descriptors.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Add basic deadlock detection for container start/remove
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We can easily tell if we're going to deadlock by comparing lock
IDs before actually taking the lock. Add a few checks for this in
common places where deadlocks might occur.
This does not yet cover pod operations, where detection is more
difficult (and costly) due to the number of locks being involved
being higher than 2.
Also, add some error wrapping on the Podman side, so we can tell
people to use `system renumber` when it occurs.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
build: move initialization after SetXdgDirs
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when we use namespaces, we set the run directory to 0711 to allow
other users to access it.
without this relaxation, the /run/user/$UID directory would be
skipped.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/ /
| |
| |
| |
| |
| | |
Initial ginkgo setup credit to Brent Baude <bbaude@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|\ \
| | |
| | | |
enable ci on go binding tests
|
| | |
| | |
| | |
| | | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| |_|/
|/| | |
more image binding tests
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add two additional bindings tests for image usage.
add ability to use search filter on the endpoint.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
1) Help message for podman port was missing [PORT]
2) Add test for 'podman port'. And, actually, an entire
networking test that I'd written some weeks ago but
apparently didn't 'git add'.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
code was erronously misinterpretting the port as a containername.
Fixes: #1791832
Signed-off-by: baude <bbaude@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
| |
adding more image tests for go bindings. one big change is that the params were converted from map[string]string to url.values to account for the ability to send []string as query params
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
search endpoint failure correction
|
| |
| |
| |
| |
| |
| |
| |
| | |
when returning an invalid search, a return was omitted triggering a null on the consumer end.
Fixes: #5228
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
| |
it turns out that when the firewall plugin is not provided as part of the configuration, then the firewall cni plugin will dynamically figure out if it should use firewalld or iptables.
also removing this from the default configuration file
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
Remove ImageVolumes from database
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before Libpod supported named volumes, we approximated image
volumes by bind-mounting in per-container temporary directories.
This was handled by Libpod, and had a corresponding database
entry to enable/disable it.
However, when we enabled named volumes, we completely rewrote the
old implementation; none of the old bind mount implementation
still exists, save one flag in the database. With nothing
remaining to use it, it has no further purpose.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|