- Changelog for v3.2.2 (2021-06-25): * fix systemcontext to use correct TMPDIR * Scrub podman commands to use report package * Fix volumes with uid and gid options * Vendor in c/common v0.38.11 * Initial release notes for v3.2.2 * Fix restoring of privileged containers * Fix handling of podman-remote build --device * Add support for podman remote build -f - . * Fix panic condition in cgroups.getAvailableControllers * Fix permissions on initially created named volumes * Fix building static podman-remote * add correct slirp ip to /etc/hosts * disable tty-size exec checks in system tests * Fix resize race with podman exec -it * Fix documentation of the --format option of podman push * Fix systemd-resolved detection. * Health Check is not handled in the compat LibpodToContainerJSON * Do not use inotify for OCICNI * getContainerNetworkInfo: lock netNsCtr before sync * [NO TESTS NEEDED] Create /etc/mtab with the correct ownership * Create the /etc/mtab file if does not exists * [v3.2] cp: do not allow dir->file copying * create: support images with invalid platform * vendor containers/common@v0.38.10 * logs: k8s-file: restore poll sleep * logs: k8s-file: fix spurious error logs * utils: move message from warning to debug - Changelog for v3.2.1 (2021-06-11): * Updated release notes for v3.2.1 * remote events: fix --stream=false * [CI:DOCS] fix incorrect network remove api doc * remote: always send resize before the container starts * remote events: support labels * remote pull: cancel pull when connection is closed * Fix network prune api docs * Improve systemd-resolved detection * logs: k8s-file: fix race * Fix image prune --filter cmd behavior * podman-remote build should handle -f option properly * System tests: deal with crun 0.20.1 * Fix build tags for pkg/machine... * Fix pre-checkpointing * container: ignore named hierarchies * [v3.2] vendor containers/common@v0.38.9 * rootless: fix fast join userns path * [v3.2] vendor containers/common@v0.38.7 * [v3.2] vendor containers/common@v0.38.6 * Correct qemu options for Intel macs - Changelog for v3.2.0 (2021-06-03): * Final release notes updates for v3.2.0 * add ipv6 nameservers only when the container has ipv6 enabled * Use request context instead of background * [v.3.2] events: support disjunctive filters * System tests: add :Z to volume mounts * generate systemd: make mounts portable * vendor containers/storage@v1.31.3 * vendor containers/common@v0.38.5 - Changelog for v3.2.0-RC3 (2021-05-26): * Update release notes for v3.2.0-RC3 * Fix race on podman start --all * Fix race condition in running ls container in a pod * docs: --cert-dir: point to containers-certs.d(5) * Handle hard links in different directories * Improve OCI Runtime error * Handle hard links in remote builds * Podman info add support for status of cgroup controllers * Drop container does not exist on removal to debugf * Downgrade API service routing table logging * add libimage events * docs: generate systemd: XDG_RUNTIME_DIR * Fix problem copying files when container is in host pid namespace - Changelog for v3.2.0-RC2 (2021-05-20): * update c/common * Update Cirrus DEST_BRANCH to v3.2 * Updated vendors of c/image, c/storage, Buildah * Initial release notes for v3.2.0-RC2 * Add script for identifying commits in release branches * Add host.containers.internal entry into container's etc/hosts * image prune: remove unused images only with `--all` * podman network reload add rootless support * Use more recent `stale` release... * network tutorial: update with rootless cni changes * [CI:DOCS] Update first line in intro page * Use updated VM images + updated automation tooling * auto-update service: prune images * make vendor * fix system upgrade tests * Print "extracting" only on compressed file * podman image tree: restore previous behavior * fix network restart always test * fix incorrect log driver in podman container image * Add support for cli network prune --filter flag * Move filter parsing to common utils * Bump github.com/containers/storage from 1.30.2 to 1.30.3 * Update nix pin with `make nixpkgs` * [CI:DOCS] hack/bats - new helper for running system tests * fix restart always with slirp4netns * Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94 * Bump github.com/coreos/go-systemd/v22 from 22.3.1 to 22.3.2 * Add host.serviceIsRemote to podman info results * Add client disconnect to build handler loop * Remove obsolete skips * Fix podman-remote build --rm=false ... * fix: improved "containers/{name}/wait" endpoint * Bump github.com/containers/storage from 1.30.1 to 1.30.2 * Add envars to the generated systemd unit * fix: use UTC Time Stamps in response JSON * fix container startup for empty pidfile * Kube like pods should share ipc,net,uts by default * fix: compat API "images/get" for multiple images * Revert escaped double dash man page flag syntax * Report Download complete in Compatibility mode * Add documentation on short-names * Bump github.com/docker/docker * Adds support to preserve auto update labels in generate and play kube * [CI:DOCS] Stop conversion of `--` into en dash * Revert Patch to relabel if selinux not enabled * fix per review request * Add support for environment variable secrets * fix pre review request * Fix infinite loop in isPathOnVolume * Add containers.conf information for changing defaults * CI: run rootless tests under ubuntu * Fix wrong macvlan PNG in networking doc. * Add restart-policy to container filters & --filter to podman start * Fixes docker-compose cannot set static ip when use ipam * channel: simplify implementation * build: improve regex for iidfile * Bump github.com/onsi/gomega from 1.11.0 to 1.12.0 * cgroup: fix rootless --cgroup-parent with pods * fix: docker APIv2 `images/get` * codespell cleanup * Minor podmanimage docs updates. * Fix handling of runlabel IMAGE and NAME * Bump to v3.2.0-dev * Bump to v3.2.0-rc1 * podman: set volatile storage flag for --rm containers * Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2 * Bump github.com/containers/image/v5 from 5.11.1 to 5.12.0 * Add filepath glob support to --security-opt unmask * Force log_driver to k8s-file for containers in containers - Changelog for v3.2.0-rc1 (2021-05-05) * migrate Podman to containers/common/libimage * add --mac-address to podman play kube * compat api: Networks must be empty instead of null * System tests: honor $OCI_RUNTIME (for CI) * is this a bug? * system test image: add arm64v8 image * Fix troubleshooting documentation on handling sublemental groups. * Add --all to podman start * Fix variable reference typo. in multi-arch image action * cgroup: always honor --cgroup-parent with cgroupfs * Bump github.com/uber/jaeger-client-go * Don't require tests for github-actions & metadata * Detect if in podman machine virtual vm * Fix multi-arch image workflow typo * [CI:DOCS] Add titles to remote docs (windows) * Remove unused VolumeList* structs * Cirrus: Update F34beta -> F34 * Update container image docs + fix unstable execution * Bump github.com/containers/storage from 1.30.0 to 1.30.1 * TODO complete * Docker returns 'die' status rather then 'died' status * Check if another VM is running on machine start * [CI:DOCS] Improve titles of command HTML pages * system tests: networking: fix another race condition * Use seccomp_profile as default profile if defined in containers.conf * Bump github.com/json-iterator/go from 1.1.10 to 1.1.11 * Vendored * Autoupdate local label functional * System tests: fix two race conditions * Add more documentation on conmon * Allow docker volume create API to pass without name * Cirrus: Update Ubuntu images to 21.04 * Skip blkio-weight test when no kernel BFQ support * rootless: Tell the user what was led to the error, not just what it is * Add troubleshooting advice about the --userns option. * Fix images prune filter until * Fix logic for pushing stable multi-arch images * Fixes generate kube incorrect when bind-mounting "/" and "/root" * libpod/image: unit tests: don't use system's registries.conf.d * runtime: create userns when CAP_SYS_ADMIN is not present * rootless: attempt to copy current mappings first * [CI:DOCS] Restore missing content to manpages * [CI:DOCS] Fix Markdown layout bugs * Fix podman ps --filter ancestor to match exact ImageName/ImageID * Add machine-enabled to containers.conf for machine * Several multi-arch image build/push fixes * Add podman run --timeout option * Parse slirp4netns net options with compat api * Fix rootlesskit port forwarder with custom slirp cidr * Fix removal race condition in ListContainers * Add github-action workflow to build/push multi-arch * rootless: if root is not sub?id raise a debug message * Bump github.com/containers/common from 0.36.0 to 0.37.0 * Add go template shell completion for --format * Add --group-add keep-groups: suplimentary groups into container * Fixes from make codespell * Typo fix to usage text of --compress option * corrupt-image test: fix an oops * Add --noheading flag to all list commands * Bump github.com/containers/storage from 1.29.0 to 1.30.0 * Bump github.com/containers/image/v5 from 5.11.0 to 5.11.1 * [CI:DOCS] Fix Markdown table layout bugs * podman-remote should show podman.sock info * rmi: don't break when the image is missing a manifest * [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md * Add support for CDI device configuration * [CI:DOCS] Add missing dash to verbose option * Bump github.com/uber/jaeger-client-go * Remove an advanced layer diff function * Ensure mount destination is clean, no trailing slash * add it for inspect pidfile * [CI:DOCS] Fix introduction page typo * support pidfile on container restore * fix start it * skip pidfile test on remote * improve document * set pidfile default value int containerconfig * add pidfile in inspection * add pidfile it for container start * skip pidfile it on remote * Modify according to comments * WIP: drop test requirement * runtime: bump required conmon version * runtime: return findConmon to libpod * oci: drop ExecContainerCleanup * oci: use `--full-path` option for conmon * use AttachSocketPath when removing conmon files * hide conmon-pidfile flag on remote mode * Fix possible panic in libpod/image/prune.go * add --ip to podman play kube * add flag autocomplete * add ut * add flag "--pidfile" for podman create/run * Add network bindings tests: remove and list * Fix build with GO111MODULE=off * system tests: build --pull-never: deal with flakes * compose test: diagnose flakes v3 * podman play kube apply correct log driver * Fixes podman-remote save to directories does not work * Bump github.com/rootless-containers/rootlesskit from 0.14.1 to 0.14.2 * Update documentation of podman-run to reflect volume "U" option * Fix flake on failed podman-remote build : try 2 * compose test: ongoing efforts to diagnose flakes * Test that we don't error out on advertised --log-level values * At trace log level, print error text using %+v instead of %v * pkg/errorhandling.JoinErrors: don't throw away context for lone errors * Recognize --log-level=trace * Fix flake on failed podman-remote build * System tests: fix racy podman-inspect * Fixes invalid expression in save command * Bump github.com/containers/common from 0.35.4 to 0.36.0 * Update nix pin with `make nixpkgs` * compose test: try to get useful data from flakes * Remove in-memory state implementation * Fix message about runtime to show only the actual runtime * System tests: setup: better cleanup of stray images * Bump github.com/containers/ocicrypt from 1.1.0 to 1.1.1 * Reflect current state of prune implementation in docs * Do not delete container twice * [CI:DOCS] Correct status code for /pods/create * vendor in containers/storage v1.29.0 * cgroup: do not set cgroup parent when rootless and cgroupfs * Overhaul Makefile binary and release worflows * Reorganize Makefile with sections and guide * Simplify Makefile help target * Don't shell to obtain current directory * Remove unnecessary/not-needed release.txt target * Fix incorrect version number output * Exclude .gitignore from test req. * Fix handling of $NAME and $IMAGE in runlabel * Update podman image Dockerfile to support Podman in container * Bump github.com/containers/image/v5 from 5.10.5 to 5.11.0 * Fix slashes in socket URLs * Add network prune filters support to bindings * Add support for play/generate kube volumes * Update manifest API endpoints * Fix panic when not giving a machine name for ssh * cgroups: force 64 bits to ParseUint * Bump k8s.io/api from 0.20.5 to 0.21.0 * [CI:DOCS] Fix formatting of podman-build man page * buildah-bud tests: simplify * Add missing return * Bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1 * speed up CI handling of images * Volumes prune endpoint should use only prune filters * Cirrus: Use Fedora 34beta images * Bump go.sum + Makefile for golang 1.16 * Exempt Makefile changes from test requirements * Adjust libpod API Container Wait documentation to the code * [CI:DOCS] Update swagger definition of inspect manifest * use updated ubuntu images * podman unshare: add --rootless-cni to join the ns * Update swagger-check * swagger: remove name wildcards * Update buildah-bud diffs * Handle podman-remote --arch, --platform, --os * buildah-bud tests: handle go pseudoversions, plus... * Fix flaking rootless compose test * rootless cni add /usr/sbin to PATH if not present * System tests: special case for RHEL: require runc * Add --requires flag to podman run/create * [CI:DOCS] swagger-check: compare operations * [CI:DOCS] Polish swagger OpertionIDs * [NO TESTS NEEDED] Update nix pin with `make nixpkgs` * Ensure that `--userns=keep-id` sets user in config * [CI:DOCS] Set all operation id to be compatibile * Move operationIds to swagger:operation line * swagger: add operationIds that match with docker * Cirrus: Make use of shared get_ci_vm container * Don't relabel volumes if running in a privileged container * Allow users to override default storage opts with --storage-opt * Add support for podman --context default * Verify existence of auth file if specified * fix machine naming conventions * Initial network bindings tests * Update release notes to indicate CVE fix * Move socket activation check into init() and set global condition. * Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0 * Http api tests for network prune with until filter * podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns * Fix typos --uidmapping and --gidmapping * Add transport and destination info to manifest doc * Bump github.com/rootless-containers/rootlesskit from 0.14.0 to 0.14.1 * Add default template functions * Fix missing podman-remote build options * Bump github.com/coreos/go-systemd/v22 from 22.3.0 to 22.3.1 * Add ssh connection to root user * Add rootless docker-compose test to the CI * Use the slrip4netns dns in the rootless cni ns * Cleanup the rootless cni namespace * Add new docker-compose test for two networks * Make the docker-compose test work rootless * Remove unused rootless-cni-infra container files * Only use rootless RLK when the container has ports * Fix dnsname test * Enable rootless network connect/disconnect * Move slirp4netns functions into an extra file * Fix pod infra container cni network setup * Add rootless support for cni and --uidmap * rootless cni without infra container * Recreate until container prune tests for bindings * Remove --execute from podman machine ssh * Fixed podman-remote --network flag * Makefile: introduce install.docker-full * Makefile: ensure install.docker creates BINDIR * Fix unmount doc reference in image.rst * Should send the OCI runtime path not just the name to buildah * podman machine shell completion * Fix handling of remove --log-rusage param * Fix bindings prune containers flaky test * [CI:DOCS] Add local html build info to docs/README.md * Add podman machine list * Trim white space from /top endpoint results * Remove semantic version suffices from API calls * podman machine init --ignition-path * Document --volume from podman-remote run/create client * Update main branch to reflect the release of v3.1.0 * Silence podman network reload errors with iptables-nft * Containers prune endpoint should use only prune filters * resolve proper aarch64 image names * APIv2 basic test: relax APIVersion check * Add machine support for qemu-system-aarch64 * podman machine init user input * manpage xref: helpful diagnostic for unescaped dash-dash * Bump to v3.2.0-dev * swagger: update system version response body * buildah-bud tests: reenable pull-never test * [NO TESTS NEEDED] Shrink the size of podman-remote * Add powershell completions * [NO TESTS NEEDED] Drop Warning to Info, if cgroups not mounted * Fix long option format on docs.podman.io * system tests: friendier messages for 2-arg is() * service: use LISTEN_FDS * man pages: correct seccomp-policy label * rootless: use is_fd_inherited * podman generate systemd --new do not duplicate params * play kube: add support for env vars defined from secrets * play kube: support optional/mandatory env var from config map * play kube: prepare supporting other env source than config maps * Add machine support for more Linux distros * [NO TESTS NEEDED] Use same function podman-remote rmi as podman * Podman machine enhancements * Add problematic volume name to kube play error messages * Fix podman build --pull-never * [NO TESTS NEEDED] Fix for kernel without CONFIG_USER_NS * [NO TESTS NEEDED] Turn on podman-remote build --isolation * Fix list pods filter handling in libpod api * Remove resize race condition * [NO TESTS NEEDED] Vendor in containers/buildah v1.20.0 * Use TMPDIR when commiting images * Add RequiresMountsFor= to systemd generate * Bump github.com/vbauerster/mpb/v6 from 6.0.2 to 6.0.3 * Fix swapped dimensions from terminal.GetSize * Rename podman machine create to init and clean up * Correct json field name * system tests: new interactive tests * Improvements for machine * libpod/image: unit tests: use a `registries.conf` for aliases * libpod/image: unit tests: defer cleanup * libpod/image: unit tests: use `require.NoError` * Add --execute flag to podman machine ssh * introduce podman machine * Podman machine CLI and interface stub * Support multi doc yaml for generate/play kube * Fix filters in image http compat/libpod api endpoints * Bump github.com/containers/common from 0.35.3 to 0.35.4 * Bump github.com/containers/storage from 1.28.0 to 1.28.1 * Check if stdin is a term in --interactive --tty mode * [NO TESTS NEEDED] Remove /tmp/containers-users-* files on reboot * [NO TESTS NEEDED] Fix rootless volume plugins * Ensure manually-created volumes have correct ownership * Bump github.com/rootless-containers/rootlesskit * Unification of until filter across list/prune endpoints * Unification of label filter across list/prune endpoints * fixup * fix: build endpoint for compat API * [CI:DOCS] Add note to mappings for user/group userns in build * Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.3.0 * Bump k8s.io/api from 0.20.1 to 0.20.5 * Validate passed in timezone from tz option * Fix system prune cmd user message with options * WIP: run buildah bud tests using podman * Fix containers list/prune http api filter behaviour * System tests: reenable a bunch of skipped tests * Generate Kubernetes PersistentVolumeClaims from named volumes * Cleanup /libpod/images/load handler * vendor: drop replace for github.com/syndtr/gocapability * security: use the bounding caps with --privileged * Bump github.com/containers/common from 0.35.0 to 0.35.3 * Bump k8s.io/apimachinery from 0.20.4 to 0.20.5 * Fix volumes and networks list/prune filters in http api * Bump github.com/containers/storage from 1.25.0 to 1.28.0 * add a dependabot config to automate vendoring * Bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2 * network prune filters for http compat and libpod api * test: check for io.stat existence on cgroup v2 * test: fix test for last crun/runc * test: simplify cgroup path * Latest crun/runc should handle blkio-weight test * fix user message image prune --all * Docs: removing secrets is safe for in-use secrets * Downgrade github.com/coreos/go-systemd/v22 * pkg/bindings/images.Build(): fix a race condition in error reporting * Switch all builds to pull-never * System test cleanup * Fix for volumes prune in http compat api * Fix remote client timezone test * Do not leak libpod package into the remote client * Split libpod/network package * fix use with localhost (testing) * add /auth for docker compatibility * create endpoint for querying libpod networks * Bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1 * sdnotify tests: try real hard to kill socat processes * Fix array instead of one elem network http api * Delete all containers and pods between tests * apiv2 tests: finally fix POST as originally intended * Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variables * Removing a non existing container API should return 404 * Docs: Add docs to access APIs inside container * options: append CLI graph driver options * podman load: fix error handling * podman cp: evaluate symlink correctly when copying from container * rm pkg/api/handlers/libpod/copy.go * podman cp: fix copying to a non-existent dir * podman cp: fix ownership * podman cp: ignore EPERMs in rootless mode * vendor buildah@v1.19.8 * apiv2 tests: add helpers to start/stop a local registry * Bump to v3.1.0-dev * allow the removal of storage images * podman-remote build does not support volumes * Update nix pin with `make nixpkgs` * Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.2.0 * [Compat API] Also print successfully tagging images in /build endpoint - Changelog for v3.1.0-rc1 (2021-03-08) * Compat API: Avoid trying to create volumes if they already exist * Bump github.com/onsi/gomega from 1.10.5 to 1.11.0 * Allow users to generate a kubernetes yaml off non running containers * Bump github.com/onsi/ginkgo from 1.15.0 to 1.15.1 * turn hidden --trace into a NOP * pkg/terminal: use c/storage/pkg/homedir * build-arg * Handle podman build --dns-search * podman build --build-arg should fall back to environment * Add support for podman build --ignorefile * replace local mount consts with libpod/define * separate file with mount consts in libpod/define * Correct compat images/{name}/push response * [NO TESTS NEEDED] Bump pre-commit-hooks version * [ci skip] Bad formatting fix in build documentation * Bump github.com/containernetworking/plugins to v0.9.1 * podman-remote stop -time 0 does not work * Do not return from c.stop() before re-locking * Fix for podman network rm (-f) workflow * Bump github.com/containers/buildah from 1.19.6 to 1.19.7 * Add tests for selinux kvm/init labels * Respect NanoCpus in Compat Create * podman cp: support copying on tmpfs mounts * image removal: ignore unknown-layer errors * Fix cni teardown errors * Use version package to track all versions * Check for supportsKVM based on basename of the runtime * Compat API: create volume source dirs on the host * Makefile: add install.docker-docs-nobuild for packaging use * Add /sys/fs/cgroup as readonly path in docs * Add network summary to compat ps * Fix possible panic with podman build --iidfile * Add version field to secret compat list/inspect api * Tidy duplicate log tests * Fix support for podman build --timestamp * Rewrite Rename backend in a more atomic fashion * Use functions and defines from checkpointctl * Move checkpoint/restore code to pkg/checkpoint/crutils * Vendor in checkpointctl * Support label type dict on compat build * Makefile: install systemd services conditionally * podman-system-service.1.md: fix timeout example * swagger: update the libpodPutArchive operation verb * Makefile: split install.docker-docs from install.docker * Bump RootlessKit v0.14.0-beta.0 * Compat api containers/json Ports field is null * Bump github.com/cri-o/ocicni to latest master * Refactor python tests to run against python3.9 * APIv2 tests: make more maintainable * [CI:DOCS] Improve release process docs * podman rmi: handle corrupted storage better * Enable cgroupsv2 rw mount via security-opt unmask * podman-image-sign.1.md: typo fix * compat api network ls accept both format options * Enable no_hosts from containers.conf * Correct compat images/create?fromImage response * Fix parsing of Tmpfs field in compat create * prune remotecommand dependency * system test image: build it multiarch * Updated based on Jhonce comments * updated common to 0.35.0 * Refactored file * swagger: removes the schema type for PodSpecGenerator $ref * podman-system-connection.1.md: fix copy/paste error * Add dns search domains from cni response to resolv.conf * Network connect error if net mode is not bridge * Sort CapDrop in inspect to guarantee order * podman upgrade tests * test: ignore named hierarchies for cgroups=split * container removal: handle already removed containers * Bump github.com/rootless-containers/rootlesskit from 0.13.1 to 0.13.2 * Bump k8s.io/apimachinery from 0.20.3 to 0.20.4 * Add U volume flag to chown source volumes * Replace Labels and Options nulls with {} in NetworkResource * Cirrus: Temp. disable prior-fedora (F32) testing * podman cp: test /dev/stdin correctly * podman cp: treat /dev/stdout correctly * cgroup: change cgroup deletion logic on v1 * Fix podman network IDs handling * pr-should-include-tests: recognized "renamed" tests * --no-header flag implementation for generate systemd * [NO TESTS NEEDED] Make binding util internal * Two variations of --new flag added to e2e * swagger: add missing schema properties * bump go module to v3 * Fix 'storage.options' indent * Bump github.com/sirupsen/logrus from 1.7.1 to 1.8.0 * Bump github.com/containers/buildah from 1.19.4 to 1.19.6 * Turn on journald and k8s file logging tests * Allow podman play kube to read yaml file from stdin * Log working dir when chdir fails * Fix segfault in run with memory-swap * leak fix in rootless_linux.c fcn can_use_shortcut * Fix journald logs with more than 1 container * Fix journald logs --follow * Fix journald logs --since * fix journald logs --tail 0 * [CI:DOCS]basic networking guide * cp: treat "." and "/." correctly * [CI:DOCS] [NO TESTS NEEDED] Update swagger doc for libpod container wait * Bump k8s.io/apimachinery from 0.20.2 to 0.20.3 * Don't switch on a single case * Quote URL * bindings: support simple types that implement fmt.Stringer interface * API: fix libpod's container wait endpoint condition conversion * Change source path resolution for volume copy-up * podman ps --format '{{ .Size }}' requires --size option * infra: downgrade warning to debug * Ignore entrypoint=[\"\"] * Bump github.com/sirupsen/logrus from 1.7.0 to 1.7.1 * Add missing early returns in compat API * Do not reset storage when running inside of a container * podman kill should report rawInput not container id * Fix an issue where copyup could fail with ENOENT * do not set empty $HOME * images/create: always pull image * Fix panic in pod creation * Bump github.com/rootless-containers/rootlesskit from 0.13.0 to 0.13.1 * podman build: pass runtime to buildah * correct startup error message * Add missing params for podman-remote build * Fix typo podman run doc in flag -pid=mode "efault" * When stopping a container, print rawInput * fix create container: handle empty host port * Don't chown workdir if it already exists * Fix broken podman generate systemd --new with pods * fix dns resolution on ubuntu * e2e: fix network alias test * fix failing image e2e test * Update troubleshooting.md * [NO TESTS NEEDED] Refactor generated code * Fix superfluous response.WriteHeader call in WaitContainerLibpod() * change ps Created to unix * Enable more golangci-lint linters * make layer-tree lookup errors non-fatal * Enable whitespace linter * Enable golint linter * Enable stylecheck linter * Update Master to reflect the 3.0 release * utils: takes the longest path on cgroup v1 * container ps json format miscue * Bump github.com/spf13/cobra from 1.1.2 to 1.1.3 * utils: create parent cgroups * utils: ignore unified on cgroupv1 if not present * utils: skip empty lines * Correct compat network prune response * Display correct value for unlimited ulimit * apiv2: handle docker-java clients pulling * Rewrite copy-up to use buildah Copier * bump to v3.1.0-dev * [NO TESTS NEEDED] Update linter * Bump github.com/spf13/cobra from 1.1.1 to 1.1.2 * Add shell completion tests for secrets * Docker APIv2 push sends digest in response body * Fix compat networks endpoint for a empty result * hardening flags for fedora rpmbuilds * [CI:DOCS]First pass at release process * Restart service when CONTAINERS_CONF changes * Support annotations from containers.conf * vendor