| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
inherit a change for not failing a recursive relabelling if the file
is removed between the directory is read and the lsetxattr syscall.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
This will cause /proc inside of the container to match the mount options
of the host.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1511
Approved by: baude
|
|
|
|
|
|
|
|
|
|
|
| |
We need to vendor in the latest containerd/cgroups for a fix related to
slice delegation and systemd <= 239. The opencontainer/runtime-spec is
brought along for the ride.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1414
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1269
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a compiler warning that has been fixed in the
upstream, so I figured we should update to fix.
Also vendor in latest buildah to get better support for running builds in rootless
mode.
Vendor in latest containers/image to allow daemon support to be pluggable.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1169
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
Check at runtime if AppArmor is enabled on the host.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1128
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1037
Approved by: baude
|
|
|
|
|
|
|
|
|
| |
Newer runtime tools separates syscalls by OS so we can build darwin.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1007
Approved by: baude
|
|
|
|
|
|
| |
Baude found an error in non linux bindings.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
| |
THis should make libpod easier to build on non linux platforms.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1000
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
This should fix the issue with iptables being denied execution on
container cleanup
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #966
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
We no longer use runc code to read network I/O usage. This lets
us remove a lot of vendored code.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #425
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
When running a privileged container, it should inherit the same
devices the host has.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #330
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #206
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
|
|
|
| |
Also add --quiet option to kpod create/run since
this will help with writing tests.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #140
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
|
|
|
|
| |
Need to pull in the latest containers/storage and containers/image to fix lots of
issues. Also want to update runtime-tools to take advantage of newer generate
code.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #152
Approved by: rhatdan
|
|
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|