github.com/containers/image v5.10.2 * APIv2 tests: lots of cleanup * Fix Docker APIv2 push endpoint * generate kube: support --privileged * Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 * Implement Secrets * Bump containers/buildah to v1.19.4 * Allow path completion for podman create/run --rootfs * Cirrus: Send cirrus-cron report e-mail to list. * make `podman rmi` more robust * Implement missing arguments for podman build * vendor latest containers/common * add network prune * fix logic when not creating a workdir * Bump remote API version to 3.0.0 * play kube selinux test case * Fix podman network disconnect wrong NetworkStatus number * Fix per review request * generate kube: handle entrypoint * play kube selinux test case * Increase timeouts in some tests * Add test for Docker APIv2 wait * Implement Docker wait conditions * Improve ContainerEngine.ContainerWait() * Improve container libpod.Wait*() functions * Cirrus: Collect ginkgo node logs artifacts * Bump github.com/containers/storage from 1.24.5 to 1.25.0 * Bump github.com/containernetworking/cni from 0.8.0 to 0.8.1 * bindings: attach: warn correct error * Fix invalid wait condition on kill * Makefile: make bin/* real targets! * typo * Bump github.com/onsi/gomega from 1.10.4 to 1.10.5 * Update nix pin with `make nixpkgs` * System test for #9096 (truncated stdout) * play kube selinux label test case * Gating tests: diff test: workaround for RHEL8 failure * [NO TESTS NEEDED] style: indendation * [NO TESTS NEEDED] fixup: remove debug code * Report StatusConflict on Pod opt partial failures * Honor network options for macvlan networks * Make slirp MTU configurable (network_cmd_options) * [NO TESTS NEEDED] Generated files * [NO TESTS NEEDED] Improve generator * play kube selinux label issue * Makefile: refactor ginkgo * ginkgo-remote * Allow pods to use --net=none * Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0 * Update release notes for v3.0.0 * New 'make completions' target * add macvlan as a supported network driver * Fix podman generate systemd --new special char handling * Bump github.com/rootless-containers/rootlesskit from 0.12.0 to 0.13.0 * Endpoint that lists containers does not return correct Status value * Fix --network parsing for podman pod create * list volumes before pruning * Docker ignores mount flags that begin with constency * podman generate kube ignores --network=host * Switch podman stop/kill/wait handlers to use abi * [CI:DOCS]build instructions for macOS * Vendor in containers/buildah v1.19.3 * Honor custom DNS in play|generate kube * Podman-remote push can support --format * Bump github.com/containers/image/v5 from 5.10.0 to 5.10.1 * Cirrus: Build static podman-remote * podman build --pull: refine help message and docs * Revert "podman build --pull: use correct policy" * Bump github.com/containers/image/v5 from 5.9.0 to 5.10.0 * Cleanup bindings for image pull * Don't fail if one of the cgroups is not setup * Add support for rootless network-aliases * Allow static ip and mac with rootless cni network * podman build --pull: use correct policy * Cirrus: Fix running Validate task on branches * Fix static build cache by using cachix * Switch podman image push handlers to use abi * e2e tests: synchronize test results * podman-remote ps --external --pod --sort do not work. * Fix podman history --no-trunc for the CREATED BY field * remote exec: write conmon error on hijacked connection * Fix #9100 Change console mode message to debug * Add default net info in container inspect * Ensure the Volumes field in Compat Create is honored * [CI:DOCS]update state of restful service * workdir presence checks * libpod: add (*Container).ResolvePath() * Fixup search * Pass DefaultMountsFile to podman build * Ensure shutdown handler access is syncronized * System tests: cover gaps from the last month * Fix --arch and --os flags to work correctly * Bump github.com/google/uuid from 1.1.5 to 1.2.0 * Fix typo * disable dnsname when --internal * swagger.go: Fix compilation error * Fix fish completion issue if the command is prefixed with a space * Bump golang.org/x/crypto * networking: lookup child IP in networks * Small API test improvement for compatibility search endpoint * podman manifest exists * Accept and ignore 'null' as value for X-Registry-Auth * Turn on some remote test * Add a notice to remove pod before starting service * libpod: move slirp magic IPs to consts * rootlessport: set source IP to slirp4netns device * vendor: update rootlesskit to v0.12.0 * api: fix import image swagger definition * podman volume exists * Cirrus: Upload swagger YAML in every context * [CI:DOCS] Cirrus: Skip smoke task on branch-push * Move the cni lock file into the cni config dir * Use random network names in the e2e tests * [CI:DOCS] Update project name in Code of Conduct * Set log driver for compatability containers * Make generate systemd --new robust against double curly braces * Fix man page for fuse-overlayfs config in rootless mode * Cirrus: add bindings checks * Fix handling of container remove * make bindings generation explicit * make bindings generation more robuts * Revert "ginkgo: install on demand via `go get -u`" * [CI:DOCS] fix go-md2man HTMLSpan warnings * CI: smoke test: insist on adding tests on PRs * podman network exists * ginkgo: install on demand via `go get -u` * runner.sh : deal with bash 'set -e' * Add binding options for container|pod exists * [CI:DOCS]Do not run compose tests with CI:DOCS * simplify bindings generation * make: generate bindings: use vendor * hack/install_golangci.sh: smarter install * golangci-lint: install to ./bin * Create release notes for V3.0.0 * Rename AutocompletePortCommand func * Allow podman push to push manifest lists * [CI:DOCS]Add README.md for golang bindings * Turn on podman pod stats test for rootless cgroup v2 * Fix missing podman-container-rename man page link * Container rename bindings * Bump to containers/buildah 1.9.2 * Bump github.com/google/uuid from 1.1.4 to 1.1.5 * specgen: improve heuristic for /sys bind mount * Initial implementation of renaming containers * Add tests for volume plugins * Initial implementation of volume plugins * [CI:DOCS] Add hook-script example to get_ci_vm.sh * Makefile: add target to generate bindings * container stop: release lock before calling the runtime * Bump github.com/cri-o/ocicni to latest master * Cirrus: Upd. ext. service check host list * Bump k8s.io/apimachinery from 0.20.1 to 0.20.2 * Bump github.com/stretchr/testify from 1.6.1 to 1.7.0 * Cirrus: Utilize $GOPATH cache for alt_build task * Add more information and examples on podman and pipes * Vendor in common 0.33.1 * CI: fix broken diagnostic message for -dev check * test: use stringid.GenerateNonCryptoID() in more tests * network: disallow CNI networks with user namespaces * Reduce general binding binary size * play kube: set entrypoint when interpreting Command * Fxes /etc/hosts duplicated every time after container restarted in a pod * Add 'MemUsageBytes' format option * Remove the ability to use [name:tag] in podman load command * More /var/run -> /run * More /var/run -> /run * Exorcise Driver code from libpod/define * Fix problems reported by staticcheck * Expose security attribute errors with their own messages * oci: use /proc/self/fd/FD to open unix socket * Use HTTPProxy settings from containers.conf * Cirrus: Add cross-compile test for alternative arches * image list: ignore bare manifest list * Ensure that `podman play kube` actually reports errors * Bump github.com/containers/storage from 1.24.4 to 1.24.5 * oci: keep LC_ env variables to conmon * Better test and idomatic code. * add pre checkpoint * podman build --force-rm defaults to true in code * Adding json formatting to `--list-tags` option in `podman search` command. * Use abi PodPs implementation for libpod/pods/json endpoint * Add Networks format placeholder to podman ps and pod ps * Add network filter for podman ps and pod ps * Improve error message when the the podman service is not enabled * Restore compatible API for prune endpoints * Cirrus: Skip most tests on tag-push * Add mips architecture to the cross build target * Fix build for mips architecture follow-up * Handle podman exec capabilities correctly * Containers should not get inheritable caps by default * Make podman generate systemd --new flag parsing more robust * Switch references of /var/run -> /run * rootless: automatically split userns ranges * rootless: add function to retrieve uid mappings * rootless: add function to retrieve gid mappings * test: Add checkpoint/restore with volumes * Include named volumes in container migration * Use Options as CRImportCheckpoint() argument * Use Options as exportCheckpoint() argument * Fix podman logs read partial log lines * Revert e6fbc15f26b2a609936dfc11732037c70ee14cba * Cirrus: Update Fedora & Ubuntu images * Ensure that user-specified HOSTNAME is honored * generate systemd: do not set `KillMode` * Bump github.com/google/uuid from 1.1.3 to 1.1.4 * vendor containers/psgo@v1.5.2 * Add default sysctls for pod infra containers * Ensure we do not edit container config in Exec * close journald when reading * libpod API: pull: fix channel race * Allow image errors to bubble up from lower level functions. * test: fix variable name * systemd: make rundir always accessible * podman-remote fix sending tar content * fix: disable seccomp by default when privileged. * Compat api containers/json add support for filters * Bump github.com/google/uuid from 1.1.2 to 1.1.3 * Expose Height/Width fields to decoder * Rework pruning to report reclaimed space * Add support for Gentoo file to package query * The slirp4netns sandbox requires pivot_root * Update nix pin with `make nixpkgs` * readme: Remove broken link * Fix e2e test for `podman build --logfile` * test: fix variables name * exec: honor --privileged * libpod: change function to accept ExecOptions * Consolidate filter logic to pkg subdirectory * sort api endpoints in documentation * libpod: handle single user mapped as root * Refactor kube.ToSpecGen parameters to struct * re-open container log files * Set NetNS mode instead of value * add --cidfile to container kill * Document uid/gidmap are based on subuid/gid mapping * Bump github.com/containers/storage from 1.24.3 to 1.24.4 * Fix podman build --logfile * Fix missing options in volumes display while setting uid and gid * Spelling * play kube: fix args/command handling * Pass down EnableKeyring from containers.conf to conmon * Prefer read/write images over read/only images * add pod filter for ps * Add Security information to podman info * Add volume filters to system prune * podman v3 container bindings * Fix build for mips architecture * Bump k8s.io/apimachinery from 0.20.0 to 0.20.1 * Update nix pin with `make nixpkgs` * Document location of backend events file * Fix support for rpmbuild < 4.12.0. * system tests: set PODMAN_TIMEOUT to 120 * remote copy * Bump github.com/containers/common from 0.31.0 to 0.31.1 * podman v3 pod bindings * [CI:DOCS] Bump version on readme * misc bindings to podman v3 * Docker compat API - /images/search returns wrong structure (#7857) * Close the stdin/tty when using podman as a restAPI. * Add support for pacman package version query * Don't accidently remove XDG_RUNTIME_DIR when reseting storage * Always add the default gateway to the cni config file * System tests: better diagnostics in completion test * Bump github.com/opencontainers/selinux from 1.7.0 to 1.8.0 * podman.service should be an exec service not a notify service * Fix: unpause not supported for CGv1 rootless * Disable incompatible rootless + CGroupsV1 tests * Disable rootless pod stats tests w/ CgroupV1 * Disable CGv1 pod stats on net=host post * Disable pod stats tests in containerized Fedora w/ CGroupsV1 * Disable blkio.weight test on Ubuntu * Cirrus: Add support for Ubuntu 20.x * Add LogSize to container inspect * Podman image bindings for 3.0 * contrib: drop mirror.chpc.utah.edu:443 * libpod, conmon: change log level for rootless * Clean up temporary file. * Allow users to specify TMPDIR in containers.conf * system tests: the catch-up game * RHEL gating tests: more journald exceptions * Add volume prune --filter support * shell completion for the network flag * podman events allow future time for --until * Sign multi-arch images * add compose test descriptions * test-compose: rewrite to new subdir form * add compose regression to ci * WIP: test docker-compose * podman: drop checking valid rootless UID * Cleanup CNI Networks on reboot * Fix some network compat api problems * Fix Wrong image tag is used when creating a container from an image with multiple tags * Handle --rm when starting a container * Refine public key usage when remote * podman logs honor stderr correctly * Bindings refactor * Ignore containers.conf sysctls when sharing namespaces * Fix panic in libpod images exists endpoint * Bump github.com/containernetworking/plugins from 0.8.7 to 0.9.0 * Add --filter to podman system prune * Fix storage.conf to define driver in the VM * Bump github.com/containers/storage from 1.24.1 to 1.24.3 * Properly handle --cap-add all when running with a --user flag * security: honor systempaths=unconfined for ro paths * Add system test for shell completion * Bump github.com/onsi/gomega from 1.10.3 to 1.10.4 * Honor the --layers flag * pkg/copy: introduce a Copier * Repeat system pruning until there is nothing removed * Bump k8s.io/apimachinery from 0.19.4 to 0.20.0 * Bump github.com/opencontainers/selinux from 1.6.0 to 1.7.0 * auto updates: document systemd unit and timer * archive: move stat-header handling into copy package * Fix spelling mistakes * pkg/copy: add parsing API * make podman play use ENVs from image * Correct port range logic for port generation * Make `podman stats` slirp check more robust * Add systempaths=unconfined option * Bump github.com/containers/image/v5 from 5.8.1 to 5.9.0 * Restore json format for fields as well as whole structs * Do not pull if image domain is localhost * pass full NetworkMode to ParseNetworkNamespace * Fix network ls --filter invalid value flake * Implement pod-network-reload * generate kube on multiple containers * Change name of imageVolumes in container config JSON * Do not error on installing duplicate shutdown handler * image sign using per user registries.d * container cgroup path * add comment to #8558 regression test * Docker compat API - containers create ignores the name * Add APIv2 test for containers-prune * container create: do not clear image name * Add saschagrunert and zhangguanzhang to OWNERS * Bump github.com/containers/common from 0.30.0 to 0.31.0 * update website link for install instructions * Jira RUN-1106 System handlers updates * enable short-name aliasing * Jira RUN-1106 Volumes handlers updates * Jira RUN-1106 Network handlers updates * Do not mount sysfs as rootless in more cases * Add ability to set system wide options for slirp4netns * Vendor in containers/common v0.30.0 * Clarify uid range requirements * Close image rawSource when each loop ends * Use PasswordCallback instead of Password for ssh * More docker compat API fixes * rewrite podman-cp * e2e: bump pull timeout to 240 seconds * add @Luap99 to OWNERS file * Support Unix timestamps for `podman logs --since` * Fix some nit * Jira RUN-1106 Image handlers updates * Jira RUN-1106 Container handlers updates * Add containerenv information to /run/.containerenv * Correct which network commands can be run as rootless * Drop default log-level from error to warn * podman, exec: move conmon to the correct cgroup * Support --network=default as if it was private * Change bindings to stop two API calls for ping * hack/podman-socat captures the API stream * BATS: add new load test * Add mask and unmask option to --security-opt * Use Libpod tmpdir for pause path * Fix `podman images...` missing headers in table templates * add commas between mount options * Do not pass name argument to Load API * target is not tag * Fix shell completion for ps --filter ancestor * Add support for network ids * Validate that the bridge option is supported * Add integration test for the bridge options * Add podman network create option for bridge vlan * Add podman network create option for bridge mtu * Do not use "true" after "syslog" in exit commands * Fix typo in tests * Fix potential race condition in testing * compat create should use bindings * Add API for communicating with Docker volume plugins * BATS: add ping test * Document volume mounts of source directories do NOT get created * Revert the custom cobra vendor * Bump version in README to v2.2.0 * network connect disconnect on non-running containers * Bump master to v3.0.0-dev * Update release notes for v2.2.0 * Fix extra quotation mark in manpages. * Fix option names --subuidname and --subgidname * Do not ignore infra command from config files * Revert "Allow multiple --network flags for podman run/create" * Add APIv2 tests for kube generate * Document docker transport is the only supported remote transport * podman network label support * runtime: set XDG_* env variables if missing * Add support for persistent volume claims in kube files * Prepare support in kube play for other volume types than hostPath * Remove varlink support from Podman * Fix problems with network remove * Switch from pkg/secrets to pkg/subscriptions * Do not validate the volume source path in specgen * Add support for --platform * REST API v2 - ping - fix typo in header * REST API v2 - ping - remove newline from response to improve Docker compatibility * squash * Not use local image create/add manifest * [CI:DOCS] fix misleading save/load usage * [tutorials:mac-win-client] Fix command ensuring sshd is enabled * Fix custom mac address with a custom cni network * Bump to v2.2.0-dev * Handle ps container created field as a time.Time * test resource cleanup * more tests * not forcing unmount * few more tests * add test * add comment * fix: unmount container without force * style: wsl * fix lint * Implement containers/{id or name}/archive * Ensure that --net=host/pod/container/none warn with -p - Changelog for HEAD (2020-11-24): * Set PATH env in systemd timer. * Docker compat API fixes * shell completions: remove usage of ShellCompDirectiveError * more shell completion improvements * Fix ip-range for classless subnet masks * Bump github.com/containers/common from 0.27.0 to 0.29.0 * Add podman container ps command * clarify ps(1) fallback of `podman top` * APIv2 - create container sets wrong entrypoint * Enable remote shell completion without a running endpoint * Specify what the replace flag replaces in help text * APIv2 - strip CAP_ prefix from capabilities in json * Make c.networks() list include the default network * Allow containers to --restart on-failure with --rm * REST API v2 - list of images - mandatory Created attribute * Allow multiple --network flags for podman run/create * fix container cgroup lookup * Make podman service log events * vendor in containers/storage v1.24.1 containers/image v5.8.1 * Document containers.conf settings for remote connections * Shell completion for podman ps and podman pod ps --filter * Add alias for podman network rm -> remove * add network connect|disconnect compat endpoints * Fix sed regex to update version in version/version.go * Github-Actions: Send e-mail on Cirrus cron failure * Align the podman pod ps --filter behavior with podman ps * podman-remote network rm --force is broken * Remove build \!remote flags from test - Changelog for v2.2.0-rc1 (2020-11-18): * Add release notes for v2.2.0-RC1 * correct numbering typo * Align the podman ps --filter behavior with docker * Fix podman pod inspect show wrong MAC string * Fix example for manifest push * add network connect|disconnect compat endpoints * Rename e2e test files to include _test.go suffix * Client call to /play/kube incorrectly set tlsVerify * Add an option to control if play kube should start the pod * Swap out json-iterator for golang default * Fix missing headers in `network ls` * [CI:DOCS] fix an apostrophe nit in man page * remove contrib/gate * Remove some more excessive wrapping and stuttering * Cleanup tutorials * use container cgroups path * Explain the relation between --pod and --network * Make sure /etc/hosts populated correctly with networks * logformatter: highlight timing results * Bump Buildah to v1.18.0, c/storage to v1.24.0 * Cirrus: Invalidate static cache on VM image update * Improve the shell completion api * use lookaside storage for remote tests * Bump k8s.io/apimachinery from 0.19.3 to 0.19.4 * Wrap missing container errors with container ID * system tests: various * Add support for volume ls --filter label=key=value * Podman-remote build is getting ID twice * [CI:DOCS] Touch up Podman description in man page menu * Fix markdown tables on docs.podman.io * short-name aliasing * Set podman-auto-update.service Type=oneshot * test for buildah version in container images. * Add missing --now in systemctl start command * Change podman build --pull=true to PullIfMissing * Fix namespace flag parsing for podman build * Add podman build --net alias for --network * Refactor to use DockerClient vs APIClient * Maintain consistent order of short and long flag names in docs * Fix issues found with codespell * Bump github.com/rootless-containers/rootlesskit from 0.11.0 to 0.11.1 * Install the new shell completion logic * Add shell completion with cobra * Vendor in some cobra PRs to improve the completion experience. * Add support for network connect / disconnect to DB * Ensure we do not double-lock the same volume in create * Cleanup error reporting * Cirrus: update VMs * [CI:DOCS] Restore man page cross-checker * Cirrus: Run validation tests in CI:DOCS mode * Add podman(1) to the list of man pages on docs.podman.io * Set default network driver for APIv2 networks * Add tests to make sure podman-remote logs works correctly. * Add anchors for flag names on docs.podman.io * migrate play kube to spec gen * Add example of fuse-overlay to podman system reset * Bump github.com/containers/common from 0.26.3 to 0.27.0 * skip ipv6 e2e tests on rootless * add e2e test for network with same subnet * enable ipv6 network configuration options * make network name uniq for dnsname tests * network aliases for container creation * system tests: skip journald tests on RHEL8 * Update podman build man page to match buildah bud man page * Cirrus: Detailed CPU/Memory/Time runner.sh stats * podman-pull.1.md: add example for pulling an image by hash * podman-import.1.md: fix paragraph formatting * podman-import.1.md: fix shell syntax * Update CI tests to run python docker library against API * Stop binding layer from changing line endings * Add support for podman search --format json * Add --log-driver to play kube * Show error on bad name filter in podman ps * Use CPP, CC and flags in dep check scripts * Fix link to point at correct content * fix: allow volume creation when the _data directory already exists * rootless container creation settings * fix: podman-system-service doc time is seconds * Bump github.com/rootless-containers/rootlesskit from 0.10.1 to 0.11.0 * Update nix pin with `make nixpkgs` * Use /tmp/podman-run-* for backup XDG_RUNTIME_DIR * Only use container/storage/pkg/homedir.Get() * Add support for mounting external containers * Cirrus: Use F33beta VM image * Cirrus: Simplify artifact collection * Use ping from alpine * Bump github.com/containers/storage from 1.23.8 to 1.23.9 * add a PR template * Use regex for "pod ps" name filter to match "ps" behavior * Add tip re. typical root cause of "Exec format error" to troubleshooting.md * Add tests for network aliases * Make volume filters inclusive * [CI:DOCS]Add Urvashi to podman OWNERS * Improve error messages from failing tests * fedora rootless cpu settings * Test $HOME when it's parent is bind mounted with --userns=keep-id * Update README.md * docs: Mention mounts.conf location for non-root users * Add test/apiv2/rest_api tests to make target * specgen: keep capabilities with --userns=keep-id * specgen: fix check for root user * specgen: add support for ambient capabilities * Add better support for unbindable volume mounts * Bump github.com/containers/storage from 1.23.7 to 1.23.8 * Use osusergo build tag for static build * Change http ConnState actions between new and active * Match build pull functionality with Docker's * Centralize cores and period/quota conversion code * specgen, cgroup2: check whether memory swap is enabled * Fix dnsname when joining a different network namespace in a pod * Bump Buildah to v1.17.0 * manifest list inspect single image * Remove search limit since pagination support * spec: protect against segfault * [CI:DOCS] Fix broken CI readme links * Improve setupSystemd, grab mount options from the host * specgen: split cgroup v1 and cgroup v2 code * specgen: fix error message * When container stops, drop sig-proxy errors to infos * Cirrus: Workaround F32 BFQ Kernel bug * Stop excessive wrapping of errors * Pod's that share the IPC Namespace need to share /dev/shm * Fix the `--pull` flag to `podman build` to match Docker * Restore --format table header support * Create the default root API address path * new "image" mount type * Cirrus: Simplify setting/passing env. vars. * Podman often reports OCI Runtime does not exist, even if it does * rootless: improve error message if cannot join namespaces * NewFromLocal can return multiple images * libpod: clean paths before check * move from docker.io * Cirrus: Use google mirror for docker.io * Cirrus: Always record runc/crun versions * Ensure that attach ready channel does not block * Add a way to retrieve all network aliases for a ctr * Add pod, volume, network to inspect package * Add network aliases for containers to DB * Add test cases to cover podman volume * Document how to enable CPU limit delegation * Add more details about how CPU limits work * set resources only when specified * Improve the journal event reading * build(deps): bump github.com/containers/common from 0.26.0 to 0.26.3 * Support hashed hostnames in the known_hosts file * image list: check for all errors * Yet another iteration on PR title plugin * System tests: cleanup, make more robust * pr update action: fix errors on master branch * The cidfile should be created when the container is created * auto update: mark it as non-experimental * Add support for host keys for non-22 ports * fix: podman-cp respects "--extract" flag * add GitHub action to add non-main branch to PR title * filter events by labels * Bump github.com/spf13/cobra from 1.1.0 to 1.1.1 * Bump github.com/containers/buildah from 1.16.4 to 1.16.5 * src: nil check * Don't error if resolv.conf does not exists * src: add nil checks * replace net_raw with setuid * fix: /image/{name}/json returns RootFS layers * APIv2 compatibility network connect|disconnect * Tests: Check different log driver can work with podman logs * podman create doesn't support creating detached containers * Fix pull method selection * set compat network driver default * Add hostname to /etc/hosts for --net=none * Add a Degraded state to pods * Refactor podman to use c/common/pkg/report * container create: record correct image name * Add EOL to compat container logs * save image remove signatures * Switch use of Flags to Options * Bump k8s.io/apimachinery from 0.19.2 to 0.19.3 * Fix handling and documentation of podman wait --interval * Podman build should default to not usins stdin * Tests: Fix common flakes, and improve apiv2 test log * Retrieve network inspect info from dependency container * refactor api compatibility container creation to specgen * Fix ps port output * Ensure that hostname is added to hosts with net=host * Add a system test to verify --runtime is preserved * Use runtime names instead of paths in E2E tests * Re-create OCI runtimes by path when it is missing * When given OCI runtime by path, use path as name * fix: neutral value for MemorySwappiness * Make invalid image name error more specific * System tests: remove some misleading 'run's * --tls-verify and --authfile should work for all remote commands * Fix host to container port mapping for simple ranges * Always add the dnsname plugin to the config for rootless * Make man page headings more consistent * Update podman-remote start --attach to handle detach keys * Update podman-remote run to handle detach keys * Bump github.com/containers/common from 0.24.0 to 0.26.0 * Fix panic when runlabel is missing * Fix podman image trust show --raw output * Fix podman-run man page heading * Fix sorting issues in completions * Add support for external container * fix podman container exists and diff for storage containers * Fix possible panic in libpod container restore * Bump github.com/spf13/cobra from 1.0.0 to 1.1.0 * System test additions * Setup HOME environment when using --userns=keep-id * Setup HOME environment when using --userns=keep-id * Fix indentation for `podman pod inspect` * Cirrus: Execute docker-py tests on a VM * Restore --format table support * Convert Split() calls with an equal sign to SplitN() * Bump github.com/onsi/gomega from 1.10.2 to 1.10.3 * Restore indent on JSON from `podman inspect` * Enforce LIFO ordering for shutdown handlers * alter compat no such image message * Cirrus: Restore APIv2 Testing * Cirrus: Ability to skip most tests for docs updates * Restore --format: stats & pod ps * Enable masking stop signals within container creation * APIv2 tests: try again to fix them * Add a shutdown handler package * System tests: run with local podman, not remote * Remove a note that the HTTP API is not yet stable. * APIv2 tests: get them passing again * Add support for resource limits to play kube * Resolve #7860 - add time.RFC3339Nano into ContainerJSONBase * Add more APIv2 tests for images: push, tag, untag, rmi and image tree. * Include CNI networks in inspect output when not running * Monitor for client closing stream * pkg/spec: fix a confusing error message * Search repository tags using --list-tags * Fix the "err: cause" order of OCI runtime errors * tests/e2e: Add Toolbox-specific test cases * This PR allows users to remove external containers directly * Fix documentation link and typo * Restore --format table... * Add support for resource cpu limit to generate kube * Port V1 --format table to V2 podman * BlobInfoCacheDir is set incorrectly when copying images * Store cgroup manager on a per-container basis * --format updates for images/diff.go * add compatibility endpoint for exporting multiple images * Restore --format 'table...' to commands * Ports given only by number should have random host port * Update nix pin with `make nixpkgs` * add prerequisite section before building binaries * newlines on all container detaches * Cirrus: Fix obtaining a CI VM * APIv2 compatibility rootless network fix * Port commands to V2 --format 'table...' * system tests: cleanup, and add more tests * prevent unpredictable results with network create|remove * Enable k8s configmaps as flags for play kube * Attempt to turn on some more remote tests * Use WaitWithDefaultTimeout in cleanup * Move pod jobs to parallel execution * Populate /etc/hosts file when run in a user namespace * Cirrus: Fix running shellcheck locally * Cirrus CI runner: refactor * fix apiv2 /containers/$name/json return wrong value in `.Config.StopSignal` * pkg/cgroups/createCgroupv2Path: nits * Lowercase some errors * Remove excessive error wrapping * Support max_size logoptions * Fixes remote attach and exec to signal IdleTracker * Cirrus: Skip deep testing on branches * logformatter: run on system tests & bindings * Fix handling of CheckRootlessUIDRange * Cirrus: Fix branch-validation failure * Add TODO for adding CPU limit support * Add support for resource memory limit to generate kube * Fix podman-remote ps --ns broken * fix closed the remote connection on pull causes service panic * Add SELinux support for pods * Cirrus: Implement podman automation 2.0 * compat: images/create: fix tag parsing * Fix Podman logs reading journald * Restore "table" --format from V1 * --rm option shold conflicts with --restart * Bump github.com/containers/common from 0.23.0 to 0.24.0 * libpod: check the gid is present before adding it * podman-remote does not support most of the global flags * Correct to latest version * Bump github.com/containers/buildah from 1.16.2 to 1.16.4 * image prune: remove all candidates * spec: open fuse with --device .*/fuse * rootless: use sync.Once for GetAvailableGids() * rootless: move GetAvailableGids to the rootless pkg * logformatter: add Synopsis at top of each page * Podman containers/pods prune should throw an error if user adds args * fix compat api privileged and entrypoint code * Migrate container images to automation_images * system test: untag all test * remote: fix name and ID collisions of containers and pods * Add additionalGIDs from users in rootless mode * Fix some flakes in the e2e network tests. * Update rootless_tutorial.md * Volume prune should not pass down the force flag * Support --http-proxy for remote builds * fix: The container created by APIV2 has an incorrect Env and WorkDir * misc fixes for f33 integration tests * fix allowing inspect manifest of non-local image * Distinguish userns vs containerized tests * Don't disable Go modules when generating varlink * Use local image if input image is a manifest list * image look up: consult registries.conf * pkg/registries: add a retiring note * Attempt to test all Broken SkipIfRootless FIXME * Make the e2e test network cleanup more robust. * Fix ubuntu exec_test * capabilities: always set ambient and inheritable * libpod: bump up rootless-cni-infra to v3 * rootless-cni-infra v3: fix cleaning up DNS entries * fix remote untag * Make all Skips specify a reason * Fix handling of remove of bogus volumes, networks and Pods * We already set container=podman environment variable * Refactor IdleTracker to handle StateIdle transitions * System tests: add podman run --tz * System tests: corner case for run --pull * healthchecks: return systemd-run error * Add X-Registry-Config support * Gating-test fix: deal with new crun error msg * Bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0 * Apply suggestions from code review * Adds missing . to README.md file. * Ignore containers.conf sysctl when namespaces set to host * System tests: reenable some skipped tests * Journald log driver test * fix for compatibility volume creation * Add section about current differences * Fix network remove for the podman remote client * Fix podman network rm --force when network is used by a pod * Remove SkipIfRootless if possible, document other calls * Properly handle podman run --pull command * Updating on supported restart policy * Add support for slirp network for pods * rootless: fix hang when newidmap is not installed * Remove some SkipIfRootess flags from tests * Bump github.com/containers/common from 0.22.0 to 0.23.0 * HTTP Attach: Wait until both STDIN and STDOUT finish * build: honor --runtime setting * remote load: check if input is directory * stats: break out CLI options * new endpoint: /libpod/containers/stats * apiv2 container limit differ from docker-api * system tests: helpers: safer parse_table * system tests: new test for run --log-driver * set interactive mode with compat create endpoint * Allow filtering on pod label values * Remove final v2remotefail failures * Fix a bug where log-driver json-file was made no logs * e2e tests: SkipIfRemote(): add a reason * stats refactor * Systemd should be able to run as rootless * Bump github.com/containers/buildah from 1.16.1 to 1.16.2 * Examine all SkipIfRemote functions * fix build with varlink * Bump version in README to v2.1.0 * Include cgroup manager in `podman info` output * Add Server header to API service responses * Bump to v2.2.0-dev * podman save: fix redirect of multi-images * pkg/hooks: support all hooks * Print nice error message when python is not installed * add missing return for compat kill * system tests: new tests * Evict containers before removing via V2 API * Cirrus: Add gpg2 to Ubuntu images * Fix mismatch between log messages and behavior of libpod.LabelVolumePath. - Changelog for v2.1.0 (2020-09-22): * Update release notes for v2.1.0 Final Release * Fix up attach tests for podman remote * update stale bot * [CI:DOCS] Add 'In Progress' note to CONTRIBUTING.md * Restore 'id' stanza in pull results * Fix podman image unmount to only report images unmounted * libpod: bumps up rootless-cni-infra to 2 * stats: log errors instead of sending 500 * Fix incorrect parsing of create/run --volumes-from * rootless-cni-infra: fix flakiness during bringing up lo interface * Fix handling of podman-remote stop --ignore * Refactor version handling in cmd tree * Preserve groups in exec sessions in ctrs with --user * Install bats as root * Makefile: Fix broken libpodimage targets * stats: detect closed client connection * stats endpoint: write OK header once * handle the play kube and generate kube for with restartPolicy * fix the .Path and .Args when use the infra-command * Update nix pin with `make nixpkgs` * fix a typo of login.1.md * Bump github.com/rootless-containers/rootlesskit from 0.10.0 to 0.10.1 * enable --iidfile for podman-remote build * update github.com/docker/docker and relevant deps * Make Go builds more consistent * dependabot-dance: new tool for managing revendor PRs * WIP: Fix remote logs - Changelog for v2.1.0-rc2 (2020-09-17) * Update release notes for Podman v2.1.0-RC2 * Fix play_kube_test deployment template * fix missing completion in podman run * Bump k8s.io/apimachinery from 0.19.1 to 0.19.2 * image list: return all associated names * Add labels to a pod created via play kube * Refactor remote pull to provide progress * --mount: support arbitrary mount-argument order * Fix podman pod create --infra-command and --infra-image * Fix "rootless-cni-infra + runc fails with ENODEV" * podman version and --version: fix format, exit * Supports import&run--signature-policy * Fix CI breakage due to PR collision * [CI:DOCS]update owners file * Refactor API version values * Fix --systemd=always regression * Correct HTTP methods for /containers/{id}/archive * events endpoint: header: do not wait for events * run/create: record raw image * rootless CNI: extract env and cmd from image * libpod: rootless CNI image: use quay * move `rootless-cni-infra` image to quay.io * vendor github.com/containers/image/v5@v5.6.0 * podman wait accept args > 1 * Usability: prevent "-l" with arguments * Document the connection path for podman --remote * Refactor API build endpoint to be more compliant * pull types allow initial caps * Determine if resolv.conf points to systemd-resolved * Bump to v2.1.0-dev * Fix completions for namespaces - Changelog for v2.1.0-rc1 (2020-09-11) * Add release notes for Podman v2.1.0-RC1 * Vendor in containers/buildah 1.16.1 * Vendor in containers/common v0.22.0 * system df: fix image-size calculations * add @edsantiago to OWNERS file * sort OWNERS file * remote run: fix error checks * Fix up errors found by codespell * Document --read-only --rootfs requirements * Force Attach() to send a SIGWINCH and redraw * run_networking e2e test: add cleanup to some tests * play/generate: support shareProcessNamespace * system tests: cleanup * allowed underscores to remain in name for YAML * Add read-only mount to play kube * Add auth.json(5) link to login/logout docs * libpod: read mappings when joining a container userns * Make an entry in /etc/group when we modify /etc/passwd * podman container runlabel should pull the image if it does not exist * Bump k8s.io/apimachinery from 0.19.0 to 0.19.1 * vendor containers/storage v1.23.5 * remote run: consult events for exit code * Cirrus: Obsolete CI:IMG process & related files * Fix podman container runlabel --display * Make oom-score-adj actually work * compat kill: only wait for 0 signal and sigkill * remote kill: don't wait for the container to stop * Fix podman ps -l * generate systemd: catch `--name=foo` * Fix podman build --logfile * fix APIv2 pods top of non-exist pod gets two response value * Extend bash completion to cover new flags * Update man page of `manifest add` * manifest push: handle cert-dir flag * Extend flags of `manifest add` * Show c/storage (Buildah/CRI-O) containers in ps * rootless: support `podman network create` (CNI-in-slirp4netns) * add contrib/rootless-cni-infra * [CI:DOCS] Update remote tutorials * Don't setup the Image/ContainerEngine when calling a cmd with subcmds * Makefile: add cross compile targets for more arches * Migrate away from docker.io * podman stop: do not cleanup for auto-removal * Bump github.com/onsi/gomega from 1.10.1 to 1.10.2 * support multi-image (docker) archives * Fix typo in the remove network api doc * APIv2 Add network list filtering * Bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1 * make image parent check more robust * Fix unconfined AppArmor profile usage for unsupported systems * Bump github.com/containers/storage from 1.23.2 to 1.23.4 * Add global options --runtime-flags * [CI:DOCS] Add macos build to ci * Fix system df inconsistent * [CI:DOCS] Add note on run image fuse problem - try 2 * WIP: update VM images * APIv2 add generate systemd endpoint * We should not be mounting /run as noexec when run with --systemd * Bump github.com/gorilla/mux from 1.7.4 to 1.8.0 * Don't create ~/.config after removing storage.conf * Update master with release notes for v2.0.6 * APIv2 test: add more tests for containers * Ensure rootless containers without a passwd can start * use crio runc on CICID ubuntu * bindings: reenable flaky(?) pause/unpause test * handle play kube with pod.spec.hostAliases * Bump github.com/google/uuid from 1.1.1 to 1.1.2 * Bump k8s.io/api from 0.18.8 to 0.19.0 * play kube: handle Socket HostPath type * Small tweaks to readme scope section * Update Master to reflect v2.0.5 release * fix panic when checking len on nil object * Add support for variant when pulling images * Document override-arch and override-os * Delete prior /dev/shm/* * Don't remove config files with podman system reset * Just use `rm` for helper command to remove storage * Bump github.com/containernetworking/plugins from 0.8.6 to 0.8.7 * Fix log level case regression * Use environment from containers.conf * Bump github.com/containers/conmon * Bump github.com/gorilla/schema from 1.1.0 to 1.2.0 * Bump k8s.io/apimachinery from 0.18.8 to 0.19.0 * abi: trim init command * [CI:DOCS] Switch more references from libpod to podman * Switch to containers/common for seccomp * Fix up some error messages * Ensure pod REST API endpoints include ctr errors * Update c/storage to v1.23.2 * BATS: fix corner case in --userns=keep-id test * [CI:DOCS] Update podman-remote docs * Send HTTP Hijack headers after successful attach * fix podman generate kube with HostAliases * [CI:DOCS] Making docs build on mac * Remove test comment for now succeeding tests * Update vendor of buildah to latest code * fix apiv2 will create containers with incorrect commands * [CI:DOCS] fix swagger api docs * Add missing autocomplete * Update nix pin with `make nixpkgs` * podman: add option --cgroup-conf * vendor: update opencontainers/runtime-spec * In podman 1.* regression on --cap-add * error when adding container to pod with network information * fix /libpod/pods/json returns null when there are no pods * fix pod creation with "new:" syntax followup + allow hostname * [CI:DOCS] Include Go bindings tutorial * Unmount c/storage containers before removing them * Cirrus: special-case CI colon-IMG and colon-DOCS only in subject * Add support for --connection * system tests: enable more remote tests; cleanup * Note port publishing needs in pods for create/run * Cirrus: Increase integration-testing timeout * Bump github.com/containers/image/v5 from 5.5.1 to 5.5.2 * generate systemd: quote arguments with whitespace * Ensure DefaultEnvVariables is used in Specgen * Support sighup reload configuration files * fix podman version output to include git commit and builttime * Don't limit the size on /run for systemd based containers * abi: fix detection for systemd * fix podman create/run UTS NS docs * Remove help/usage from --remote pre-check * flake fix: podman image trust * e2e tests: use actual temp dirs, not "/tmp/dir" * Re-disable sdnotify tests to try to fix CI * Clean up pods before returning from Pod Stop API call * Use `bash` binary from env instead of /bin/bash for scripts * Wait for reexec to finish when fileOutput is nil * Bump k8s.io/api from 0.18.6 to 0.18.8 * Bump github.com/containers/storage from 1.21.2 to 1.23.0 * podman support for IPv6 networks * Add pointer to troubleshooting in issue template * Bump k8s.io/apimachinery from 0.18.6 to 0.18.8 * system tests: enable sdnotify tests * Ensure pod infra containers have an exit command * podman.service: use sdnotiy * run, create: add new security-opt proc-opts * Add support for setting the CIDR when using slirp4netns * add event for image build * podman-remote fixes for msi and client * podman save use named pipe * Change /sys/fs/cgroup/systemd mount to rprivate * Add parameter verification for api creation network * add xz as a recommended pkg * Makefile: use full path for ginkgo * Replace deepcopy on history results * Fix hang when `path` doesn't exist * Cross-reference *.rst files too * Ensure correct propagation for cgroupsv1 systemd cgroup * Man pages: assert that subcommands are in order * Use set for systemd commands * Enable systemd mode for /usr/local/sbin/init * Allow specifying seccomp profiles for privileged containers * Update nix pin with `make nixpkgs` * Add the Status field in the ps --format=json * Add missing pages for docs.podman.io * Align images with Buildah * Error pass through for more accurate error reporting * remove --latest for all remote commands * Remove TEST_REMOTE_CLIENT from RCLI * Fix handling of working dir * Default .Repository and .Tag values to * generate systemd: fix error handling * Do not use image CMD if user gave ENTRYPOINT * Unconditionally retrieve pod names via API * system tests: podman-remote, image tree * [CI:DOCS] BZ1860126 - Fix userns defaults in run man page * changes to support outbound-addr * image list: speed up * fix podman logs --tail when log is bigger than pagesize * [CI:DOCS] Update podmanimages README.md * Ensure that exec errors write exit codes to the DB * podman-remote send name and tag * Refactor parsing to not require --remote to be first * Handle podman-remote run --rm * correct go-binding key for volumes * HACK HACK try debugging build * Retry pulling image * fix bug podman sign storage path * validate fds --preserve-fds * Remove duplicated code * Improve error message when creating a pod/ctr with the same name * podman: support --mount type=devpts * rootless: system service joins immediately the namespaces * docker-compose uses application/tar * Missing return after early exit * Ensure WORKDIR from images is created * Bump to Buildah 1.16.0-dev in upstream * Do not set host IP on ports when 0.0.0.0 requested * Reenable remote system tests * implement the exitcode when start a container with attach * Install auto-update services for users * Fix test failure regarding unpackaged files. * Install auto-update systemd service and timer. * podman.service: drop install section * Remove some unnecessary []byte to string conversions * Speedup static build by utilizing CI cache on `/nix` folder * API returns 500 in case network is not found instead of 404 * Change recommended systemd unit path for root. * Update master README and release notes for v2.0.4 * Ensure libpod/define does not include libpod/image * Fix podman service --valink timeout * Add versioned _ping endpoint * fix pod creation with "new:" syntax * Cirrus: Utilize freshly built images * Cirrus: Install golang 1.14 on Ubuntu * Cirrus: Add python packages to images * Make `search --no-trunc` work for podman remote * API: Fix 'podman image search` missing description * Add test case for description being present in search result * Fix close fds of exec --preserve-fds * volumes: do not recurse when chowning * Handle single character images * rootless: add a check for the host id included in the range * fix swapped mem_usage/percent fields * rootless: child exits immediately on userns errors * rootless: do not ignore errors if mappings are specified * add {{.RunningFor}} placeholder in ps --format * fix close fds of run --preserve-fds * fix podman system df format error * Ensure that 'rmi --force' evicts Podman containers * System tests: new system-df and passwd tests * Binding the same container port to >1 host port is OK * Return NamesHistory when returning remote images * Don't crash when giving bogus format commands * bindings: skip flaky pause/unpause test * logformatter: more libpod-podman fallout * [CI:DOCS] apiv2 fix volumes not inculded field * Fix `podman image search` missing description * Specifying --ipc=host --pid=host is broken * Fix building from http or '-' options * System tests: add environment, volume tests * Add podman image mount * Switch all references to github.com/containers/libpod -> podman * compat/info.go: TrimPrefix(CGroupsVersion, "v") * Bump github.com/rootless-containers/rootlesskit from 0.9.5 to 0.10.0 * add newline to output in error message * Cleanup handling of podman mount/unmount * Corrects typo in the name of the Linux package shadow-utils. * When chowning we should not follow symbolic link * Update transfer doc * test/apiv2: add a simple events test * API events: fix parsing error * CI - various fixes * Remove 'experimental' from API doc * replace the html/template package with text/template * update configuration for rootless podman * Fix exit code example in podman-run.1.md * Make changes to /etc/passwd on disk for non-read only * Update release notes and README on master for v2.0.3 * Update system.rst * The `podman start --attach` command should not print ID * Refactor container config * Fix typos on documentation 'What is Podman' page * CI: fix rootless permission error * Bump github.com/containers/common from 0.17.0 to 0.18.0 * [WIP] Refactor podman system connection * Publish IP from YAML (podman play kube) * Turn on a bunch more remote tests * logformatter: handle podman-remote * Cirrus: Switch to freshly built image * Cirrus: Add packages that provide htpasswd * Cirrus: Ensure GOPATH is properly set during image-builds * CI: attempt to fix flake in login test * Support default profile for apparmor * Bump github.com/containers/storage from 1.21.1 to 1.21.2 * Bump github.com/containers/common from 0.16.0 to 0.17.0 * Enable a bunch of remote tests * Enable --remote flag * Add --umask flag for create, run * fix play kube doesn't override dockerfile ENTRYPOINT * Do not print an error message on non-0 exec exit code * Document proxy env var precedence * BATS help-message test: improve diagnostics * Add noop function disable-content-trust * Fix Generate API title/description * docs: Clarify how env var overriding works * Update the README to reflect the libpod move * make localunit: record coverage * unit tests: root check * docs: Fix formatting mistake * logformatter: update MAGIC BLOB string * Switch references from libpod.conf to containers.conf * BATS tests: more resilient remove_same_dev_warning * Add support for overlay volume mounts in podman. * Re-enable a generate kube test that failed on Ubuntu * events endpoint: backwards compat to old type * podman.service: set type to simple * podman.service: set doc to podman-system-service * podman.service: use default registries.conf * podman.service: use default killmode * podman.service: remove stop timeout * events endpoint: fix panic and race condition * systemd: symlink user->system * fix: system df error when an image has no name * document CAP_SYS_ADMIN required for systemd PrivateNetwork * Cleanup nix derivation for static builds * Used reference package with errors for parsing tag * abi: set default umask and rlimits * docs: document the new slirp4netns options * network, slirp4netns: add option to allow host loopback * libpod: pass down network options * The compat create endpoint should 404 on no such image * Bump github.com/containers/common from 0.15.2 to 0.16.0 * Bump k8s.io/api from 0.18.5 to 0.18.6 * Bump k8s.io/apimachinery from 0.18.5 to 0.18.6 * Bump github.com/containers/conmon * vendor golang.org/x/text@v0.3.3 * Fix `podman system connection` panic * Preserve passwd on container restart * Fix & add notes regarding problematic language in codebase * Error on rootless mac and ip addresses * allow switching of port-forward approaches in rootless/using slirp4netns * Fix "Error: unrecognized protocol \"TCP\" in port mapping" * APIv2 tests: fix race condition causing CI flake * system tests: check for masked-device leaks * system tests: new tests for run, exec * Bump github.com/uber/jaeger-client-go * Bump github.com/containers/storage from 1.21.0 to 1.21.1 * Fix lint * Add SystemdMode to inspect for containers * play-kube: add suport for "IfNotPresent" pull type * Mask out /sys/dev to prevent information leak from the host * Fix handling of entrypoint * docs: user namespace can't be shared in pods * When determining systemd mode, use full command * Populate remaining unused fields in `pod inspect` * Include infra container information in `pod inspect` * [CI:DOCS]Do not copy policy.json into gating image * Fix systemd pid 1 test * Remove outdated seccomp policy * Correctly print STDOUT on non-terminal remote exec * Pids-limit should only be set if the user set it * Don't setup AppArmor provile for privileged pods * Ensure sig-proxy default is propagated in start * Fix container and pod create commands for remote create * version/info: format: allow more json variants * Bump github.com/containers/storage from 1.20.2 to 1.21.0 * Fix: Correct connection counters for hijacked connections * Fix: Hijacking v2 endpoints to follow rfc 7230 semantics * Remove hijacked connections from active connections list * Remove all instances of named return "err" from Libpod * Vendor in new version of Buildah * Remove dependency on github.com/opencontainers/libpod/configs * logs: enable e2e tests * log API: add context to allow for cancelling * Fix saving in oci format * APIv2:fix: Get volumes from `Binds` when creating * fix API: Create container with an invalid configuration * Update release notes on Master for v2.0.2 * Minor: Remove two inaccurate comments * Cirrus: Rotate keys post repo. rename * fix race condition in `libpod.GetEvents(...)` * Add username to /etc/passwd inside of container if --userns keep-id * Add support for Filter query parameter to list images api * Disable mount tests as rootless * Change buildtag for remoteclient to remote for testing * BATS system tests for new sdnotify * Implement --sdnotify cmdline option to control sd-notify behavior * Fix bug where `podman mount` didn't error as rootless * move go module to v2 * Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0 * auto-update: clarify systemd-unit requirements * podman ps truncate the command * Set engine env from common config * Fix issue #6803 Container inspect endpoint returns null for NetworkSettings/Ports * Bump imagebuilder to v1.1.6 in upstream * Add --tz flag to create, run * Print errors from individual containers in pods * stop podman service in e2e tests * Fix `system service` panic from early hangup in events * Bump github.com/opentracing/opentracing-go from 1.1.0 to 1.2.0 * APIv2:fix: Handle docker volume force as expected * APIv2: Add docker compatible volume endpoints * Bump k8s.io/api from 0.18.4 to 0.18.5 * test.apiv2: add testing for container initializing * Bump github.com/containers/common from 0.14.3 to 0.15.1 * Created timestamp returned by imagelist should be in unix format * APIv2 tests: usability: better test logging * docs: recommend alternatives to podman inspect * utils: fix parsing of cgroup with : in the name * Bump k8s.io/apimachinery from 0.18.4 to 0.18.5 * Set TMPDIR to /var/tmp by default if not set * fix: Don't override entrypoint if it's `nil` * Add a note on the APIs supported by `system service` * test: add tests for --user and volumes * container: move volume chown after spec generation * libpod: volume copyup honors namespace mappings * Set console mode for windows * systemd system test: run auto-update * Allow empty host port in --publish flag * Fix a bug with APIv2 compat network remove to log an ErrNetworkNotFound instead of nil * Fixes --remote flag issues * Ensure umask is set appropriately for 'system service' * system tests: add pod, inspect testing * specgen: fix order for setting rlimits * Revert sending --remote flag to containers * vendor github.com/containers/common@v0.14.3 * podman: add new cgroup mode split * systemd generate: allow manual restart of container units in pods * e2e inspect: HostConfig.SecurityOpt * generate systemd: improve pod-flags filter * Print port mappings in `ps` for ctrs sharing network * Fix python dockerpy tests * Add support for dangling filter to volumes * Friendly amendment for pr 6751 * Set syslog for exit commands on log-level=debug * Add containers.conf default file for windows and MAC Installs * Docs: consistency between man / --help * utils: drop default mapping when running uid!=0 * podman run/create: support all transports * Fix inspect to display multiple label: changes * podman untag: error if tag doesn't exist * Set stop signal to 15 when not explicitly set * libpod: specify mappings to the storage * APIv2: Return `StatusCreated` from volume creation * APIv2:fix: Remove `/json` from compat network EPs * Fix ssh-agent support * APIv2:doc: Fix swagger doc to refer to volumes * BATS tests: new too-many-arguments test * Reformat inspect network settings * Add podman network to bash command completions * Fix typo in manpage for `podman auto update`. * Add tests for --privileged with other flags * Add JSON output field for ps * V2 podman system connection * wip * system tests: invoke with abs path to podman * image load: no args required * system tests: new rm, build tests * Fix conflicts between privileged and other flags * Re-add PODMAN_USERNS environment variable * libpod/containers/json: alias last -> limit * Bump required go version to 1.13 * Makefile: allow customizable GO_BUILD * Add explicit command to alpine container in test case. * "pod" was being truncated to "po" in the names of the generated systemd unit files. * Use POLL_DURATION for timer * rootless_linux: improve error message * Stop following logs using timers * Add container name to the /etc/hosts within the container * Update release notes for v2.0.0 * Update README to reflect that v2.0.0 has been released * Bump master to v2.1.0-dev following release of v2.0 * Fixes #6670 * Correct logic for demux'ing channels * Account for non-default port number in image name * correct the absolute path of `rm` executable * Poll on events for file reading * Add --preservefds to podman run * podman images --format json: pretty print * Fix podman build handling of --http-proxy flag * search: allow wildcards * CI: force registry:2.6 * Fix remote docs * Allow recursive dependency start with Init() * Bump k8s.io/apimachinery from 0.18.3 to 0.18.4 * unflake rmi tests * Bump k8s.io/api from 0.18.3 to 0.18.4 * Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5 * Podman system service is no longer experimental * Handle dropping capabilties correctly when running as non root user * Don't ignore --user flag in rootless --userns keepid * Bump to v2.0.0-dev * Makefile: install.varlink needs to create dirs * Do not share container log driver for exec - Changelog for v2.0.0-rc7 (2020-06-17) * Bump Buildah to v1.15.0 * Move logs functionality to separate file for APIv2 * generate systemd: `ExecStopPost` for all units * Revert #6591 to fix issue with failed tests * vendor github.com/containers/image/v5@v5.5.1 * Add support for the unless-stopped restart policy * fix misc remote build issues * "streaming output" logs test: fix flake * Fix handling of old oci hooks * [CI:DOCS] Fixes #6548 * Re-add resource limit warnings to Specgen * Add to lines returen in podman-remote logs * Vendor containers/common v0.14.0 * Show Anon, GID, UID in v2 volumes * Fix podman inspect on overlapping/missing objects * Fix --init and --init-path * Fix podman-remote images * Revert "Change Varlink systemd unit to use `system service`" * Bump github.com/containers/conmon * handlers/compat: fix lint error * auto-update: use image's arch * APIv2 tests: Add some tests for podman pods * Add deprecated message to varlink command * Handle errors on attach properly * fix podman cp can create an extra directory level * Remove redundant break in for loop. * Bump to v2.0.0-dev * generate systemd: `--replace` on named containers/pods * pod create --replace * {create,run} --replace * Bump github.com/uber/jaeger-client-go * Bump github.com/onsi/ginkgo from 1.12.3 to 1.13.0 * Adds more docker py test * The string field of Built was missing from server * Add some additional fields to imageinspect * Do not print error message when container does not exist * Changed from t.StopAtEOF() to t.Stop() and added error check * Fix -f logs to stop when a container exits * Add the missing return * Fix -f logs follow with stopped container - Changelog for v2.0.0-rc6 (2020-06-15) * Change Varlink systemd unit to use `system service` * Turn on More linters * Do not default WorkingDir to / on client side * Reassemble filters on the server side * Bump github.com/containers/common from 0.13.0 to 0.13.1 * [CI:DOCS] Fix carriage returns in API v2 header * Fix missing code during in_podman build * update document login see config.json as valid * [CI:DOCS] Add quick start directions to APIv2 Dock * Fix builds for RDO * podman: create scope only if --cgroup-manager=systemd * libpod: fix check for slirp4netns netns * e2e: sanity check --infra-conmon-pidfile * generate systemd: wrap pod/ctr lookup errors * docs: create/run fix --pod-id-file description * generate systemd: create pod template * generate systemd: refactor * add (*Pod).CreateCommand() * generate systemd: rename source files * generate systemd: rephrase lookup error * pod create: add `--infra-conmon-pidfile` * generate systemd: rename "cid" to "ctr-id" * container-{create,run}: add `--pod-id-file` * podman-pod{rm,start,stop}: support --pod-id-file * systemd/generate: remove unused infra container field * pod config: add a `CreateCommand` field * Fixed bug where 'podman log ' would truncate some lines. * Enable IPv6 port binding * Bump to v2.0.0-dev * container: do not set hostname when joining uts * container: make resolv.conf and hosts accessible in userns * WIP: Enable (and disable) remote testing * fix api fails with 'strconv.ParseUint: parsing "tcp": invalid syntax' * Fix play kube report printing when no containers are created * Fix missing doc for field in PlayKubePod * Update comment related to seccomp profiles in play kube * Consistent Yaml convention througout play kube tests * Fix podman generate tests that relied on play kube * Add tests for Deployment Kind and minor fix for play kube output * Fix existing tests * Modify PlayKubeReport to preserve pod->container mapping * supporting k8s Deployment objects - Changelog for v2.0.0-rc5 (2020-06-10) * Fix Id->ID where possible for lint * Fixup issues found by golint * podman-events: clarify streaming behaviour * Cirrus: Include packages for containers/conmon CI * Ensure signal validation happens first in pod kill * Bump github.com/json-iterator/go from 1.1.9 to 1.1.10 * Bump github.com/containers/common from 0.12.0 to 0.13.0 * Improve swagger+CORS metadata docs * Ensure Conmon is alive before waiting for exit file * Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 * e2e: disable checkpoint test on Ubuntu * force bats version to v1.1.0 * Enable Ubuntu tests in CI * Modify py test to start stop system service for each test * Add parallel operation to `podman stop` * Fix handling of systemd. * Add parallel execution code for container operations * Fix handling of ThrottleWriteIOPSDevice * Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0 * Strip defaults from namespace flags * Ensure that containers in pods properly set hostname * Adds docker py regression test. * Turn on the podman-commands script to verify man pages * Attempt to turn on special_testing_in_podman tests * Bump to v2.0.0-dev - Changelog for v2.0.0-rc4 (2020-06-04) * /images/.../json: fix port parsing * BATS and APIv2: more tests and tweaks * Vendor in container/storage v1.20.2 * add socket information to podman info * Namespace fields were set with bogus values * When stopping containers locally, ensure cleanup runs * Remove use of ABISupport buildtag * fix remote test --ignore & turn on more tests * Ensure that image/container inspect are specialized * turn on remote stop_test * V2 Add support for ssh authentication methods * Add a few CVE entries to changelog.txt * Add more Remote tests * RHEL8 and Centos8 don't have oci-runtime yet * test.apiv2: add test cases for committing an image from a container * Turn on remote rm_test --cidfile * Properly follow linked namespace container for stats * Fix a segfault in `podman inspect -l` w/ no containers * Remove reference to "upcoming" RHEL 7.7 * Bump Conmon in COPR spec * Enable detached exec for remote * check --user range for rootless containers * images --no-trunc: fix ID formatting * make env handling os dependent * Bump github.com/containers/conmon * Bump github.com/onsi/ginkgo from 1.12.2 to 1.12.3 * Update vendor containers/psgo * Bump github.com/opencontainers/runc from 1.0.0-rc9 to 1.0.0-rc90 * Bump github.com/coreos/go-systemd/v22 from 22.0.0 to 22.1.0 * Combine the code of dealing with 'readonly' and 'ro'. * Add bindings for exec and enable attached remote * Add information on detach-keys * system tests : more tests * Add support for format {{.Label}} * turn on remote testing for images. podman-remote build now works. * Add invalid value to error message * Fix leak of empty tarball * Update man pages for --ip with CNI networks * [CI:DOCS] update httpd location in tutorial * default build without `varlink` tag * Bump to v2.0.0-dev * compat handlers: add X-Registry-Auth header support * Don't build code on remoteclient * v2 copy endpoints * Bump github.com/rootless-containers/rootlesskit from 0.9.4 to 0.9.5 * system tests: enable skopeo REGISTRY_AUTH_FILE - Changelog for v2.0.0-rc3 (2020-05-29) * Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 * V2 verify JSON output is consistent and doesn't drift * Vendor in containers/common v0.12.0 * Ensure that signal names can be parsed on Windows * fix `ps --last=N` * test.apiv2: add testing for image and deal with API returning binary * specgen: fix segfault * Add streaming ability to endpoint * Fix builds on 32 bit arches * v2 libpod push: correct docs * container stats: fix --no-stream race * Add --format to pod inspect * Add support for `readonly` option to --mount * docs: fix typo * V2 Fix interface nil checks * [CI:DOCS] Tweak casing in rootless doc * podman-registry: many unrelated fixes * Fix Dockerfile * Bump github.com/opencontainers/selinux from 1.5.1 to 1.5.2 * podman-registry helper script: handle errors * Makefile: customizable $REMOTETAGS * add section on rootless volumes * [CI:DOCS] Prepare image to turn on podman-commands test * Vendor in latest containers/buildah * Turn on Fedora testing * [CI:DOCS] Fix readthedocs link * [CI:DOCS]add crun to gating image * network compatibility endpoints for API * Add MethodNotAllowedHandler() to add in debugging * Follow up PR to fix issues found in #6341 * Bump to v2.0.0-dev * [CI:DOCS]Add conmon to gating image * Attempt to turn on build_without_cgo tests * Attempt to turn on additional build tests * Added new flags to 'podman generate systemd' to change the unit name prefix * Enable rootless tests for podman remote * V2 enable remote logs and testing - Changelog for v2.0.0-rc2 (2020-05-22) * Attempt to turn on integration tests * Removes remote system reset functionality. skip e2e test for remote. * Attempt to turn on special_testing_endpoing tests * Attempt to turn on varlink tests * Attempt to turn on rpmbuild tests * Bump github.com/containers/common from 0.11.2 to 0.11.4 * Enables iidfile test as issue fixed now * [CI:DOCS] Docs revamp. * Fix podman-remote start tests * podman version --format ... was not working * Display human build date in podman info * remote manifest test * Turn on more remote tests * v2 podman-remote build * Fix podman-remote stop --all to handle not running containers * Enable rmi test * Bump github.com/opencontainers/go-digest from 1.0.0-rc1 to 1.0.0 * Remove github.com/libpod/libpod from cmd/pkg/podman * Start testing with cross compilation * Fixes podman pod create --pod-id-file #6292 * remote untag test * Get proper exit code when running or starting a container. * vendor: update seccomp/containers-golang to v0.4.1 * Bump github.com/containers/storage from 1.19.2 to 1.20.1 * Bump github.com/onsi/ginkgo from 1.12.0 to 1.12.2 * Handle filters correctly for podman prune * Fix remote handling of podman images calls * Bump k8s.io/api from 0.18.2 to 0.18.3 * Bump github.com/onsi/gomega from 1.10.0 to 1.10.1 * Enable system prune test remote client * Fix build on OS X * Update Derivative API tutorial to reflect the HTTP API * Turn off 'noexec' option by default for named volumes * enable remote integration tests for init * Add a test for detached exec * Update manpage for `podman exec` to include detach flag * Enable cleanup processes for detached exec * Add ability to clean up exec sessions with cleanup * Add CLI frontend for detached exec * Add backend code for detached exec * Add exit commands to exec sessions * enable pod_create remote integration tests * Fix remote integration for healthchecks * Fix create_test for remote integration * govern remote attach and start * Test fixes for remote integration * V2 API Version Support * Print container state when erroring that it is improper * system tests: more podman-pod tests * don't skip log tests unless remote * [CI:DOCS] Image tree endpoint should return 404 * oci conmon: tell conmon to log container name * add go-bindings for `hack/podman-registry` * New tool: hack/podman-registry, manages local registry * Testcase added for network commands * format option added to network inspect command. * filter option added to network ls command. * Fix mountpont in SecretMountsWithUIDGID * Update troubleshoot page * v2 enable remote integration tests * Get MAC, Windows and Linux podman-remote from latest version links. * V2 Implement terminal handling in bindings attach * Fix EOM for SendFile * Bump to v2.0.0-dev * Give `auto-update` ability to use per-container authfile specified by label. * system tests: small fixes for rawhide+cgroups v1 * Add HairpinMode to our CNI configs - Changelog for v2.0.0-rc1 (2020-05-18) * v2endpoint remove image path correction * Drop APIv2 resize endpoint * Drop a debug line which could print very large messages * v2 podman remote attach, start, and run * Fix lint * Remove duplicated exec handling code * Fix lint * Update API documentation for Inspect * Parameters for ExecStart are body, not query * Prune stale exec sessions on inspect * Remove exec sessions on container restart * Fix start order for APIv2 exec start endpoint * Don't fail when saving exec status fails on removed ctr * Add APIv2 handler for resizing exec sessions * Ensure that Streams are set to defaults for HTTP attach * Wire in endpoint for ExecStart * Add an initial implementation of HTTP-forwarded exec * Make convenience boxed true/false easier to use * Use the libpod.conf cni_config_dir option for inspect and delete * Cirrus: Refresh VM Images, Add Ubuntu 20 LTS * Cirrus: Fix image-name hints * Cirrus: Update Ubuntu 18 to 20 * fix bug --format {{json.}} of events * V2 Update attach bindings to use Readers/Writers vs chan * Ensure that cleanup runs before we set Removing state * Fix two coverity issues (unchecked null return) * Fix REMOTETAGS * Cleanup OCI runtime before storage * Default podman.spec to use crun * Fix checkpoint --leave-running * Bump github.com/containers/storage from 1.19.1 to 1.19.2 * Bump github.com/containernetworking/plugins from 0.8.5 to 0.8.6 * Update release notes and version on master * WIP V2 attach bindings and test * [CI:DOCS]remove libpod.conf from spec * enable remote image tree * Bump github.com/containers/conmon * Bump gopkg.in/yaml.v2 from 2.2.8 to 2.3.0 * system tests: add volume tests * cgroup: skip unified if we are using v1 * enable podman v2 networking for remote client * Remove libpod.conf from repo * add podman remote system df * vendor crio/ocicni@v0.2.0 * test: enable networking test for rootless * rootless: do not set pids limits with cgroupfs * auto-update: support authfiles * Add netgo build tag to static binary * Adds tunnel routes for system reset. * add port to podman remote command * Bump github.com/containers/image/v5 from 5.4.3 to 5.4.4 * Bump github.com/containers/common from 0.11.1 to 0.11.2 * Some BATS cleanup: run and systemd tests * v2podman image sign * shm_lock_test: add nil check * Add podman static build * enable rootless mount tests * spec: fix order for setting rlimits * enable rootless integration testing * [CI:DOCS] Add Security Policy * V2 Impliment tunnelled podman version * Ensure `podman inspect` output for NetworkMode is right * Fix bug where pods would unintentionally share cgroupns * bindings tests for container remove and inspect * Add remaining annotations for `podman inspect` * v2 podman unshare command * Update the Podman readme * v2 podman search rootless * Fix `podman pod create --infra=false` * default to tunnel without ABISupport tag * abi: do not attempt to setup rootless if euid==0 * fix pod stats flake * set binding tests to required * Fix handling of overridden paths from database * Fix typo in path * Makefile: fix a dependency issue * Fixed typo on podman network create man * fix and enable systemd system tests * Bump github.com/onsi/gomega from 1.9.0 to 1.10.0 * auto-update * set --conmon-pidfile * Fix parsing of --network for `podman pod create` * Add podman-remote-static target * podman: split env variables in env and overrides * v2trust set and show * container runlabel * enable login/logut unspecified args * [CI:DOCS] Add link to Tutorials to docs homepage * Enables port test * CI:DOCS: Document API docs + CORS maintenance * Update manpages for image volumes and MAC address * Updated heading from 5 to 6 in link. * add {generate,play} kube * Manifest remove, push * Reenable systemd E2E tests * Revert commit 016a91 already accepted. * Updated heading from 5 to 6 in the link. * Add small fixes for 'podman run' from diffing inspect * manifest annotate * Bump k8s.io/api from 0.17.4 to 0.18.2 * Bump github.com/containers/storage from 1.19.0 to 1.19.1 * Eliminate race condition on podman info * v2 system subcommand * v2 podman stats * BATS help test: check usage string * Rework port parsing to support --expose and -P * [CI:DOC] Add linger to troubleshooting * Fix errors found when comparing podman v1 --help versus V2 * Updated the broken links for the docs. * Updated the broken links for the docs. * image removal: refactor part 2 * build(deps): bump github.com/uber/jaeger-client-go * Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 * [CI:DOC]Use full repo name in podmanimage Dockerfiles * Fix errors found in coverity scan * Remove skip on containers.conf tests * cgroupsns was not following containers.conf * Properly handle default capabilities listed in containers.conf * Properly handle containers.conf devices * [CI:DOCS] Bring README.md up to date * And system prune feature for v2. * Fix errors found in coverity scan * check --get-login when login * search --limit compatible with docker * add provided cni networks to spec gen * fix commands without input * System tests: help messages: check required-arg * v2networking enable commands * V2 Commands that require ParentNS (rootful) are report error * Cirrus: Utilize new cache images * Cirrus: Utilize new base images * cirrus: Update to Fedora 32 proper * Enable prune integration test. Fixes container prune. * test: enable start tests * podman, start: propagate back the raw input * test: enable remaining run tests * test: enable entrypoint tests * test: enable create tests * cmd, podman: do not override entrypoint if unset * cmd, podman: use String instead of variable+StringVar * cmd, podman: handle --pod new:POD * create: propagate override-arch and override-os * testv2: enable attach test * V2 enable ps tests * enable final system test * V2 restore podman -v command * V2 Restore images list tests * enable search tests * pull/search options: tls verify -> skip * test: enable cp tests * login system test: enable "push ok" * enable the push e2e tests * push: fix --tls-verify * push: simplify cmd * rootlessport: use two different channels * specgen: honor slirp4netns * rootless: move ns open before fork * push: fix push with one argument * enable inspect tests * generate systemd * Update release notes and README for 1.9.1 release * Update podmanimage files to adjust perms on containers.conf for rootless * User specified environment happen after other environments are set * system tests must pass * Fixes podman save fails when specifying an image using a digest #5234 * Fix typos in rm messages * check image media/manifest type for healthchecks * test: enable exec tests * pkg, specgen: do not hardcode user=0 in the config if not specified * specgen: remove dead code * cmd: set correct parent for container exec * Set up ulimits for rootless containers. * enable build tests * enable volume integration tests * separate healthcheck and container log paths * install.md: Fix typo * Improve Entrypoint and Command support * Add support for volumes-from, image volumes, init * Fix NewSpecGenerator args in pkg/bindings/test * enable load integration tests * test: enable all pod tests * libpod: set hostname from joined container * namespaces: accept pod namespace * pkg, ps: add namespaces methods * enable integration tests for restart * Make podman container list == podman ps * test: enable pod rm tests * pkg, pods: report pod rm errors * pkg, pods: pod rm honors --ignore * test: enable pod restart tests * pkg, pods: not lose pod start/restart errors * test: enable pod stop tests * pkg, pods: honor --ignore for pod stop * test: enable pod create tests * specgen: relax test to accept default network * spec, pod: honor --dns * spec: propagate --no-hosts to specgen * sort .gitignore * .gitignore: add pkg/api/swagger.yaml * build(deps): bump github.com/rootless-containers/rootlesskit * implement pod stats * test: fix check for pause on cgroup v2 * test: fix pause tests * cmd, ps: add .Status as synonym for .State * test: enable healthcheck tests * podman: handle --no-healthcheck * specgen: read healthchecks from the image * podman: special case health-cmd none * Enable pod inspect integration test * Enable pod prune integration test * enable run_restart integration tests * enable run_ns integration tests * enable run_signal integration tests * Enable these tests * Enable container inspect integration tests * Enable pod ps integration tests * Cleanup man pages for pull and push * Adding system prune for podman v2 * V2 tests: enables commit tests * Add --os to manifest add * containers, init: skip invalid state errors with --all * podman: assume user namespace if there are mappings * Do not join pod namespaces without an infra ctr * podman: implement userns=keep-id * Cirrus: Utilize new VM images * Cirrus: Unify package installation * test: enable cgroup parent tests * podman: fix --log-opt=path=%s * podman: fix --http-proxy * podman: fix podman --group-add * test: fix --host-env test * podman: fix --cgroups=disabled * test: enable some run_test.go tests that pass now * podman: add support for --rootfs * Bump github.com/containers/common from 0.9.4 to 0.9.5 * specgen: fix error message * create: move validate after setting default ns * remove blank line * set bigfilestemporarydir for pull * Fix SELinux functions names to not be repetitive * foo: delete spurious file * Makefile: include -nobuild install targets * podman: handle namespaces specified on the CLI * specgen: do not always set shmsize * pkg: fix shmsize error message * Stop wrapping pull messages * manifest create,add,inspect * V2 Restore rmi tests * V2 restore libpod.Shutdown() when exiting podman commands * Turn on version.go except for -v check * Fix podman push and podman pull to check for authfile * Enable basic volumes support in Podmanv2 * Move selinux labeling support from pkg/util to pkg/selinux * Fix integration tests for untag * Instrumentation to answer #5765 * test rootless_storage_path from strorage.conf * V2 Restore exists E2E tests * Fix podman rm to have correct exit codes * Fix v2 test podman info * Fix handling of --cidfile on create/run * vendor in containers/common v0.9.4 * Handle hostname flag from client * Add support for devices from command line * Fix handling of CGroupsParent and CGroupsMode * Throw error on IPv6 ip addresses * Force integration tests to pass * Modify namespace generation code for specgen * Bump to github.com/containers/common to v0.9.2 * my bad * Provide a json variable pointing to a configured json API * podmanv2 cp * gate/README.md Fix link to .cirrus.yml and reword * add entrypoint from image where needed * Makefile: fix broken chcon for podman-remote * podmanv2 container subcommands * v2podman port * v2: implement log{in,out} * Move Fedora dependencies for building podman into separate file * v2, podman: plug --userns=auto * podman: do not set empty cgroup limit blocks * Handle annotations passed in via the client * Need to set the Entrypoint * Fix podman inspect to return errors on failure * pkg: implement rlimits * podman rmi: refactor logic * Add support for containers.conf to podmanimages * Update podman to use containers.conf * Fix podman inspect to accept -l and -s fields * Handle Linux Capabilities correctly * Add functions to return image informations * V2 Rmove existing unix domain socket on startup * Cirrus: Add support for Fedora 32 * Cirrus: More Ubuntu 19 + Fedora 31 * V2 podman image tree * V2 Fix --latest for podman diff commands * rootless: move join namespace inside child process * rootless: skip looking up parent user ns * common: setting cgroup resources correctly * Update pod inspect report to hold current pod status. * Pull images when doing podman create * Return labes in API (fixes #5882) * Make `find` ignore dot files * Cleanup network option parsing * enable integration testing * V2 Fix support for tcp://[::] connections * Add pod prune for api v2. * We were not handling the user option on create * Fixes for system tests * Enable some testing * Log formatter: add BATS summary line * Bump github.com/containers/psgo from 1.4.0 to 1.5.0 * podmanV2: implement build * Fix bug where two configurations had been created * Podman V2 birth * V2 Enable rootless * Add SELinux volume information to troubleshoot.md * podman v2 remove bloat v2 * allow filters to work when listing containers * Update podman-generate-systemd man page * .gitignore: ignore v2 remote * Bump github.com/containers/common from 0.9.0 to 0.9.1 * Add version to podman info command * Add basic structure of output for APIv2 pod inspect * v2 bloat pruning phase 2 * Add support for selecting kvm and systemd labels * Fix up SELinux labeling * podmanv2 fix runtime assignment * Cirrus: Fix gate container build failure * logformat: handle apiv2 results, add anchor links * Update README to reflect that latest version is v1.9.0 * Ability to prune container in api V2 * Bump to v2.0.0-dev * podmanv2 events * test case added for image prune cache image * note for skipping cache image added. * image prune skips images with child images. * swagger-check: new CI tool to cross-check swagger * auto update: skip non-image policies * build(deps): bump github.com/containers/common from 0.8.1 to 0.9.0 * logformat: handle apiv2 results, add anchor links * If possible use the pod name when creating a network - Changelog for v1.9.0 (2020-04-15) * podmanV2: fix nil deref * v2specgen prune libpod * More system test fixes on regressions * Add support for the global flags and config files * Bump to v1.9.0-dev - Changelog for v1.9.0-rc2 (2020-04-14) * Update release notes for v1.9.0-RC2 * v2podman ps revert structure changes * podmanv2 mount and umount * Fix invalid container path comparison for pid cgroup * v2podman add container init * Need to set security options even if user does not specify options * podmanv2 version format variable name change * Fixes for load and other system tests * Improve APIv2 support for Attach * Refactor service idle support * podmanv2 history and image remove templates * Bump to v1.9.0-dev * rootless: use snprintf * podmanV2: implement search - Changelog for v1.9.0-rc1 (2020-04-13) * build(deps): bump github.com/containers/buildah from 1.14.7 to 1.14.8 * Update release notes for v1.9.0-RC1 * v2podman container cleanup * podmanV2: implement logs * test: enable preserve fds test for crun * test: fix exec preserve-fds test * Set exit codes on errors. * Run (make vendor) * Fix (make vendor) * update the latest version to 1.8.2 * add tests for kill and exists * v2podman ps alter formats * run/create were processing options after the image name * V2 podman system service * man page: add note about issue with SELinux * Bump Buildah to v1.14.7 * Bump containers/image to v5.4.3 * V2 podman diff(changes) support * podman info needs to be run within the user namespace * podmanv2 images user format * podmanv2 info * vendor c/image v5.4.2 * Do not error on pids.current stats if ctr.path is empty * fix rootless login/logout tests * v2podman run * refactor info * podmanv2 ps * userns: support --userns=auto * podmanv2 start * build(deps): bump github.com/containers/common from 0.8.0 to 0.8.1 * build(deps): bump github.com/containers/storage from 1.18.1 to 1.18.2 * build(deps): bump github.com/opencontainers/selinux from 1.4.0 to 1.5.0 * v2podman attach and exec * v2podman container create * Cleanup whether to enter user namespace for rootless commands * podmanv2 save image * podmanv2 version * checkpoint: handle XDG_RUNTIME_DIR * checkpoint: change runtime checkpoint support test * Pass path environment down to the OCI runtime * podmanv2 checkpoint and restore * Bump github.com/containers/common from 0.6.1 to 0.8.0 * test/e2e/run_volume_test: use unique mount point * test/e2e/run_volume_test.go: mv dockerfile decl * test/e2e/run_volume_test: only create dir once * Fix environment handling from containers.conf * podmanV2: implement push * pkg/spec.InitFSMounts: optimize * utils: delete dead code * attach: skip shutdown on errors * attach: fix hang if control path is deleted * pkg/spec.InitFSMounts: fix mount opts in place * podmanv2 export * podmanv2 import * podmanv2-retry - new helper for testing v2 * podmanv2 load * podmanv2 pod inspect * V2 podman inspect * Fix repos for CentOS 7 RPM build * podman v2 image tag and untag * podmanv2 pod ps * Touch up mailing list address in README.md * add systemd build tag to podman builds * Bump github.com/rootless-containers/rootlesskit from 0.9.2 to 0.9.3 * Switch to using --time as opposed to --timeout to better match Docker. * podmanV2: implement pull * pkg/spec/initFSMounts: fix * Cirrus: Remove darwin/windows builds in gate-job * Cirrus: Update VM Images * Cirrus: Minor docs update * Revert "Default CPUShares in Inspect are 1024" * fix more swagger inconsistencies * V2 Move varlink home * Bump github.com/containers/conmon * Bump github.com/spf13/cobra from 0.0.6 to 0.0.7 * rootless: make cgroup ownership detection not fatal * podmanv2 enable healthcheck run * Update vendor of boltdb and containers/image * swagger: top: remove "Docker" from the identifiers * podmanv2: implement pod top * v2 api: implement pods top endpoint * podmanv2 commit * Bump to buildah v1.14.5 (Edit 2020-06-03: Addresses CVE-2020-10696) * Add support for containers.conf * API v2 tests: usability improvements * Sanitize port parsing for pods in play kube * podmanv2 pod create using podspecgen * use `pause:3.2` image for infra containers * Add support for specifying CNI networks in podman play kube * Fix typo in pod create * podmanV2: implement top * Fix Markdown typo in podman-create.1.md * V2 podman image prune * Support label filters for podman pod ps. * podmanv2 container inspect * podmanv2 pod subcommands * Add bindings for Container Exec Create + Inspect * apiv2 add default network in specgen * slirp: enable seccomp filter * V2 podman image rm | podman rmi [IMAGE] * V2 podman image * podmanv2 add pre-run to each commmand * Ensure that exec sends resize events * enable linting on v2 * Bump github.com/rootless-containers/rootlesskit from 0.8.0 to 0.9.2 * Bump github.com/containers/storage from 1.16.5 to 1.16.6 * V2 podman images/image list * podmanv2 volumes * Combine GlobalFlags and EngineFlags into EngineOptions * Complete podmanV2 history command * rootlessport: use x/sys/unix instead of syscall * podmanv2 exit code * Bump github.com/sirupsen/logrus from 1.4.2 to 1.5.0 * Correctly document libpod commit endpoint * Implement APIv2 Exec Create and Inspect Endpoints * apiv2 container commit for libpod * Add image signing with GPG tutorial * podmanv2 add core container commands * Improved readability in image json output * podmanv2 volume create * Add stubs for cmd/podman in non-Linux local mode * Make libpod/lock/shm completely Linux-only * Add stubs for pkg/adapter/terminal_linux.go * Add a stub for libpod.Container.Top * Make cmd/podman/shared.GenerateCommand tests Linux-only * Fix the libpod.LabelVolumePath stub * Only run TestGetImageConfigStopSignal on Linux * Fix the pkg/specgen/SpecGenerator.getSeccompConfig stub * podmanv2 pod exists * when removing networks for tests, force should be used * Add basic structure of a spec generator for pods * [CI:DOCS]fix type issue in pod binding test * podmanv2 enable remote wait * fix remote connection use of context * use boolreport for containerexists response * podmanv2 container exists|wait * Add APIV2 service files * Attempt manual removal of CNI IP allocations on refresh * Implemented --iidfile for podman commit * Add guildline for writing podman V2 CLI commands * Use creds form PullImage remote * Fix docker man page links * Bump to v1.8.3-dev * [CI:DOCS]remove podmanv2 binary * Cirrus: Update VM images * Cirrus-CI: Fix source path of vendor task * Cirrus: Enable future installing buildah packages * Cirrus: Include packages for buildah CI * Cirrus: Update Ubuntu base images * Cirrus: Use opensuse open build Ubuntu packages * Update release notes for v1.8.2 final release * rootlessport: handle SIGPIPE * apiv2 add bindings for logs|events * Bump github.com/containers/common from 0.5.0 to 0.6.1 * Add inspect for exec sessions * Add structure for new exec session tracking to DB * Populate ExecSession with all required fields * Fix path of tmp_dir * Cirrus: Disable non-docs release processing * container prune remove state created, configured * Cirrus: Log libseccomp package version * docs: mention that "podman version" prints out Remote API Version - Changelog for v1.8.2 (2020-03-19) * fix reported compat issues * Don't include SUBDIR in windows.zip * rootless: fix usage with hidepid=1 * V2 podman command * serve swagger when present * swagger: more consistency fixes * Vendor in containers/buildah v1.14.3 * Reduce CPU usage when --timeout=0 * New test: man page cross-ref against --help * podman: avoid conmon zombie on exec * Filter pods through pod list api * Bump to v1.8.2-dev * Fix vendoring on master * fix timeout file flake * auto updates * pkg/systemd: add dbus support - Changelog for v1.8.2-rc1 (2020-03-17) * Update release notes for v1.8.2-rc1 * Fix vendoring on master * Update containers/storage to v1.16.5 * config: make warning clearer * Four small CI fixes: * fix systemd generate tests * apiv2 addition of manifests * add os|arch attributes when building * Missing double quotes in troubleshooting guide. * force run container detached if container CreateCommand missing the detach param * Bump github.com/containers/common from 0.4.2 to 0.5.0 * Bump k8s.io/api from 0.17.3 to 0.17.4 * Bump github.com/fsnotify/fsnotify from 1.4.7 to 1.4.9 * eat signal 23 in signal proxy * add apiv2 healthcheck code * turn off color-mode for bindings * remove imagefilter for varlink remote client * Bump github.com/containers/storage from 1.16.2 to 1.16.3 * run --rmi test: make it work * rootlessport: detect rootless-child exit * create: do not calculate image size * Follow up changes from #5244 * man page cross-reference fixes: part 2 * Update version in README to v1.8.1 * [CI:DOCS]Add libpod event endpoint * Bump to v1.8.2-dev * Update start stop api to use pod status function. * Fix bug podman reset to not remove $XDG_RUNTIME_DIR - Changelog for v1.8.1 (2020-03-11) * man pages: fix inconsistencies * Update release notes for v1.8.1 final release * build for amd64|arm|ppc64le * update systemd & dbus dependencies * Refactor handler packages * Remove nonexistent --set arg from runlabel documentation * hide --trace flag * podman --help: mention defaults of bools * docs: clarify that --syslog expects an argument * Bump to v1.8.1-dev * commands: rename file and add likns to readthedocs - Changelog for v1.8.1-rc4 (2020-03-09) * Revert "exec: get the exit code from sync pipe instead of file" * Revert "Exec: use ErrorConmonRead" * Revert "exec: fix error code when conmon fails" * rootles tutorial: remove systemd unit example * generate systemd: add `default.target` to INSTALL * Bump github.com/containers/storage from 1.16.1 to 1.16.2 * use storage/pkg/ioutils * use storage/pkg/homedir * Fix spelling mistakes in code found by codespell * add default network for apiv2 create * Bump to v1.8.1-dev * Allow users to set TMPDIR environment * Fix upstream dockerfile and add 'by hand' ctrfile * Cirrus: Fix fedora-minimal mirroring * fix security-opt generate kube - Changelog for v1.8.1-rc3 (2020-03-06) * Update release notes for v1.8.1-RC3 * Part 2: try to clean up the long image instance names * WIP: Try renaming long cirrus job names * vendor: update github.com/containernetworking/cni to v0.7.2-0.20200304161608-4fae32b84921 * Removed extraneous comments and defaults plus amended variable declaration * Removed the unnecessary code * Implemented size parameter on GetContainer * Implement size parameter on ListContainers * Map configured status to created to match docker API states * Fix to remove null entry from end of images json * Register handlers without version to align with docker API * golangci: enable goimports * generate systemd: remove leading slashes * exec: fix error code when conmon fails * Vendor buildah 1.14.2 * env: don't set "container" env * Fix podman image sign help output * avoid adding to nil map * Exec: use ErrorConmonRead * exec: get the exit code from sync pipe instead of file * generate systemd: add network dependencies * Bump to Buildah v1.14.1 * APIv2 tests: add tests for stop * Add the rmi flag to podman-run to delete container image * consolidate env handling into pkg/env * CI: format cirrus logs * Update docs/source/markdown/podman-build.1.md * Allow devs to set labels in container images for default capabilities. * CI: add API v2 tests * more swagger fixes * Bump github.com/opencontainers/selinux from 1.3.2 to 1.3.3 * Add validate() for containers * Cirrus: Fix gate image & false-positive exits * Update pod bindings and Add test to validate prune pod apiv2 binding. * Fix wrong condition in bindings test * Ensure that exec sessions inherit supplemental groups * Cirrus: Update VM images * Cirrus: Force runc use in F30 * rework apiv2 wait endpoint|binding * build: specify input fd to buildah * Cirrus: Remove unnecessary handle_crun workaround * Cirrus: Print env. vars at end of setup. * Cirrus: Fix not growing Fedora root * network create should use firewall plugin * add firewall plugin (no backend) to default cni config * binding tests for volumes * Bump to v1.8.1-dev * container Exists: fix URL * CI: package_versions: include hostinfo, kernel * Review comments * [WIP] Add cmd flag to show container name in log - Changelog for v1.8.1-rc2 (2020-02-27) * Update release notes for v1.8.1-rc2 * Vendor in latest containers/buildah * kill test: clean up warnings; document better * curb flakes in integration tests * spec: allow container alias name in lookup * add epoch for specfile * fix trivial typo * Add support for multiple CNI networks in podman inspect * Remove 1 sec delay * Temp. skip "remove pause by id" bindings test * Fix kill test obtaining CID * System Tests: Force default signal handlers * Fix cgroupsv2 run test, unexpected output * Cirrus: SELinux Enforcing for F31 w/ CGv2 * Cirrus: collect podman system info * Cirrus: F31: Force systemd cgroup mgr * Cirrus: Temp. disable F31 p-in-p testing * Cirrus: Handle runc->crun when both are possible * Cirrus: Use deadline elevator in F31 * Cirrus: Support testing with F31 * rootless: become root only if the pause file is specified * rootless: fix segfault when open fd >= FD_SETSIZE * apiv2 tests: add more pod tests, timing check * Update vendor of buildah and containers/common * build: move initialization after SetXdgDirs * utils: relax check for directory to use * add apiv2 tests for podman pause and stop * always run the docs task on post-merge * Fixed build_rpm.sh script for Fedora 30 * Add basic deadlock detection for container start/remove * Friendly amendment: tests, and a help message * fix port list by container with port * more image binding tests * docs: symlink to host device is resolved * Add --no-healthcheck command to create/run * enable ci on go binding tests * add more image tests for go bindings * Bump to v1.8.1-dev * build(deps): bump github.com/opencontainers/selinux from 1.3.1 to 1.3.2 - Changelog for v1.8.1-rc1 (2020-02-21) * Update release notes for v1.8.1 * disable generation of cni firewall plugin * search endpoint failure correction * Remove ImageVolumes from database * Upgrade make package-install for fedora31 * Flake fix: race condition in same-IP test * Add support for ssh:// and unix:// podman clients * search test on fedora registry: retry 5 times * Swagger: yet more fixes * Login test: use --password-stdin * implement reverse reader for log reads * podman images: add --filter=since=XX * populate resolv.conf with dnsname responses when in usernamespace * Beautify podman bridge CNI config * build(deps): bump github.com/spf13/cobra from 0.0.5 to 0.0.6 * Warn user about --password cli option in login * build(deps): bump github.com/stretchr/testify from 1.5.0 to 1.5.1 * Swagger: fix one incorrect comment * apiv2 container create using specgen * Add test to validate the pod bindings api * Update to the latest version of buildah * New login and push tests * Add network options to podman pod create * Fixed syscall.Signal not convertable by decoder * Fixed typo in KillContainer * build(deps): bump github.com/containers/storage from 1.15.8 to 1.16.0 * build(deps): bump github.com/stretchr/testify from 1.4.0 to 1.5.0 * libpod.conf: clarify `label` description * set process labels in pkg/spec * libpod/config: use built-in TOML instead of manually merging * Fixed CreateImageFromImage not respecting supplied Tag parameter * Add installation of pre-commit to Makefile * fix mandatory parameter in login/logout * adds missing query struct tags and exports the fields * Swagger: fix inconsistencies (try #2) * Update mux rules to allow slashes in image names * rootless: fix a regression when using -d * Misc typo fixes * Use cleaned destination path for indexing image volumes * Add ability for pods to use the host network * stats: Expose CPU usage in API * rootless: check if the conmon process is valid * apiv2: Fixup /containers/json filters documentation * apiv2: Enable filtering images by ID * Fix handler and systemd activation errors * podman-ps: support image IDs * Refactor image tree for API usage * Update documentation of commit command to show image reference is optional * Rework label parsing * add caching for binding tests * apiv2 libpod container logs * add pkg/signal * add pkg/capabilities * build(deps): bump github.com/rootless-containers/rootlesskit * Fix SELinux labels of volumes * podman(1): fixes * fix bug "" disable detach keys * Fixed a bug about bash automatically complete * Enhance fuse-overlayfs instructions. * README: fix docs links * Fix up play kube to use image data * build(deps): bump k8s.io/api from 0.17.2 to 0.17.3 * Only set --all when a status filter is given to ps * use quay.io/libpod/fedora-minimal for reliability * filtering behavior correction * support device-cgroup-rule * rootlessport: drop Pdeathsig in favor of Kill * rootlessport: fix potential hang * add pkg/seccomp * Do not copy up when volume is not empty (Edit 2020-06-03: Addresses CVE-2020-1726) * api: pull: fix reference parsing * cmd/podman/pull: refactor code * stats: add SystemUsage * build(deps): bump k8s.io/apimachinery from 0.17.2 to 0.17.3 * build(deps): bump github.com/gorilla/mux from 1.7.3 to 1.7.4 * HTTP 304 (NotModified) is not an error! * API v2 tests: catch up to moving target * api: fix the CPU stats reported * apiv2 stream events * Fix container filters * API v2: pods: fix two incorrect return codes * Rewire ListContainers for APIv2 libpod * podman build -f completions * swagger: fix /libpod/images/{import,load,pull} * Make: s/uname -o/uname -s/ * container create: relax os/arch checks * replace prow images test * Remove incorrect validation of --change for commit * [CI:DOCS] Update Code of Conduct to Containers variant * Add test cases to validate remove and list images api. * images --format compatible with docker * bash-completions: Add missing subcommands in 'podman system' * doc: Fix examples for 'podman system service' * v2 api: /libpod/images/import * v2 api: /libpod/images/load * v2 api: /libpod/images/pull * docs: add workaround for --device with rootless containers (II) * Fix varlink code generation target. * Modify Runtime.getImage to return a storage.Image * Document an aspect of newFromStorage behavior * Introduce a Runtime.newImage constructor * Move Image.getLocalImage to Runtime.getLocalImage * Remove the getLocalImage() call from Image.Size * Use Runtime.NewFromLocal instead of open-coded copies * Trivial simplification * Create two separate newImage instances in Runtime.New * Call NewImageRuntimeFromStore from NewImageRuntimeFromOptions * Update readme to 1.8.0 release * Refactor runtime functions to pass options structure * build(deps): bump github.com/containers/image/v5 from 5.2.0 to 5.2.1 * LibpodAPI.BuildImage: don't require a name for the new image * Bump to v1.8.1-dev * Cirrus: Never run prune on other branches * Add dockerfile to mirror fedora-minimal * Add /swagger/ endpoint to serve swagger yaml to clients * Add backend code for pod network options - Changelog for v1.8.0 (2020-02-06) * [CI:DOCS]update contrib systemd user * [CI:DOCS]fix systemd files for apiv2 * Update release notes for final release of v1.8.0 * Move podman-service to podman-system-service * Only modify conmon cgroup if we have running containers * fix swagger docs and make sure docs validation runs * Special case memory-swap=-1 * vendor github.com/mtrmac/gpgme@v0.1.2 * vendor github.com/containers/image/v5@v5.2.0 * Add Containerfile location e2e test * [CI:DOCS]addition of specgen package * {CI:DOCS] run gofmt before lint * build(deps): bump github.com/onsi/ginkgo from 1.11.0 to 1.12.0 * Close tarSource when finished using it * Force --all when --filter is passed to podman ps * Initial implementation of a spec generator package * Fix wrong Containerfile location on build * Wrap error for failing ImageSize calls * swagger: v2: libpod/images/{import,load,pull} * seperate container create network options * Cirrus: Fix gate task + make lint|validate * Add a binding test to check image tag and list commands. * Update /_ping support * [CI:DOCS]add apiv2 endpoints for exec * build(deps): bump github.com/containers/storage from 1.15.7 to 1.15.8 * build(deps): bump github.com/onsi/gomega from 1.8.1 to 1.9.0 * Tear down network when restarting containers * Move install.md to podman.io, leave link page * Update XML to not embed quote in PATH on windows * Bump to v1.8.0-dev - Changelog for v1.8.0-rc1 (2020-01-31) * Fix a syntax error in hack/release.sh * Minor update to release notes * sigproxy: return after closing the channel * fix longname handling for bindings * Update release notes for v1.8.0 * compat container names begin with / * Assure validate includes lint * make image reference for commit optional * adjusts install.md (Ubuntu): replaces ${NAME} with hard-encoded Ubuntu to support all *buntu flavors * adjusts install.md (Ubuntu): registries.conf setup is now in containers-image package * markdown: fix erroneous asterisk markup for options * speed up Makefile * Makefile: systemd: echo instead of warn * Makefile: remove redundant BUILDFLAGS * Makefile: consistent PHONY use * Makefile: remove dead vagrant target * Makefile: move systemd buildtag check * rootless: enable shortcut only for podman * test: honor TEMPDIR variable * Cirrus: Set EPOCH_TEST_COMMIT during gate task * Deprecate & remove IsCtrSpecific in favor of IsAnon * apiv2 binding test fixes * history: fix size computing * run `varlink_generate` on Linux only * display file name of bad cni conf * Throw error on invalid sort value * rootless login/logout tests fail * Update remote client bridge documentation. * honor pull policy in play kube * docs: replace '~' with $HOME in markdown as '~' isn't rendered properly * install.md: registries.conf setup in containers-image package * [CI:DOCS]Binding overhauls * docs: fix incomplete heading underlining in network.rst * build(deps): bump github.com/rootless-containers/rootlesskit * docs: add missing hyphen for '-t' option, command '$' prompts * build(deps): bump github.com/opencontainers/selinux from 1.3.0 to 1.3.1 * [CI:DOCS]rootless exec cannot join root namespace * expose --arch-override option for pull * Add link from docker.sock to podman.sock * inspect image healthchecks * [CI:DOCS]Add copr link to fedora install page * Hidden remote flags can be nil * docs: add boolean values and defaults to "man podman-history" options * docs: remove reference to "sudo" in "podman exists" examples * docs: fix system-prune markdown; reword for clarity * docs: clean up "man podman-rm", "man podman-rmi" * install.md: mention availability of OpenEmbedded recipes * Cleanup man pages exit code descriptions * APIv2 review corrections #3 * camelcase: fix lint reports * fork fatih/camelcase * Refactor time parsing to be more liberal in accepted values * apparmor: allow receiving of signals from 'podman kill' * Add query parameter converters for complex types * Review corrections pass #2 * build(deps): bump gopkg.in/yaml.v2 from 2.2.7 to 2.2.8 * Default CPUShares in Inspect are 1024 * markdown: fix grammar/formatting, standardize on markdown * build(deps): bump k8s.io/api from 0.17.0 to 0.17.2 * build(deps): bump github.com/pkg/errors from 0.9.0 to 0.9.1 * build(deps): bump github.com/containers/conmon * build(deps): bump github.com/json-iterator/go from 1.1.8 to 1.1.9 * build(deps): bump github.com/uber/jaeger-client-go * build(deps): bump github.com/containernetworking/plugins * seccomp policy: expect profile in config label * build(deps): bump github.com/vishvananda/netlink from 1.0.0 to 1.1.0 * build(deps): bump github.com/containers/storage from 1.15.5 to 1.15.7 * Update README.md to reference latest version * Enable swagger validation for each PR * Fix example format in system df man * markdown: fix formatting of commands at bottom of podman-exec * markdown: reword 'podman-inspect' to properly explain '--size' * correct search-and-replace error * Update release script to not manage epoch * markdown: remove extraneous backquote from "podman rmi" * markdown: fix formatting/content typos in migrate man page * Update RELEASE_NOTES for v1.7.1 * Add service endpoint * Cirrus: Fix logic typo * Update build images * Cirrus: No upload snap for docs job * [CI:DOCS]First pass at review comments * go.mod: fix parse error * Use cgroupv2 super magic from golang.org/x/sys/unix * Disable go mods on varlink builds in spec * [CI:DOCS] Add logo and dev statement * rootless: set C variables also on shortcut * [CI:DOCS]static files end up in _static on rtd * [CI:DOCS] Correct link syntax * [CI:DOCS]Connect API docs and RTD * post-process swagger yaml for publish * Tests for API v2 * Minor: Bugfix in upload image * Update `tag` documentation regarding 'alias' usage * update install instructions for Debian, Raspbian and Ubuntu * oci_conmon: do not create a cgroup under systemd * Add an API for Attach over HTTP API * systemdgen: specify --cgroups=disabled-conmon for --new * podman: add new option --cgroups=no-conmon * systemdgen: add --ignore flag to generic services * e2e/run_signal_test.go: make it more robust * hack/install_golangci.sh: check env vars * Remove c.String(net) * make binaries: include service * service: don't block sigterm * Cirrus: remove workaround for cleaning /go/bin * [CI:DOCS]swagger cleanup and left-hand nav * Add APIv2 CLI example POC * api: stats: fix typo * api: utils: add an `IsLibpodRequest` handler * refactor top code * top: use a separate pipe for the error stream * v2 api: top improvements * v2: stats: drop redundant sleep when streaming * v2: stats: libpod: use generic handler * v2: stats: rigorous error checks * v2: stats: fix errors * v2: stats: do not ignore errors * v2: stats: remove windows-specific fields * make .install.golangci-lint: force specific version * Makefile: remove gometalinter * contrib/gate/Dockerfile: bump to F31 * [CI:DOCS]swagger corrections * Bump to Buildah v1.13.1 * oci_conmon: not make accessible dirs if not needed * Enable pre-commit tool linting * .gitignore: ingore *.coverprofile from unit tests * make lint: include unit tests * .golangci.yml: move swagger.go from Makefile * make lint: include docs/ * make lint: include pkg/tracing * revert accidental change from codespell pr. * swagger documentation updates * Do not configure CNI when slirp4netns is requested * clarify container prune --force * more BATS tests * gating: clean /go/bin to install fresh tools * make lint: enable gocritic * linter: blacklist linters instead of whitelisting * bump golangci-lint to 1.18.0 * rm contrib/perftest * remove `.tool/lint` * docs: --privileged docs completeness, consistency * [Makefile] Ensure .gopathok dependency is met for varlink * Add codespell to validate spelling mistakes in code. * libpod: fix --userns=keep-id with big UIDs * fix e2e test failure * Cirrus: Fix libpod base images going stale * address review comments before merge * [CI:DOCS]update apiv2 documentation with swagger goods * Initial commit on compatible API * cp: drop check for rootless * test: fix error message * log: support --log-opt tag= * Fix Makefile ref libseccomp branch as a commit * policy for seccomp-profile selection * podman-generate-systemd --new * shared/create.go: s/data/imageData/ * rootlessport: honor ctr.runtime.config.TmpDir * rootlessport: remove state dir on exit * Usage messages: show possible option values * Update podmanimage build process * exec: fix pipes * fix lint - pkg/varlinkapi/virtwriter * fix lint - pkg/util: func comment * fix lint - pkg/spec * fix lint in pkg/rootless * fix lint - pkg/network: comment exported types * fix lint - pkg/adapter: comment exported API * fix lint - ignore image.ImageDeleteResponse definition * fix lint - drop else block * fix lint: add comment for NameRegex and error * fix lint: correct func identifier in comment * fix lint: "guarantess" is a misspelling of "guarantees" * rootless: use RootlessKit port forwarder * Add `untag` sub-command * Update demo for the inspect command * Fix podman-remote info to show registry data * packaging: validate installed rpms * github stale workflow: rephrase and bump close time * Don't show PASS on success for gitvalidate * Bump gitvalidation epoch * Bump to v1.7.1-dev * play kube: make seccomp handling better conform to k8s * fix bug copy from container directory * Add history names to image inspect data - Changelog for v1.7.0 (2020-01-06) * (minor) fix broken links to container-policy.json.5 * Generate binaries only if they are changes in src code. * Fix presentation of man page tables * Bump gitvalidation epoch * Bump to v1.7.0-dev - Changelog for v1.7.0-rc2 (2020-01-02) * Update release notes with further changes from 1.7.0 * refactor network commands * Fix race condition in kill test leading to hang * Ensure 'make uninstall' remove bin and conf files. * Add the pod name when we use `podman ps -p` * Ensure SizeRw is shown when a user does 'inspect --size -t container'. * signal parsing - better input validation * The --quiet flag does not conflict with templates in ps * add struct response for removal of images * Update containers/storage to v1.15.4 * Update containers/storage to v1.15.4 * zsh completion: ignore multi-line output in Flags * build(deps): bump github.com/containers/image/v5 from 5.0.0 to 5.1.0 * if container is not in a pid namespace, stop all processes * update c/buildah to v1.12.0 * Remove volumes after containers in pod remove * libpod: drop arbitrary memory limit of 4M * docs: add workaround for --device with rootless containers * install.md: openSUSE dependencies * Use systemd/sd-daemon.h headers for systemd presence * Allow the injection of TESTFLAGS * Remove coverprofile from the repository * troubleshooting.md: rebased master and bumped 18 to 19 * Fix F30-F31 migration for Podman 1.7.0 * runtime.go: show registries data and search table * container config: add CreateCommand * Fixed the path of hack scripts in spec file * runtime.go: show search table in podman info * podman info man: example update * podman: mirror information * Reap exec sessions on cleanup and removal * [Makefile] `LDFLAGS` is reserved for the GCC linker * podman images history test - clean up * Bump gitvalidation epoch * Bump to v1.7.0-dev * allow exec to read files of environment variables * Correctly export the root file-system changes * build(deps): bump github.com/uber/jaeger-client-go - Changelog for v1.7.0-rc1 (2019-12-11) * Update release notes for 1.7.0 * docs: update podman-{pod-,}top man pages * build(deps): bump github.com/containers/psgo from 1.3.2 to 1.4.0 * Update containers/storage to v1.15.3 * move image filters under libpod/images * Re-add Fedora 31 migration code. * macvlan networks * Return empty runtime directory if we're not rootless * build(deps): bump github.com/containers/storage from 1.15.0 to 1.15.2 * Use terminal detach keys sequence specified in the config file * Add ONBUILD support to --change * Move Commit() to new parsing for --change * test for #3920 (improper caching of tarballs in build) * Enable multi-platform rpm building * Completely rework --change parsing * Avoid git warnings by using detach on checkout * Improve hack/get_release_info.sh * Bump Buildah to v1.11.6 * rootless: enable stats test on cgroup v2 * Improve dnf tests inside build_rpm.sh * libpod: fix stats for rootless pods * rootless: add fallback for renameat2 at runtime * Attempt to install go-md2man only if missing * Quick grammar touchup in rootless.md * Allow chained network namespace containers * Ensure volumes reacquire locks on state refresh * Ignore ErrCtrRemoved when removing a container * Add comment on rootless containers creating device nodes * Updates on making doc building and debug optional * troubleshooting: warn about secure boot * libpod: fix case for executable file not found errors * build: improved main makefile * build: improved prepare.sh * Fix podman-remote version to print client and server * man page updated with examples of filter option * install.md: added slirp4netns dependency to ubuntu * Add podman system reset command * fix commands.go to get links from correct directory * Do not initialize store on rootless podman * filter added to container prune command * Disable checkpointing of containers started with --rm * Make doc building in spec optional * Donot install btrfs in RHEL/CentOS-8 * oci: print only matching part for the errors * command output fixed as per docker equivalent * Detect Python executable in Makefile * Improved build_rpm.sh * Add support for image name history * Remove containers when pruning a stopped pod. * Allow --ip and --mac to be set when joining a CNI net * Document other bind options on --volumes flag * podman {pod,} rm/stop: add --ignore flag * Discard errors from Shutdown in `system renumber` * e2e/prune: run two top containers * build(deps): bump github.com/containers/storage from 1.13.5 to 1.14.0 * build(deps): bump gopkg.in/yaml.v2 from 2.2.5 to 2.2.7 * build(deps): bump github.com/pkg/profile from 1.3.0 to 1.4.0 * document updated for filter and until options * filter added to image pruge command. * config: use EventsLogger=file without systemd * Error on netns not exist only when ctr is running * Add ContainerStateRemoving * play kube: handle seccomp labels * podman rm/stop --cidfile * container-restore: Fix restore with user namespace * Add new test suite for build * Also delete winsz fifo * use pause image for check all * timestamp related functions added * Bump to Buildah v1.11.5 * container create: os/arch check * history: rewrite mappings * codespell: spelling corrections * Cirrus: Use branch-specific container tags * warning added before image prune command * create a separate install target for seccomp * Add annotations in play kube * Add pod annotations to container * Add missing information to podman.1 man page * Add support for make vendor-in-container * Split up create config handling of namespaces and security * test: add tests for --mac-address * mount: add new options nocopyup|copyup for tmpfs * Bump github.com/uber/jaeger-client-go * libpod/config: default: use `crun` on Cgroups v2 * podman images --digest: always list a digest * events: make sure the write channel is always closed * Add support for RunAsUser and RunAsGroup * cni: enable tuning plugin * podman: add support for specifying MAC * vendor: updated ocicni for MAC address * Makefile: add vendor-in-container * rootless: provide workaround for missing renameat2 * rootless: use SYS_renameat2 instead of __NR_renameat2 * Add Kata Containers runtimes to libpod.conf * help message: don't parse the config for cgroup-manager default * fix bug check nonexist authfile * Allow users to disable detach keys * namespaces: by default create cgroupns on cgroups v2 * Update installation - Ubuntu. [skip ci] * pulling unqualified reference: make sure it's a docker reference * Bump gopkg.in/yaml.v2 from 2.2.4 to 2.2.5 * Set SELinux labels based on the security context in the kube.yaml * Add links to readthedocs on docs/readme * Bump development version to 1.6.4-dev * Bump version in README to v1.6.3 * Add release notes for v1.6.3 * slirp4netns: fix timeout * docs: Update "podman container rm -v" description * logo: correct light source reflection * stats: fix calculation for the CPU time * [docs] Ensure we include section 5 documentation * [Makefile] Fix docker documentation install and generation * Fixed the JSON go template format for the 'info' action * runtime: Fix typo * Update link to Commands documentation * cgroups: read correctly the CPU stats * [CI:DOCS] make docs only prs * Update rootless shortcomings with cgroup V2 information * Bump github.com/onsi/gomega from 1.7.0 to 1.7.1 * Validate contextdir on build * Vendor in latest containers/buildah * Bump github.com/onsi/ginkgo from 1.10.1 to 1.10.3 * Refactor test to prevent panic * logs: support --tail 0 * Update document formatting and packaging code * Restructure documentation dir * add libpod/config * Switch to bufio Reader for exec streams * container start: fix regression when using name * Fix selinux test for exec * Cirrus: Disable F29 testing * Wait for `mount` command to finish when mounting volume * Cirrus: Fix upload_release_archive on branch or tag * Fix cp from pipe * libpod, rootless: create cgroup for conmon * Bump github.com/json-iterator/go from 1.1.7 to 1.1.8 * seccomp: use github.com/seccomp/containers-golang * build: drop support for ostree * stale action: add exempt-issue-label * Processes execed into container should match container label * Set default seccomp.json file for podman play kube * images: distinguish between tags and digests * API: report multiple digests for images * pull/create: add --override-arch/--override-os flags * image: don't get confused by lists * Add e2e tests for manifest list support * bump containers/image to v5.0.0, buildah to v1.11.4 * goland autocorrections * Makefile: fix embedding gitCommit * Cirrus: Fix minor python deprecation warning * Cirrus: Only upload tagged releases * Fix spelling mistakes * libpod: if slirp4netns fails, return its output * update conmon to v2.0.2 in in_podman image * bump cirrus images * require conmon v2.0.1 * require conmon v2.0.0 * GitHub stale action * enable dnsplugin for network create * Add ensureState helper for checking container state * Cleanup man pages * Log warn instead of error for removing nonexistant container * systemd: mask /sys/fs/cgroup/systemd/release_agent * Add multiple networks explanation to docs * rootless: raise an error with --network= * Initial dump of man pages and first menus * Return a better error for volume name conflicts * Add documentation on options to volume create manpage * Image volumes should not be mounted noexec * stats: list all running containers unless specified otherwise * rootless: detect no system session with --cgroup-manager=systemd * add pip requirements file for rtd * Initial checking for readthedocs * Fix sig-proxy=false test and use image cache * Add parsing for UID, GID in volume "o" option * exec: remove unused var * Rewrite backend for remote 'volume inspect' * rootless: write storage overrides to the conf file * Markdown Formatting Fixes * Show volume options in 'volume inspect' * System tests: make sure exec pid hash w/o leaking * Bump gitvalidation epoch * Bump to v1.6.3-dev * check existing bridge names when creating networks * Add support for anonymous volumes to `podman run -v` * troubleshooting.md: document lingering mode * rootless: do not enable lingering mode * Add ability to redirect bash for run -i * play kube: Container->Ctr * play kube: refactor test suite - Changelog for v1.6.2 (2019-10-17) * Finalize release notes for v1.6.2 * rootless: drop dependency on docker * Bump gitvalidation epoch * Bump to v1.6.2-dev * Refactor tests when checking for error exit codes * Attach stdin to container at start if it was created with --interactive - Changelog for v1.6.2-rc1 (2019-10-16) * Add release notes for Podman 1.6.2 * start: print full container ID * Add a MissingRuntime implementation * rootless v2 cannot collect network stats * inspect: rename ImageID go field to Image * systemd: accept also /sbin/init * Unwrap errors before comparing them * vendor github.com/containers/storage@v1.13.5 * Ensure volumes can be removed when they fail to unmount * Fix sample's JSON syntax error in oci-hooks.5.md * change error wording when conmon fails without logs * images: empty list is valid json with --format=json * Allow giving path to Podman for cleanup command * Touch up bad math in run man page * Add squash-all, fix squash option in build * tests: enable ps --size tests for rootless * container: initialize results list * Make user io.podman.service unit WantedBy=default.target * rootless: do not set PIDs limit if --cgroup-manager=cgroupfs * Update build man page with latest Buildah changes * Fix default path for auth.json * When restoring containers, reset cgroup path * Migrate can move containers to a new runtime * Move OCI runtime implementation behind an interface * show uid_map in podman info * cli: support --systemd=always * systemd: expect full path /usr/sbin/init * catch runc v2 error * Respect --sig-proxy flag with podman start --attach * rootless: automatically recreate the pause.pid file * rootless: do not close files twice * refresh: do not access network ns if not in the namespace * Cirrus: Produce and collect varlink output * io.podman.socket: drop Also=multi-user.target * Cirrus: Remove broken/failing testing_crun task * Cirrus: Use new VM cache images * Cirrus: Install conmon in Fedora VMs * vendor c/psgo@v1.3.2 * troubleshooting: fix useradd no-log-init argument * Setup a reasonable default for pids-limit 4096 * Update c/image to v4.0.1 and buildah to 1.11.3 * When evicting containers, perform a normal remove first * Bump gopkg.in/yaml.v2 from 2.2.3 to 2.2.4 * podman network create: validate user input * Cirrus: Simplify package NVR logging * Docs: Update links, add links to latest * Cirrus: Fix log URIs & add optional $ALSO_FILENAME * Raise start_test polling interval * system tests: info: deal with hyphen in username * Bump gitvalidation epoch * Bump to v1.6.2-dev * Apply changes also to the windows implementation * System-tests: Use bash explicitly * Podman 1.6.0 has been released, update the README * Add api link to tutorials * Bump gopkg.in/yaml.v2 from 2.2.2 to 2.2.3 * Allow setting default parameters with env vars * Avoid hard-coding path to varlink and podman * Allow changing IdentityFile and to IgnoreHosts * rm: add containers eviction with `rm --force` - Changelog for v1.6.1 (2019-10-02) * Update release notes for v1.6.1 * Bump gitvalidation epoch * Bump to v1.6.1-dev * rootless: allow cgroupfs manager on cgroups v2 * system tests: reenable skipped tests - Changelog for v1.6.1-rc1 (2019-10-02) * rootless: set DBUS_SESSION_BUS_ADDRESS if it is not set * install.md: add libbtrfs-dev for Debian build * Bump github.com/onsi/gomega from 1.5.0 to 1.7.0 * Cirrus: Show names/versions of critical packages * network: add workaround for slirp4netns --enable-sandbox issue * rootless: do not attempt a CNI refresh * Bump github.com/containernetworking/plugins from 0.8.1 to 0.8.2 * network: hide EPERM warning when rootless * networking: fix segfault when slirp4netns is missing * Bump gitvalidation epoch * Bump to v1.6.1-dev * Move derivitive doc so it won't be treated as a manpage * catatonit: clone and build * bump catatonit to v0.1.4 - Changelog for v1.6.0 (2019-09-30) * info: add cgroups2 * Finalize release notes for 1.6.0 final * Bump github.com/onsi/ginkgo from 1.8.0 to 1.10.1 * Bump github.com/docker/docker-credential-helpers from 0.6.2 to 0.6.3 * Bump github.com/stretchr/testify from 1.3.0 to 1.4.0 * Bump github.com/uber/jaeger-client-go * Bump github.com/spf13/pflag from 1.0.3 to 1.0.5 * update c/storage to v1.13.4 * Cirrus: Minor, fix env. var. intention * new examples added updated two examples with supported CMD and ENTRYPOINT syntax. * new testcase for podman import --change added * syntax updated for podman import --change * Correct use of reexec.Init() * Add a missing escape in the Makefile * Change ginkgo Wait() to Eventually() test * Set log-level immediately, before rootless setup * Cirrus: Implement newly built VM images * Add README note about security reporting process. * Cirrus: Disable boottime Ubuntu package update * Move noCache logic lower in stack * cirrus: Add bash-completion support * Add an error for pods without a name * Make links relative in Tutorial README * docs/podman-derivative-api.md: New file * fix cp none exists dest path ends with '/' * Dockerfile.fedora: install packages to build catatonit * README: add Communications section * drop OWNERS link for CONTRIBUTING.md * Bump gitvalidation epoch * Bump to v1.6.0-dev * Handle conflict between volumes and --read-only-tmpfs * Cirrus: Upload windows MSI release file * conditionally send stdin on remote run * Cirrus: VM Image accounting doc update * Force a CNI Delete on refreshing containers * Document the required varlink build args * Update mac_client link * Cirrus: Fail early on CI script unit test * Unconditionally remove conmon files before starting - Changelog for v1.6.0-rc2 (2019-09-24) * Add release notes for new-in-RC2 changes * system tests: run test: reenable and fix * play kube: Only support pod kind in k8s yaml * runtime: fix logic to disable SDNotify * add list mount tests * Make netns bind mount shared * Add Kata Containers support * rootless: Rearrange setup of rootless containers * Document the 'system' event types for 'podman events' * Cirrus: Add upload_snap to success dependencies * Cirrus: Add snapcraft credentials * Cirrus: Upload snap only on merges to master * Cirrus: Push snap continuously * exec: set HOME also with exec sessions * execuser: look at the source for /etc/{passwd,group} overrides * We need to convert libpod.conf files in user homedir for cgroupv2 * Cirrus: Temporarily disable testing on Ubuntu 19 * Cirrus: disable Evil Units in base-images * Cirrus: Add latest ubuntu * Cirrus: More podbot/success improvements * Cirrus: Fix success script * Cirrus: Update podbot credentials * container: make sure $HOME is always set * Move rootless and Mac to Tutorials page * fix trivial type for event logger * Support podman-remote help on windows * Clean destination paths during mount generation * tests: use crun package * Add a note on systemd shortcomings in rootless containers * support non-standard ssh port for remote-client * Add links to the Mac tutorial in the main tutorial * Vendor c/storage 1.13.3 * System-test: Temporarily disable 030-run * Fix exit code failure * exec: fix --preserve-fds * networking: use --enable-sandbox if available * Add 'relabel' to --mount options * Bump Gitvalidation epoch * Bump to v1.6.0-dev * Unmounting a container that is already unmounted is OK * Check for rootless before checking cgroups version in spec_test. * Skip spec_test for rootless envs without cgroup v2. * fix unit test to use Expect * Cirrus: Prevent resident pollution - Changelog for v1.6.0-rc1 (2019-09-16) * Fix default to pause in podman cp * Update release notes for v1.6.0 * Vendor Bulidah 1.11.2 * get runtime for podman-remote push earlier * rootless: report the correct error * Report errors when trying to pause rootless containers * Do not support wildcards on cp (Edit 2020-06-03: Addresses CVE-2019-18466) * Podman-remote run should wait for exit code * Use exit code constants * exec: Register resize func a bit later * clean up after healthcheck execs * enhance podman network rm * Add podman icon to installer * Test that PTYs created by 'podman exec --tty' have the ONLCR flag * Prevent podman varlink socket fight * Touch up some bad grammar in rootless doc * linux: fix systemd with --cgroupns=private * rootless: run pause process in its own scope * rootless: automatically create a systemd scope * utils: use the user session for systemd * Support building Windows msi file * Add cgroup v2 info to rootless tutorial * fix podman sign signature store for rootless * podman-remote image trust is broken * Cirrus: Fix unnecessary setsebool * Add further fields to StorageContainer * Volume lookup needs to include state to unmarshal into * Do not prune images being used by a container * Add support for launching containers without CGroups * add lint and manpage check to make validate * Add `ContainerManager` annotation to created containers * When first mounting any named volume, copy up * Add function for looking up volumes by partial name * hack/man_page_checker - improve diagnostics * podman network create * Fixup `util.GetRootlessConfigHomeDir` permission requirements * Fixup Makefile for BSD systems, e.g. macOS * Replace "podman" with "Podman" * Add instructions for mounting named volumes from the host for `podman run` * Add instruction for using fuse-overlayfs as the rootless storage driver * Fix podman import bash completions * Turn off journald in podmanimages on quay.io * build: pass down the cgroup manager to buildah * mac_client.md * Ignore ENOENT on umount of SHM * play kube: fix segfault * Return information about mount_program (fuse-overlayfs) * Ensure good defaults on blank c/storage configuration * Correctly report errors on unmounting SHM * Add ability for volumes with options to mount/umount * Fixup README.md to give proper information * Add volume state * Change volume driver and options JSON tags * Update buildah to v1.11.0 * Set TMPDIR to /var/tmp by default * cli-flags: use a consistent format for * Fix unit tests missing comparative for 'Expect' * System tests: support for crun on f31/rawhide * libpod: avoid polling container status * Add test to verify noexec works with volume mounts * Cirrus: Update e-mail -> IRC Nick table * handle dns response from cni * pkg/util: use rootless function to read additional users * Enable hack/man-page-checker in CI * rootless: detect user namespace configuration changes * rootless.md: add systemd unit example * docs: add note about failing rhel7 systemd on cgroups v2 * spec: provide custom implementation for getDevices * spec: do not set devices cgroup when rootless * rootless: bind mount devices instead of creating them * Add command aliases to SYNOPSIS section * Exclude podman-remote * Cirrus: On success, add IRC nick mention to msg * Fix table spacing * Revert the descriptive text for podman-remote * WIP - ignore man pages for commands besides podman * podman-remote is not a subcommand * Fix formatting and enable hack/man-page-checker * Cirrus: Load base-image names indirectly * Cirrus: Remove image_prune YAML-alias workaround * Fix links to manpages * Makefile: use go proxy * man: events-logger → events-backend * dont panic when using varlink commit and uppercase image names * Add a test for the new suid/exec/dev options * Fix addition of mount options when using RO tmpfs * Allow :z and :Z with ProcessOptions * Set base mount options for bind mounts from base system * Don't double-process tmpfs options * Add support for 'exec', 'suid', 'dev' mount flags * Update buildah to current master * Cirrus: Reimplement release archive + upload * Readme: Links for automatic binary releases * Re-add locks to volumes. * image: remove unused Decompose method * Temporarily disable systemd test for CGroups V2 * Add an integration test for systemd in a container * clean up after remote build * Cirrus: Block CNI use of google VPCs * Add snap build test to success and release check * Run `apt-get update` to avoid missing package while building * Use snapcraft on Ubuntu 18.04 for libostree-dev * Test build snap with Cirrus CI * Update varlink doc and code * podman cp: big set of system tests * add iproute to podman in podman image * Cirrus: Enable VM image housekeeping * clean up after remote build * Adjust name of Podman CNI network bridge * Update cni config instructions * Fix minor typos in podman-run docs. * Fix link format in rootless_tutorial.md. * Need to include command name in error message * podman-remote: cp crashes * generate systemd: support pods and geneartig files * Dockerfile.fedora: install cni plugins package * Add --digestfile option to push * generate systemd: drop support for remote clients * exec: run with user specified on container start * Dockerfile*: fix build for CNI plugins * Touchup README with Buildah build usage * Dockerfile.*: bump CNI plugins commit * Implement healthcheck for remote client * networking: use firewall plugin * Flake fix: build test timeout * Fix error message on podman stats on cgroups v1 rootless environments * test: enable all tests for crun * test: fix return code check for missing workdir * Fix directory pull image name for OCI images * .cirrus.yml: use crun from git master * libpod, pkg: lookup also for crun failures * libpod.conf: add crun to runtime_supports_json * containers, create: debug message on failed deletion * libpod: still attempt to read the oci log file if not output * Issue template update to include package info * Allow customizing pod hostname * add --cert-dir image sign * Cirrus: Minor: Simplify crun test task * Create framework for varlink endpoint integration tests * Cirrus: Confirm networking more * inclusion of podman network * do not activate sd_notify support when varlink * Remove --tmpfs size default * cirrus: enable cgroups v2 tests with crun * tests: skip pause tests if freezer is not available * tests: enable run tests for cgroups v2 * tests: enable cpu tests for cgroups v2 * tests: enable memory tests for cgroups v2 * runtime: honor --runtime flag to build * test: fix option name * Add support & documentation to run containers with different file types * Use GetRuntimeDir to setup auth.json for login * add --pull flag for podman create&run * Fix typos * Update Varlink API documentation for volumes changes * Swap 'volume inspect' frontend to use the new backend * Implement backend for 'volume inspect' - Changelog for v1.5.1 (2019-08-15) * Add release notes for v1.5.1 * Set Pod hostname as Pod name * tests for exit status on podman run --rm * performance fix for podman events with large journalds * pkg/cgroups: use DBUS session when rootless * Fix play kube command in pod yaml * removMergeDir from inspect result if not mounted * Running Podman with a nonexistent hooks dir is nonfatal * Cirrus: Install varlink on Ubuntu * Cirrus: Install varlink on Fedora * Add missing stage-packages in snapcraft.yaml. * Add RHEL and SUSE to snap doc * start groundwork for adding snap * Add user systemd service and socket * Small optimization - only store exit code when nonzero * Fix container exit code with Journald backend * Revert "Cirrus: Temp. workaround missing imgprune image" * Homebrew installation in install.md * varlink endpoint for containerstats requires root * Adjust get_ci_vm.sh for substitution * Cirrus: Add verification for cgroupv2 image * Cirrus: Add experimental fedora VM image & test * image: add user agent to Docker registry options * Cirrus: Minor, use newer Ubuntu base image * tests: disable some tests currently failing when not using runc * containers: look also for 'file not found' in the error message * cirrus: add tests with crun on Fedora 30 * rootless: cherry-pick runtime from the system configuration * cirrus: install crun * cmd: drop check for euid==0 * storage: drop unused geteuid check * cmd, stats: fix check for rootless mode * oci: drop check for euid==0 * build: use the configured runtime * Adjust read count so that a newline can be added afterwards * Fix incorrect use of realloc() * Bump gitvalidation epoch * Bump to v1.5.1-dev * Fix a couple of errors descovered by coverity * Test that restored container does not depend on the original container * Fix up ConmonPidFile after restore * Cirrus: Enable updates-testing repo for Fedora * enable windows remote client * implement 'make remotesystem' * Squish a few tpyo nits in container.go doc * Cirrus: Add Second partition for storage testing - Changelog for v1.5.0 (2019-08-09) * vendor github.com/containers/storage@v1.13.2 * Improve dns-search validation, empty domains now return an error * fix create&run getting --authfile from cli * Add release notes for v1.5.0 * Touch up build man page * podman-container-runlabel(1): drop note * make rmi messages more compatible with docker * Add conmon probe to runtime construction * fix copy change file owner if cp from container * Vendor Buildah 1.10.1 * Allow the passing of '.' to --dns-search * add make to make installs * namespaces: fix Container() call * Add a test for verifying ENTRYPOINT and CMD * fix port early return * Allow --ro=[true|false] with mount flag * refer to container whose namespace we share * add test to verify hostname is shared in a pod * Properly share UTS namespaces in a pod * When populating CMD, do not include Entrypoint * systemd library conflict with seektail and addmatch * pod top test: reenable * cgroup: fix regression when running systemd * Add invalid credentials fix to docs * Revert "rootless: Rearrange setup of rootless containers" * restore: correctly set StartedTime * container stop: kill conmon * honor libpod.conf in /usr/share/containers * fix system df crashes on unnamed images * Don't log errors to the screen when XDG_RUNTIME_DIR is not set * various fixes for varlink endpoints * add eventlogger to info * Add handling for empty LogDriver * Add rootless NFS and OverlayFS warnings to docs * podman events format json * add godoc link to readme * restore: added --ignore-static-ip option * System tests: resolve hang in rawhide rootless * fix search output limit * Add capability functionality to play kube * Use "none" instead of "null" for the null eventer * Deduplicate capabilities in generate kube * Fix typo * Pass on events-backend config to cleanup processes * Print Pod ID in `podman inspect` output * go build: use `-mod=vendor` for go >= 1.11.x * Use buildah/pkg/parse volume parsing rather then internal version * github.com/containers/storage v1.12.13 * Add new exit codes to rm & rmi for running containers & dependencies * Add runtime and conmon path discovery * systemd, cgroupsv2: not bind mount /sys/fs/cgroup/systemd * Ensure we generate a 'stopped' event on force-remove * Fix Dockerfile - a dependency's name was changed * System events are valid, don't error on them * Do not use an events backend when restoring images * Expose Null eventer and allow its use in the Podman CLI * Force tests to use file backend for events * Add a flag to set events logger type * Fix test suite * Retrieve exit codes for containers via events * podman: fix memleak caused by renaming and not deleting the exit file * Cirrus: Fix release dependencies * Cirrus: Fix re-run of release task into no-op. * e2e test: check exit codes for pull, save, inspect * rootless: Rearrange setup of rootless containers * Add comment to describe postConfigureNetNS * Vendor in buildah 1.9.2 * Build fix for 32-bit systems. * Set -env variables as appropriate * Touch up input argument error on create * Update libpod.conf to be NixOS friendly * Allow info test to work with usernames w/dash * Touch up XDG, add rootless links * Fix the syntax in the podman export documentation example * fix `podman -v` regression * Move random IP code for tests from checkpoint to common * Fix commit --changes env=X=Y * Update pause/unpause video links and demo * Cirrus: Remove fixed clone depth * podman: support --userns=ns|container * pods: do not to join a userns if there is not any * Documenation & build automation for remote darwin * Cirrus: Bypass release during image-building * Use systemd cgroups for Ubuntu * Cirrus: Ubuntu: Set + Test for $RUNC_BINARY * Cirrus: Simplify evil-unit check in image * Cirrus: Silence systemd-banish noise * Cirrus: Fix image build metadata update * Cirrus: Fix missing -n on CentOS * Cirrus: Remove disused COMMIT variables * Improved hooks monitoring * Fix possible runtime panic if image history len is zero * When retrieving volumes, only use exact names * fix import not ignoring url path * Document SELinux label requirements for the rootfs argument * Fixes issue #3577. * refactor to reduce duplicated error parsing * remove debug prints * Re-add int64 casts for ctime * fix build --network=container * Fix a segfault on Podman no-store commands with refresh * always send generic error in case io fails * only use stdin if specified * buffer errChan * move handleTerminalAttach to generic build * remove unnecessary conversions * add detach keys support for remote * move editing of exitCode to runtime * Update e2e tests for remote exec * Finish up remote exec implementation * golangci-lint cleanup * install.md: mention all build tags * golangci-lint phase 4 * Change wait to sleep in podmanimage readme * bump cirrus images to get new conmon * Implement conmon exec * bump conmon to 1.0.0-rc2 * Cirrus: Temp. workaround missing imgprune image * vendor github.com/containers/image@v2.0.1 * golangci-lint round #3 * Remove debug message * Cleanup Pull Message * Cirrus: Fix post-merge env. var. not set. * mkdir -p /etc/cni/net.d requires sudo * Add support for listing read/only and read/write images * support podman ps filter regular expressions * rootless: add rw devices with --privileged * Cirrus: Minor scripting typo fix * fix --dns* and --network not set to host conflict * podman-remote make --size optional in ps * Remove exec PID files after use to prevent memory leaks * Add DefaultContent API to retrieve apparmor profile content * libpod: support for cgroup namespace * Make GOPATH-related symlinking more precise * Populate inspect with security-opt settings * Properly retrieve Conmon PID * Move the HostConfig portion of Inspect inside libpod * Fix play kube command * spec: rework --ulimit host * Cirrus: Add image-test for locked dpkg * Cirrus: Use images w/o periodic svcs * Cirrus: Disable most periodic services/timers * dependency/analyses: simplify scripts * dependency-tree analysis: direct and transitive * analyses: README: consistent code examples * analyses: README: fix typos * analyses: add dependency-tree.sh * analyses: add README.md * hack/analyses -> dependencies/analyses * hack/analyses/go-archive-analysis.sh: fix sorting * add hack/analyses/nm-symbols-analysis.sh * analyse package sizes * Completion: complete "--health-start-period" in bash * Make the healthcheck flags compatible with Docker CLI * healthcheck: reject empty commands * create: ignore check if image has HEALTHCHECK NONE * create: apply defaults on image healthcheck options * healthcheck: improve command list parser * Completion: --no-healthcheck is not an option * Cirrus: Abstract destination branch refs. * Cirrus: Print images that should be pruned * create: improve parser for --healthcheck-command * Improves STD output/readability in combination with debug output. * Fix the double replySendFile() * Cirrus: Update to freshly built cache-images * Cirrus: Execute system-tests during image-validation * Cirrus: Fix missing removal of packaged podman * cgroupsv2: do not enable controllers for the last component * spec: fix userns with less than 5 gids * Fix spelling mistakes in man pages and other docs * Add glob parsing for --env flag * Add support for -env-host * cgroups: fix a leak when using cgroupfs * cgroups: attempt a recursive rmdir * Fix a bug where ctrs could not be removed from pods * golangci-lint pass number 2 * Add tests for --ignore-rootfs checkpoint/restore option * Add --ignore-rootfs option for checkpoint/restore * Fix typo in checkpoint/restore related texts * Include root file-system changes in container migration * Add function to get a filtered tarstream diff * Correctly set FinishedTime for checkpointed container * first pass of corrections for golangci-lint * Cirrus: Fix #3543: Failure in 'release' task * fix bug convert volume host path to absolute * Cirrus: Fix 473d06045 / enable build_without_cgo * account for varlink calls that dont use more * runtime: drop spurious message log * Ensure we have a valid store when we refresh * cgroups: skip not existing cpuacct files * cgroups: support creating cgroupsv2 paths * make localsystem: wipe all user config state * podman: create and run honors auth file location * healthcheck: support rootless mode * Use random IP addresses during checkpoint/restore tests * Fix podman-remote usage message to display `podman-remote` instead of `podman` * rootless.md: Include GPFS as a parallel filesystem * speed up rootless tests * podman: add --ulimit host * docs: fix --healthcheck-command option * code cleanup * fix integration flake tests * CONTRIBUTING.md: fix project paths * get last container event * Do not hardcode podman binary location in generate systemd. * Move skipping systemd tests to early setup. * Reload systemd daemon on creation of units location dir in tests. * Add debug information to "generate systemd" test. * Use default conmon pidfile location for root containers. * Use conmon pidfile in generated systemd unit as PIDFile. * Cirrus: Automate releasing of tested binaries * trivial cleanups from golang * ps should use nostore when possible * libpod: discerne partial IDs between containers and pods * Added instruction to enable the user namespaces permanenty in Manjaro * Addressed code review comments * Updated install.md for Manjaro Linux * Vendor latest OCICNI version * Bump current version in README * Wipe PID and ConmonPID in state after container stops * Store Conmon's PID in our state and display in inspect * Restart failed containers in tests * Improve parsing of mounts * Add test for generate kube with volumes * Bump gitvalidation epoch * Bump to v1.4.5-dev * Fix rootless detection error for pause & unpause * Deduplicate volumes * cirrus: add test for compiling without cgo * lock: new lock type "file" * runtime: allow to specify the lock mechanism * lock: disable without cgo * spec: move cgo stuff to their own file * rootless: allow to build without cgo * attach: move cgo bits to a different file * vendor: update containers/psgo * Update the testing documentation with system tests. * Pass along volumes to pod yaml * Configure container volumes for generate kube * configure runtime without store * Add RUN priv'd test for build * Cirrus: Use packaged dependencies * Add exec after checkpoint/restore test * Provide correct SELinux mount-label for restored container * Track if a container is restored from an exported checkpoint * libpod/container_internal: Make all errors loading explicitly configured hook dirs fatal - Changelog for v1.4.4 (2019-07-02) * Fix release notes * Ensure locks are freed when ctr/pod creation fails * Update release notes for 1.4.4 * stats: use runtime.NumCPU when percpu counters are not available * cgroups: fix times conversion * Update to containers/storage v1.12.13 * rootless: do not join namespace if it has already euid == 0 * Exclude SIGTERM from blocked signals for pause process. * Remove umount command from remote client. * rootless: enable linger if /run/user/UID not exists * Makefile: set GO111MODULE=off * libpod removal from main (phase 2) * runtime: do not attempt to use global conf file * runtime: use GetRootlessUID() to get rootless uid * Remove refs to crio/conmon * Handle images which contain no layers * Add tests that we don't hit errors with layerless images * stats: fix cgroup path for rootless containers * pkg, cgroups: add initial support for cgroup v2 * util: drop IsCgroup2UnifiedMode and use it from cgroups * vendor: drop github.com/containerd/cgroups * libpod: use pkg/cgroups instead of containerd/cgroups * pkg: new package cgroups * Remove unnecessary blackfriday dependency * libpod: fix hang on container start and attach * podman: clarify the format of --detach-keys argument * libpod: specify a detach keys sequence in libpod.conf * Fix parsing of the --tmpfs option * Fix crash for when remote host IP or Username is not set in conf file & conf file exists. * Bump gitvalidation epoch * Bump to v1.4.4-dev * Cirrus: More tests to verify cache_images * Update release notes for 1.4.3 release * remove libpod from main - Changelog for v1.4.3 (2019-06-25) * Update 'generate kube' tests to verify YAML * Use a different method to retrieve YAML output in tests * update dependencies * Fix tests * Change Marshal -> Unmarshal in generate kube tests * Add test for generate kube on a pod with ports * Only include ports in one container in Kube YAML * Support aliases for .Src and .Dst in inspect .Mounts * Fix a segfault in 'podman ps --sync' * migrate to go-modules * Makefile: add go-get function * rootless: add an entry to /etc/hosts when using slirp4netns * libpod.conf: add runtime crun * Fix configs location in rootless tutorial. * Add additional debugging when refreshing locks * Fix gofmt * Adjust names to match struct tags in Inspect * Fix inspect --format '{{.Mounts}}. * runtime.go: Add /usr/local/{s,}bin * include make podman target in install instructions * Add /usr/local/{s,}bin to conmon paths * update cirrus image * Update conmon to include attach socket unlink * Add --latest, -l to 'podman diff' * Build cgo files with -Wall -Werror * Add some missing periods to the readme * fix bug creats directory copying file * Support Reproducible Builds by removing build path * Support SOURCE_DATE_EPOCH * Properly initialize container OCI runtime * vendor containers/storage v1.12.11 * Handle containers whose OCIRuntime fields are paths * Properly handle OCI runtime being set to a path * add windows bridge format * Make configuration validation not require a DB commit * Avoid a read-write transaction on DB init * Fix execvp uage in rootless_linux.c * Handle possible asprintf failure in rootless_linux.c * Fix format specifiers in rootless_linux.c * Print container's OCI runtime in `inspect` * Make a missing OCI runtime nonfatal * Begin adding support for multiple OCI runtimes * docs: add note to system migrate * Fix documentation for log-driver * Minor roadmap adjustment in README * Spoof json-file logging support * Add tests for cached and delegated mounts * Vendor in logrus v1.4.2 * Add RUN with priv'd command build test * Bump gitvalidation epoch * Bump to v1.4.3-dev * fix broken healthcheck tests * Allow (but ignore) Cached and Delegated volume options * Fix example in oci-hooks.5.md * First pass rootless tutorial * Correctly identify the defaults for cgroup-manager * Cirrus: Fix F30 ssh guarantee * Cirrus: Add support for testing F30 * Bump gate-container up to F30 - Changelog for v1.4.2 (2019-06-18) * Update release notes for Podman 1.4.2 * updating podman logo files * fix port -l timing with healthchecks * Bump Buildah to v1.9.0 * Swap to using the on-disk spec for inspect mounts * Replace podman.svg; closes #3350 * cmd, docs, test: fix some typos * run BATS tests in Cirrus * Move the Config portion of Inspect into libpod * Add remote client logging to a file * Fix subgidname option in docs for podman run * stop/kill: inproper state errors: s/in state/is in state/ * test: add test for logs -f * kill: print ID and state for non-running containers * API.md: fix few typos * docs/podamn.1.md: fix typo: remove double the * CONTRIBUTING.md: fix typo * Remove unnecessary var type to fix lint warning * Move installPrefix and etcDir into runtime.go * Improve DESTDIR/PREFIX/ETCDIR handling * Bump gitvalidation epoch * Bump to v1.4.2-dev * Change container command to contained * Cirrus: Simplify log collection commands * Accidently removed /run/lock from systemd mounts * Add warning while untagging an image podman-load * podman copy files to the volume with a container - Changelog for v1.4.1 (2019-06-14) * Completely disable global options test * Update release notes for 1.4.1 * Skip runlabel global options test for podman-in-podman * pkg/apparmor: fix when AA is disabled * Fix ENV parsing on `podman import` * Fix storage-opts type in Cobra * Use the logical registry location instead of the physical one in (podman info) * Update containers/image to v2.0.0, and buildah to v1.8.4 * Document exit codes for podman exec * Add --storage flag to 'podman rm' (local only) * When creating exit command, pass storage options on * Bump cirrus images * Mention the new Podman mailing list in contributing.md * Update 1.4.0 release notes with ID -> Id in inspect * Bump conmon to 0.3.0 * Cirrus: Guarantee ssh is running for rootless * Purge all use of easyjson and ffjson in libpod * Split mount options in inspect further * storage: support --mount type=bind,bind-nonrecursive * oci: allow to specify what runtimes support JSON * storage: fix typo * oci: use json formatted errors from the runtime * Make Inspect's mounts struct accurate to Docker * Provide OCI spec path in `podman inspect` output * If container is not in correct state podman exec should exit with 126 * rootless: use the slirp4netns builtin DNS first * Add --filename option to generate kube * Fix podman-remote to user default username * Prohibit use of positional args with --import * BATS tests - get working again * Add a test for 'podman play kube' to prevent regression * Cirrus: New images w/o buildah * Remove source-built buildah from CI * standardize documentation formatting * Touchup upstream Dockerfile * only set log driver if it isn't empty * Fix cgo includes for musl * When you change the storage driver we ignore the storage-options * Update vendor on containers/storage to v1.12.10 * Bump gitvalidation epoch * Bump to v1.4.1-dev * Default 'pause' to false for 'podman cp' * Update c/storage to 9b10041d7b2ef767ce9c42b5862b6c51eeb82214 * Fix spelling * fix tutorial link to install.md * Cirrus: Minor cleanup of dependencies and docs * Begin to break up pkg/inspect * docs: Add CI section and links - Changelog for v1.4.0 (2019-06-07) * Update release notes for v1.4.0 * Update release notes for v1.4.0 * Disable a very badly flaking healthcheck test * rootless: skip NS_GET_PARENT on old kernels * Cirrus: Track VM Image calling GCE project * remove -c for podman remote global options * Vendor Buildah v1.8.3 * Cirrus: Disable testing on F28 (EOL) * migration: add possibility to restore a container with a new name * Inherit rootless init_path from system libpod.conf * Also download container images during restore * Include container migration into tutorial * Add man-pages for container migration * Added bash completion for container migration * Add test case for container migration * Added support to migrate containers * Added helper functions for container migration * Fix restore options help text and comments * fix timing issues with some tests * pkg/varlinkapi/virtwriter/virtwriter.go: simplify func Reader * rootless: block signals on re-exec * cirrus: minor cleanup and refactoring * manpage: podman-tool table: un-confuse version and varlink * Create Dockerfiles for podmanimage * rootless: use TEMP_FAILURE_RETRY macro * rootless: fix return type * rootless: make sure the buffer is NUL terminated * split rootless local and remote testing * Fix podman cp test by reordering operations * Small fix to readme to force tests to run * Do not set tmpcopyup on /dev * do not run remote tests inside container * podman remote-client commit * Fix podman cp tests * podman-remote.conf enablement * Error when trying to copy into a running rootless ctr * rootless: skip check fo /etc/containers/registries.conf * We can't pause rootless containers during cp * Fix bug in e2e tests for podman cp * Tolerate non-running containers in paused cp * Add test to ensure symlinks are resolved in ctr scope * Add --pause to podman cp manpage and bash completions * Pause containers while copying into them * Use securejoin to merge paths in `podman cp` * use imagecaches for local tests * add dns flags to docs * add missing container cp command * Podman logs man page shouldn't include timestamps * Fix the varlink upgraded calls * hack: support setting local region/zone * document missing container update command * Add --follow to journald ctr logging * Address comments * Implement podman logs with log-driver journald * bump go-systemd version * Added --log-driver and journald logging * Update completions and docs to use k8s file as log driver * bump conmon to v0.2.0 * runtime: unlock the alive lock only once * rootless: make JoinUserAndMountNS private * Revert "rootless: change default path for conmon.pid" * rootless: enable loginctl linger * rootless: new function to join existing conmon processes * rootless: block signals for pause * Update install.md ostree Debian dependencies. * fix bug dest path of copying tar * podman: honor env variable PODMAN_USERNS * userns: add new option --userns=keep-id * warn when --security-opt and --privileged * baseline tests: apparmor with --privileged * rootless: store also the original GID in the host * Fix a potential flake in the tests for podman cp * cirrus: update images w/ zip pkg * Cirrus: Add zip package to images * rootless: fix top huser and hgroup * vendor: update psgo to v1.3.0 * apparmor: don't load/set profile in privileged mode * hack: ignore from all VCS files when tarballing * hack: shrink xfer tarball size * hack: Display IP address of VM from script * document nullable types * Add test cases for login and logout * Remove unused return statement in kube volume code * Fix play kube when a pod is specified * Fix a 'generate kube' bug on ctrs with named volumes * Add test for image volume conflict with user volume * Cirrus: Fix missing CRIO_COMMIT -> CONMON_COMMIT * When superceding mounts, check for opposite types * make remote resize channel buffered * Cirrus: workaround root expand failure * Cirrus: Stub in F30 support * Cirrus: fixups based on review feedback * Cirrus: Overhaul/Simplify env. var setup * Cirrus: Run tests on test-built cache-images * Cirrus: Support testing of VM cache-image changes * Cirrus: Remove "too new" runc hack * libpod: prefer WaitForFile to polling * Remove conmon from fedora install instructions * rootless: force resources to be nil on cgroup v1 * Fixup Flags * Minor fix filtering images by label * container: move channel close to its writer * util: fix race condition in WaitForFile * Update vendor of buildah and containers/images * Add Jhon Honce (@jwhonce on github) to OWNERS * Don't set apparmor if --priviliged * docs/libpod.conf.5: Add "have" to "higher precedence" typo * Output name of process on runlabel command * Minor fix splitting env vars in podman-commit * Fixup conmon documentation * troubleshooting.md: add note about updating subuid/subgid * system: migrate stops the pause process * rootless: join namespace immediately when possible * rootless: use a pause process * migrate: not create a new namespace * install.remote should be separate for install.bin * Cirrus: Confirm networking is working * Use containers/conmon * Fix a typo in release notes, and bump README version * s|kubernetes-sigs/cri-o|cri-o/cri-o|g * Bump github.com/containers/storage to v1.12.7 * remote: version: fix nil dereference * Bump gitvalidation epoch * Bump to v1.3.2-dev * Add connection information to podman-remote info * unshare: define CONTAINERS_GRAPHROOT and CONTAINERS_RUNROOT * Touchup run man page * unshare: use rootless from libpod * Replace root-based rootless tests * rootless: default --cgroup-manager=systemd in unified mode * create: skip resources validation with cgroup v2 * rootless, spec: allow resources with cgroup v2 - Changelog for v1.3.1 (2019-05-16) * More release notes * Add unshare to podman * Release notes for 1.3.1 * Kill os.Exit() in tests, replace with asserts * Minor capitalization fix in Readme * Add debug mode to Ginkgo, collect debug logs in Cirrus * set default event logger based on build tags * Add VarlinkCall.RequiresUpgrade() type and method * Ensure that start() in StartAndAttach() is locked * When removing pods, free their locks * network: raise a clearer error when using CNI * Fix libpod.conf option ordering * split remote tests from distro tests * varlink: fix usage message, URI is now optional * Update containerd/cgroups to 4994991857f9b0ae * healthcheck benign error * Add `systemd` build tag * podman: fix events help string * When removing a pod with CGroupfs, set pids limit to 0 * Add fix for an issue breaking our CI * Use standard remove functions for removing pod ctrs * implement cp reads tar file from stdin/stdout * Add information when running podman version on client * add varlink bridge * Add negative command-line test * Preserve errors returned by removing pods * Improve robustness of pod removal * enable integration tests for remote-client * fix podman-remote ps --ns * podman-run|create man updates * Update installation instructions * remote-podman checkpoint and restore add to container submenu * Remove tests for deprecated podman-refresh command * When refreshing after a reboot, force lock allocation * Do not remove volumes when --rm removes a container * add unit tests for generate systemd * Bump gitvalidation epoch * Bump to v1.3.1-dev * Upgrade to latest criu and selinux-policy * Only run checkpoint/restore tests on Fedora >= 29 * Fix API.md * Cirrus: Add missing task dependencies * Cirrus: Add check for make varlink_api_generate - Changelog for v1.3.0 (2019-05-06) * Update release notes for 1.3.0 release * Bump to Buildah v1.8.2 * Document events logger options in libpod.conf manpage * Try and fix restart-policy tests * fix logout message if login only with docker * Fix manpage typos * Small code fix * Fix 'restart' event in journald * change from sysregistries to sysregistriesv2 * Address review comments on restart policy * Add a test for restart policy * Add a restart event, and make one during restart policy * Restart policy should not run if a container is running * Restart policy conflicts with the --rm flag * Move to using constants for valid restart policy types * Add manpage information for restart policy * Add support for retry count with --restart flag * Sending signals to containers prevents restart policy * Add container restart policy to Libpod & Podman * Add a StoppedByUser field to the DB * top: fallback to execing ps(1) * clean up shared/parse/parse.go * Generate systemd unit files for containers * Fix podman-in-podman volume test * Cirrus: Add pipefail confirmation check * Cirrus: timestamp all output script output * Update c/storage to v1.12.6 * Fix typo in init manpage * Add an InvalidState varlink error for Init * Bump Buildah to v1.8.1, ImageBuilder to v1.1.0 * Add variable for global flags to runlabel * docs: Fix typo "healthcheck" pt2 * cirrus lib.sh: refactor req_env_var() * Remove two bits of dead code * http-proxy: improve docs * Small fixes for #2950 * container: drop rootless check * Add basic structure of podman init command * Move handling of ReadOnlyTmpfs into new mounts code * Begin adding volume tests * Ensure that named volumes have their options parsed * Add options parsing for tmpfs mounts * Use EqualValues instead of reflect equality * Hit a number of to-do comments in unified volumes code * Fix options for non-bind and non-tmpfs volumes * Migrate unit tests from cmd/podman into pkg/spec * Migrate to unified volume handling code * Always pass pod into MakeContainerConfig * Remove non-config fields from CreateConfig * Add a new function for converting a CreateConfig * podman-remote port * install.md contains hints for rootless setup on arch linux * auto pass http_proxy into container * enable podman-remote on windows * Use 'sudo tee' in tutorial so install works as non-root * Refactor container cleanup to use latest functions * Move --mount in run man page * Add details on rootless Podman to the readme * podman-remote stop * correct upstream vndr issues * runtime: pass down the context * system: add new subcommand "migrate" * Vendor in latest buildah code * remove manual install of libsystemd-dev * Vendor in latest containers/storage * Add --read-only-tmpfs options * Fix remote-client testing reports * podman-remote prune containers * Do not hard fail on non-decodable events * update psgo to v1.2.1 * Add System event type and renumber, refresh events * enable podman remote top * fix login supports credHelpers config * Cirrus: Collect audit log on success and failure * Add a debug message indicating that a refresh occurred * image: rework parent/child/history matching * images: add context to GetParent/IsParent/Remove/Prune... * build podman-remote with Dockerfile. * point to 3rd party tools for `docker-compose` format * Update vendor of container/storage * journald event logging * podman remote-client restart containers * Cirrus: Use freshly built images * Cirrus: Bump up runc commit * Cirrus: fix obsolete Ubuntu package * Cirrus: Install libsystemd-dev on Ubuntu * pull: special case all-tags semantics * Fix test compile * Trim whitespace from ps -q before comparing * Enhance tests for stop to check results * Add extra CI tests for stopping all containers * Fix podman stop --all attempting to stop created ctrs * Cirrus: Temp. override container-selinux on F29 * Refactor of 'podman prune' to better support remote * bats - various small updates * podman-remote pause|unpause * Internal names do not match external names * Add header to play kube output * Clean up after play kube failure * rootless: not close more FDs than needed * Fix COPR builds to start working again * Fix podman command --change CMD * podman-remote start * Vendor in latest Buildah * Added remote pod prune * Add podman pod prune * podman-remote container commands * Fix segfaults attribute to missing options * Call the runtime with WithRenumber() when asked * Add File mounts to play kube * cmd, pkg: drop commented code * pod: drop dead code * rootless, mount: not create namespace * Incorporate image and default environment variables in play kube * Validate ENV/LABEL Change options in varlink * oci: fix umount of /sys/kernel * Revert "rootless: set controlling terminal for podman in the userns" * Remove old crio reference from man pages * create: fix segfault if container name already exists * adding uidmap to install steps for ubuntu * podman-remote generate kube * rootless: do not block SIGTSTP * rootless: set controlling terminal for podman in the userns * Use GetContainer instead of LookupContainer for full ID * pull: exit with error if the image is not found * Use the same SELinux label for CRIU log files * pull: remove cryptic error message * new uidmap BATS test: fix * adding additional update, needed for install * Fix README.md -> rootless.md link * Fixes for podman-remote run and attach * remote-client checkpoint/restore * Expand debugging for container cleanup errors * spec: mask /sys/kernel when bind mounting /sys * Add --include-volumes flag to 'podman commit' * oci: add /sys/kernel to the masked paths * userns: prevent /sys/kernel/* paths in the container * imagefilter dangling handling corrected * rootless: fix segfault on refresh if there are containers * Add demo script and cast to images * Initial remote flag clean up * (minor): fix misspelled 'Healthcheck' * BATS tests: start supporting podman-remote * Add the ability to attach remotely to a container * Print header for 'podman images' even with no images * podman-remote ps * Re-run (make vendor) to drop the now unnecessary collation code and tables * Potentially breaking: Make hooks sort order locale-independent * Implement podman-remote rm * ps: now works with --size and nonroot * Update invalid name errors to report the correct regex * cirrus: enable remote tests for rootless * test: fix remote tests for rootless * test: enable userns e2e tests for rootless * CI check for --help vs man pages: usability fix * podman-remote create|run * Correct varlink pull panic * add image rmi event * Revert "Switch to golangci-lint" * Document shortcomings with rootless podman * podman: enable kube for rootless * kube: correctly set the default for MemorySwappiness * rootless: enable healthcheck tests * Respect image entrypoint in play kube * Increase CI resources to help avoid hitting timeouts * podman-remote image tree * Added port forwarding and IP address hint. * fix bug podman cp directory * Fix E2E tests * Drop LocalVolumes from our the database * Major rework of --volumes-from flag * Volume force-remove now removed dependent containers * Add handling for new named volumes code in pkg/spec * Create non-existing named volumes at container create * Switch Libpod over to new explicit named volumes * Add named volumes for each container to database * Add varcheck linter * Add deadcode linter * Update lint to use golangci-lint * Update registrar unit tests to match them of cri-o * Update run tests to be skipped when not supported * Fix Dockerfile dependencies for packer tests * Update Dockerfile to use golang:1.12 image * Fix a potential segfault in podman search * Improve podman pod rm -a test * Cirrus: Update F28 -> F29 container image * --size does not work with rootless at present * add remote-client diff * Cirrus: Support special-case modes of testing * rootless: use a single user namespace * rootless: remove SkipStorageSetup() * Update cri-o annotations * Update README with current version * docs/podman*.md: fix numerous option typos and spacing errors * docs/podman-rm.1.md: delete "Not yet implemented" msg for volume removal * docs/podman-inspect.1.md: add missing option hyphen for "-t" * Bump gitvalidation epoch * Bump to v1.3.0-dev * Fix location of libpod.conf * Capitalize global options help information - Changelog for v1.2.0 (2019-03-30) * Update release notes for v1.2.0 * Remove wait event * Vendor Buildah 1.7.2 * Add locking to ensure events file is concurrency-safe * Alter container/pod/volume name regexp to match Docker * test: test that an unprivileged user cannot access the storage * userns: do not use an intermediate mount namespace * volumes: push the chown logic to runtime_volume_linux.go * Cleanup image2 -> image for imports * Set blob cache directory based on GraphDriver * utils: call GetRootlessRuntimeDir once * rootless: set sticky bit on rundir * oci: drop reference to runc * Fix lint * Ensure that we make a netns for CNI non-default nets * rootless: change env prefix * vendor buildah, image, storage, cni * Default to SELinux private label for play kube mounts * Add watch mode to podman ps * Add all container status states to the podman-ps manual page. * fix bug `system df` add blank space to the output * fix bug remote-podman images --digests * Use spaces instead of tab for JSON marshal indent * Fix gofmt * Remove ulele/deepcopier in favor of JSON deep copy * doc: add note that pod publish ports are static once defined * Sigh; disable pod-top test, it's unreliable (#2780) * Resolve review comments * Add a test that --add-host conflicts with --no-hosts * Add manpages and completions for dns=none and no-hosts * Add --no-hosts flag to disable management of /etc/hosts * Add for --dns=none to disable creation of resolv.conf * Add support to disable creation of network config files * system df: reject invalid arguments * rootless: fix regression when using exec on old containers * Touchup commands.md * size is optional for container inspection * Add three test cases for podman attach test * system df to show podman disk usage * Add "died" event * docs/podman-pod-create.1.md: add example with port mapping * podman health check phase3 * userns: use the intermediate mountns for volumes * volume: create new volumes with right ownership * utils: drop dead function * troubleshooting: explain setup user: invalid argument * Cirrus: Verify manpages for all subcommands exist * Make "stopped" a valid state that maps to "exited" * fix Bug 1688041-podman image save removes existing image * podman: do not split --env on comma * Need to pass the true paramater with --syslog in cobra * Fix man page to mention race condition * docs/podman-run.1.md: remove extra whitespace in --read-only * man pages - consistency fixes * Add new key and never-expiring test certificate * Cirrus: Run vendor check in parallel * Cirrus: Various fixes for rootless testing * ps: fix segfault if the store is not initialized * tests: re-enable some tests for rootless mode * rootless: implement pod restart * rootless: reimplement restart with rootless.Argument() * test: fix SkipIfRootless() helper * rootless, rm: fix retcode when the container is not found * rootless: fix ps command * rootless: fix pod kill * Enable rootless integration tests * BATS: new tests, and improvements to existing ones * podman umount: error out if called with no args * Export ConmonPidFile in 'podman inspect' for containers * support GO template {{ json . }} * Incorporate user from image inspect data in play kube * Cirrus: Disable master-success IRC notices * Cleanup messages on podman load * Cirrus: Update VM Cache images * podman logs on created container should exit * Fix cut and paste errors in podman-pod-inspect * rootless: fix pod top * pod: fix segfault when there are no arguments to inspect * output of port grouping in ps command added as example * utils: split generation and writing of storage.conf * Cirrus: Fix post-merge failure notice * utils: avoid too long tmp directory * podman image tree: fix usage message * Cirrus: Notify on IRC if post-merge testing fails * rootless: change default path for conmon.pid * Add CLI storage conf example to run manpage * Integration test tweaks * display logs for multiple containers at the same time * Make 'podman rm' exit with 125 if it had a bogus & a running container * rootless: write the custom config file before reload * Add support for SCTP port forwarding * Make sure buildin volumes have the same ownership and permissions as image * rootless: do not override user settings * runtime: refactor NewRuntime and NewRuntimeFromConfig * events: use os.SEEK_END instead of its value * container: check containerInfo.Config before accessing it * rootless: use Geteuid instead of Getuid * rootless: use /tmp/libpod-rundir-$EUID for fallback * build: fix build DIR -t TAG * testcase added for listing range of ports in ps command * port grouping in ps command output * Update pull and pull-always in bud man page * cirrus: upgrade slirp4netns * rootless: fix CI regression when using slirp4netns * save-load-export: clear cli-parsing default * Bump timeout on a podman info test to default * Replace skopeo-containers with containers-common * slirp4netns: use --disable-host-loopback * slirp4netns: set mtu to 65520 * Tree implementation for podman images * Replace buildah with podman in build doc * zsh completion * Usage messages: deduplicate '(default true)' et al * Corrected detach man pages and code comments * Add --replace flag to "podman container runlabel" * rm: fix cleanup race * Add gating tasks * Add 'podman events' to podman(1) * Vendor docker/docker, fsouza and more #2 * Usability cleanup for 'inspect' * Add event on container death * Update vendor of Buildah and imagebuilder * minor typo fix in 'podman top' usage * healtcheck phase 2 * Add event logging to libpod, even display to podman * Fix SELinux on host shared systems in userns * Fix broken link in io.podman.varlink * move formats pkg to and vendor from buildah * Ensure that tmpfs mounts do not have symlinks * Update troubleshooting guide for Podman-in-Podman * Buffer stdin to a file when importing "-" * vendor psgo v1.2 * preparation for remote-client create container * Initialize field in InfoHost struct * rootless: allow single mappings * Remove --rm and --detach don't coexist note * rootless: fix pod stop|rm if uid in the container != 0 * rootless: fix rm when uid in the container != 0 * rootless: disable pod stats * rootless: do not create automatically a userns for pod kill * rootless: support a custom arg to the new process * slirp4netns: add builtin DNS server to resolv.conf * errors: fix error cause comparison * libpod: allow to configure path to the network-cmd binary * build: honor --net * pull: promote debug statement to error * Fix generation of infra container command * Remove an unused if statement I added * Don't delete another container's resolv and hosts files * Fix a potential segfault during infra container create * We don't use crio-umount.conf * Move secrets package to buildah * Add troublshoot information about SELinux labeling of containers/storage * test docs fixups * Default to image entrypoint for infra container * ginkgo status improvements * rootless: propagate errors from info * podman play kube defaults * container runlabel respect $PWD * Remove 'podman ps' restarting filter and fix stopped * label parsing in non-quoted field * More cleanup for failures on missing commands. * add podman-healthcheck(1) to podman(1) * Implement review feedback * new system tests under BATS * fix bug in podman images list all images with same name * Fix help commands to show short and long description. * implement showerror and accept HOST_PORT env which defaults to 8080 * create: join also the mount ns of the dependency * rootless: exec join the user+mount namespace * oci: make explicit the extra files to the exec * add test to cover networking * tests to cover locks and parallel execution #2551 * Yet another seemingly minor tweak to usage message * Change LookupContainer logic to match Docker * Implement podman-remote wait command and container subcommand * Cirrus: Use imgts container to record metadata * System-test: Documentation and TODO list * podman-remote pod top|stats * fix bug --device enable specifying directory as device * add flag --extract tar file in podman cp * Fix incorrect pod create failure * libpod/container_internal: Split locale at the first dot, etc. * Add volume mounting to podman play kube * podman healthcheck run (phase 1) * Append hosts to dependency container's /etc/hosts file * rootless: fix clone syscall on s390 and cris archs * Cirrus: Add dedicated rootless mode testing * rootless: fill in correct storage conf default * rm: set exit code to 1 if a specified container is not found * Support filter image by reference to the repo name * Bump gitvalidation epoch * Bump to v1.2.0-dev * Support podman-remote kill container(s) * cirrus: Drop ginkgo, gomega, easyjson install * Cirrus: Stop testing on RHEL * Cirrus: Stop testing on RHEL * Globally increase test timeout to 90-minutes * cirrus: Drop ginkgo, gomega, easyjson install * Cirrus: Add BATS package for all platforms * Globally increase test timeout to 90-minutes * exec: support --preserve-fds * get_ci_vm.sh: Fix conflicting homedir files - Changelog for v1.1.2 (2019-03-04) * Fix #2521 * Update release notes for v1.1.2 * Change timestamp format for podman logs * Don't extract tar file in podman cp * runtime: fill a proper default tmpdir when --config is used * Add additional defense against 0-length log segfaults * When logging with timestamps, append only until newline * Ensure that each log line is newline-terminated * A few more usage-message tweaks * Add missing short flag -l for run/create * Fix aliased commands to actually work * Support podman-remote stop container(s) * Add tests to make sure podman container and podman image commands work * Bump gitvalidation epoch * Bump to v1.2.0-dev - Changelog for v1.1.1 (2019-03-01) * Update release notes for v1.1.1 * Pull image for runlabel if not local * Fix SystemExec completion race * Fix link inconsistencies in man pages * Verify that used OCI runtime supports checkpoint * Should be defaulting to pull not pull-always * podman-commands script: refactor * Move Alias lines to descriptions of commands * Fix usage messages for podman image list, rm * Fix -s to --storage-driver in baseline test * No podman container ps command exists * Allow Exec API user to override streams * fix up a number of misplace commands * rootless, new[ug]idmap: on failure add output * [ci skip] Critical note about merge bot * podman port fix output * Fix ignored --time argument to podman restart * secrets: fix fips-mode with user namespaces * Fix four errors tagged by Cobra macro debugging * Clean up man pages to match commands * Add debugging for errors to Cobra compatibility macros * Command-line input validation: reject unused args * Fix ignored --stop-timeout flag to 'podman create' * fixup! Incorporate review feedback * fixup! missed some more: * fixup! Correction to 'checkpoint' * Followup to #2456: update examples, add trust * podman create: disable interspersed opts * fix up a number of misplace commands * Add a task to Cirrus gating to build w/o Varlink * Skip checkpoint/restore tests on Fedora for now * Fix build for non-Varlink-tagged Podman * Remove restore as podman subcommand * Better usage synopses for subcommands * Bump gitvalidation epoch * Bump to v1.2.0-dev * Centralize setting default volume path * Ensure volume path is set appropriately by default * Move all storage configuration defaults into libpod * rename pod when we have a name collision with a container * podman remote-client readme - Changelog for v1.1.0 (2019-02-26) * Vendor in latest buildah 1.7.1 * volume: do not create a volume if there is a bind * Only remove image volumes when removing containers * Fix podman logs -l * start pod containers recursively * Update release notes for v1.1.0 * vendor containers/image v1.5 * Record when volume path is explicitly set in config * Add debug information when overriding paths with the DB * Add path for named volumes to `podman info` * Add volume path to default libpod.conf (and manpage) * Validate VolumePath against DB configuration * When location of c/storage root changes, set VolumePath * docs: cross-reference `podman-{generate,play}-kube` * README: refine "Out of scope" section * oci: improve error message when the OCI runtime is not found * Label CRIU log files correctly * Add num_locks to the default libpod config * podman-remote pod pause|unpause|restart * podman: fix ro bind mounts if no* opts are on the source * Change exit code to 1 on podman rmi nosuch image * README.md: rephrase Buildah description * README: update "out of scope" section * Change exit code to 1 on podman rm nosuch container * podman-remote create|ps * remove duplicate commands in main * issue template: run `podman info --debug` * Fix play to show up in podman help * Switch defaults for podman build versus buildah * In shared networkNS /etc/resolv.conf&/etc/hosts should be shared * Allow dns settings with --net=host * Fix up handling of user defined network namespaces * Enable more podman-remote pod commands * tests, rootless: use relative path for export test * rootless: force same cwd when re-execing * Vendor Buildah v1.7 * Exit with errors not just logging error * cmd: support rootless mode for cp command * hide --latest on the remote-client * Improve command line validation * make remote-client error messaging more robust * podman: --runtime has higher priority on runtime_path * podman-remote pod inspect|exists * Cirrus: Install Go 1.11 on Ubuntu VMs * Cirrus: Add 20m extra timeout for Ubuntu * Introduce how to start to hack on libpod. * update: remove duplicate newline * Fix typo in comment * podman-remote load image * Do not make renumber shut down the runtime * Add podman system renumber command * Add ability to get a runtime that renumbers * Recreate SHM locks when renumbering on count mismatch * Move RenumberLocks into runtime init * Remove locks from volumes * Expand renumber to also renumber pod locks * Add ability to rewrite pod configs in the database * Add initial version of renumber backend * Add a function for overwriting container config * enable podman-remote pod rm * vendor containers/image v1.4 * Adjust LISTEN_PID for reexec in varlink mode * Update c/storage vendor to v1.10 release * add newline to images output * podman-remote save [image] * hack/tree_status.sh: preserve new lines * remove duplicate kill from `podman --help` * iopodman.SearchImages: add ImageSearchFilter to Varlink API * image.SearchImages: use SearchFilter type * SearchImages: extend API with filter parameter * podman-search: refactor code to libpod/image/search.go * podman-search: run in parallel * Ensure that userns is created for stopped rootless pods * Podman pod create now errors on receiving CLI args * podman-remote pull * Don't start running dependencies * Fifth chunk of Cobra Examples * Add 4th chunk of Cobra Examples * OpenTracing support added to start, stop, run, create, pull, and ps * packer: Make Makefile host arch sensitive * Add 3rd chunk of Cobra examples * pod infra container is started before a container in a pod is run, started, or attached. * Add registry name to fields returned by varlink image search * Second chunk of Cobra help * podman: honor --storage-opt again * docs: mention the new OCI runtime configuration * libpod: honor runtime_path from libpod.conf * rootless: open the correct file * Fix `podman login` lying problem * Fix error code retrieval for podman start --attach * Enable --rm with --detach * Add examples for Cobra * Add tlsVerify bool to SearchImage for varlink * Fix volume handling in podman * enable podman-remote volume prune * add build to main and as subcommand to image * --password-stdin flag in `podman login` * 'podman cp' copy between host and container * podman-remote build * Vendor in latest c/storage and c/image * show container ports of network namespace * podman-remote volume inspect|ls * build varlink without GOPATH * completions: add --pod to run/create * Parse fq name correctly for images * Try disabling --rm on notify_socket test * podman-remote push * get_ci_vm : allow running without sudo * Only build varlink when buildtag is available * Remove a lot of '--rm' options from unit tests * Address review comments on #2319 * Retain a copy of container exit file on cleanup * Fix manual detach from containers to not wait for exit * varlink: Rename `SearchImage` to `SearchImages` * varlink: Rename `ContainerInList` to `Container` * varlink: Rename `ImageInList` to `Image` * varlink: Simplify GetVersion() call * varlink: Return all times in RFC 3339 format * Makefile: Don't include quotes around GIT_COMMIT * varlink: Remove the Ping() method * podman: Show error when creating varlink listener failed * varlink: Remove `NotImplemented` type * Don't show global flags except for podman command * podman-remote volume rm * Remove urfave/cli from libpod * podman-remote volume create * Separate remote and local commands * lock and sync container before checking mountpoint * oci: do not set XDG_RUNTIME_DIR twice * pod: drop not valid check for rootless * Podman pod stats -- fix GO template output * Add troubleshooting information about running a rootless containers. * Add --all-tags to pull command * Add common_test.go to single test instructions * Remove container from storage on --force * do not crash when displaying dangling images * Add volume mounts to PS output * Update image-trust man with further comments * Migrate to cobra CLI * Remove some dead type declarations * Fix down/missing registry.access.redhat.com * cleanup: use the correct runtime * make vendor: always check for latest vndr * install.md: add section about vendoring * Add varlink generate to the make documentation * Mention OSes that pass the build * Generate make helping message dynamicaly. * Makefile: minor fix to reenable system tests * Add StartPeriod to cmd/podman/docker.HealthConfig * Unconditionally refresh storage options from config * rootless: do not override /dev/pts if not needed * Fix handling of memory limits via varlink * Add documentation on running systemd on SELinux systems * Cirrus: add vendor_check_task * cleanup vendor directory * Revert "Vendor containers/buildah" * e2e tests: sigproxy: fix rare hang condition * Preserve exited state across reboot * Apply 50min timeout to integration tests * Capatilize all usage and descriptions * Add podman system prune and info commands * podman-remote import|export * tests: allow to override the OCI runtime * rootless: copy some settings from the global configuration * Vendor containers/buildah * Increase e2e info/json test exit timeout * Touch up image-trust man * Rework Podman description * vendor latest containers/image * Reduce Dockerfile based build time for libpod. * libpod/image: Use RepoDigests() in Inspect() * add Pod Manager References * Add support for short option -f in podman version * Add support for short option -s in podman inspect * Add support for short option -f * Changes to container runlabel for toolbox project * Fix regression in ps with custom format * Set SELinux type on bin/podman after install * Cirrus: Add RHEL-7 testing * For consistency in usage output the verbs changed from 3rd person to 1st person. * podman image prune -- implement all flag * Alter varlink API for ListContainerMounts to return a map * Make --quiet work in podman create/run * apparmor: don't load default profile in rootless mode * Cirrus: Enable AppArmor build and test * Update ArchLinux installation instructions * tutorials: describe how to use podman in updates-testing * [skip ci] Cirrus: Container for tracking image use * Cirrus: Use freshly built images * remove sudo * Vendor in latest containers/storage * Show a better error message when podman info fails during a refresh * enable podman-remote version * Update transfer.md and commands.md to add missing commands. * rootless: support port redirection from the host * Mask unimplemeted commands for remote client * Vendor in latest opencontainers/selinux * podman-remote inspect * Vendor in latest containers/storage * rootless: fix --pid=host without --privileged * Do not unmarshal into c.config.Spec * podman-inspect: don't ignore errors * Add openSUSE Kubic to install.md * cirrus: Record start/end time of important things * Cirrus: Consolidate VM image names in once place * Update README for v1.0.0 * Installing podman * Ensure that wait exits on state transition * Vendor in containers/storage * Add --latest and --all to podman mount/umount * Cleanup coverity scan issues * Embed runtime struct in super localRuntime * Collaberative podman-remote container exists * Fix up `image sign` in PR 2108 * add support for podman-remote history * Rename localRuntime to runtime in cmd/podman * podman remote integrations tests * podman remote client -- add rmi * Run integrations test with remote-client * [skip ci] Hack: Fix get_ci_vm.sh w/ gcloud ssh/scp * Update master branch with v1.0 changes from 1.0 branch * Add local storage.conf example to troubleshoot * config: store the runtime used to create each container * oci: allow to define multiple OCI runtimes * libpod: allow multiple oci runtimes * Remove imageParts.{isTagged,registry,name,tag} * Clarify comments about isRegistry a bit. * Use imageParts.unnormalizedRef in GetImageBaseName * FIXME? Introduce imageParts.suspiciousRefNameTagValuesForSearch * Use imageParts.referenceWithRegistry in Image.getLocalImage * Don't try to look up local images with an explicit :latest suffix * Return a reference.Named from normalizedTag * Use reference.TagNameOnly instead of manually adding imageParts.tag in normalizeTag * Use imageParts.normalizedReference in normalizeTag * Add imageParts.normalizedReference() * Use imageparts.referenceWithRegistry in normalizeTag * Remove no longer used imageParts.assemble() * Use getPullRefPair / getSinglePullRefPairGoal in pullGoalFromPossiblyUnqualifiedName * Use imageParts.referenceWithRegistry in pullGoalFromPossiblyUnqualifiedName * Use imageParts.referenceWithRegistry in getPullRefPair * Add imageParts.referenceWithRegistry * Don't use imageParts.assemble when pulling from a qualified name * Reorganize normalizeTag * Simplify pullGoalFromPossiblyUnqualifiedName * Remove imageParts.transport * Simplify pullGoalFromPossiblyUnqualifiedName * Inline imageParts.assembleWithTransport into callers * Record the original reference.Named in imageParts * Drop image.DecomposeString, make image.Parts private imageParts again * Don't call image.DecomposeString in imageInListToContainerImage * Add bridge support, for the varlink connection * Add troubleshooting statement for homedirs mounted noexec * Set default storage options from mounts.conf file. * podman play kube: add containers to pod * Add darwin support for remote-client * vendor: update everything * vendor make target * rootless: create the userns immediately when creating a new pod * rootless: join both userns and mount namespace with --pod * spec: add nosuid,noexec,nodev to ro bind mount * Use multi-arch images in test case scripts * Add varlink support for prune * Replace tab with spaces in MarshalIndent in libpod * Remove one more usage of encoding/json in libpod * Update vendor.conf for jsoniter vendor changes * Move all libpod/ JSON references over to jsoniter * Update json-iterator vendor to v1.1.5 * Remove easyjson in preparation for switch to jsoniter * remote-client support for images * Move python code from contrib to it's own repo python-podman * Use defaults if paths are not specified in storage.conf * (Minor) Cirrus: Print timestamp at start * fix up sigstore path * Trivial readme updates * podman: bump RLIMIT_NOFILE also without CAP_SYS_RESOURCE * Fix handling of nil volumes * sign: make all error messages lowercase * sign: use filepath.Join instead of fmt.Sprintf * createconfig: always cleanup a rootless container * Fix 'image trust' from PR1899 * libpod/image: Use ParseNormalizedNamed in RepoDigests * apparmor: apply default profile at container initialization * Fix up image sign and trust * If you fail to open shm lock then attempt to create it * List the long variant of each option before its shorter counterpart * Use existing interface to request IP address during restore * Added checkpoint/restore test for same IP * Enable checkpoint test with established TCP connections * .github/ISSUE_TEMPLATE: Suggest '/kind bug' and '/kind feature' * pkg/hooks/exec: Include failed command in hook errors * hooks/exec/runtimeconfigfilter: Log config changes * hooks: Add pre-create hooks for runtime-config manipulation * Add Validate completions * Add a --workdir option to 'podman exec' * Default --sig-proxy to true for 'podman start --attach' * Test that 'podman start --sig-proxy' does not work without --attach * [WIP]Support podman image sign * vendor latest buildah * Honor image environment variables with exec * Minor: Remove redundant basename command in ooe.sh * Rename libpod.Config back to ContainerConfig * Add ability to build golang remote client * vendor latest buildah * Add the configuration file used to setup storage to podman info * Address lingering review comments from SHM locking PR * podman: set umask to 022 * podman-login: adhere to user input * Vendor in latest containers/buildah code * Rootless with shmlocks was not working. * Readd Python testing * Update vendor of runc * [skip ci] Docs: Add Bot Interactions section * container runlabel NAME implementation * Bump time for build_each_commit step * Move lock init after tmp dir is populated properly * DO NOT MERGE temporarily remove python tests * When refreshing libpod, if SHM locks exist, remove them * Ensure different error messages and creating/opening locks * Update unit tests to use in-memory lock manager * Remove runtime lockDir and add in-memory lock manager * Convert pods to SHM locks * Convert containers to SHM locking * Add lock manager to libpod runtime * Move to POSIX mutexes for SHM locks * Disable lint on SHMLock struct * Refactor locks package to build on non-Linux * Add an SHM-backed Lock Manager implementation * Add interface for libpod multiprocess locks * Improve documentation and unit tests for SHM locks * Propogate error codes from SHM lock creation and open * Add mutex invariant to SHM semaphores. * Initial skeleton of in-memory locks * add container-init support * If local storage file exists, then use it rather then defaults. * vendor in new containers/storage * Fix completions * Touch up some troubleshooting nits * Warn on overriding user-specified storage driver w/ DB * Log container command before starting the container * Use sprintf to generate port numbers while committing * Add troubleshooting for sparse files * Fix handling of symbolic links * podman build is not using the default oci-runtime * Re-enable checkpoint/restore CI tests on Fedora * Fixes to handle /dev/shm correctly. * rootless tests using stop is more reliable * Allow alias for list, ls, ps to work * Refactor: use idtools.ParseIDMap instead of bundling own version * cirrus: Use updated images including new crui * Switch all referencs to image.ContainerConfig to image.Config * Allow users to specify a directory for additonal devices * Change all 'can not' to 'cannot' for proper usage * Invalid index for array * Vendor in latest psgo code to fix race conditions * test: add test for rootless export * export: fix usage with rootless containers * rootless: add function to join user and mount namespace * libpod: always store the conmon pid file * Use existing CRIU packages in CI setup * skip test for blkio.weight when kernel does not support it * Add Play * Cirrus: Skip build all commits test on master * prepare for move to validate on 1.11 only * [skip ci] Gate: Update docs w/ safer local command * Support podman image trust command * Makefile: validate that each commit can at least build * perf test a stress test to profile CPU load of podman * all flakes must die * Add information on --restart * generate service object inline * Cirrus: One IRC notice only * docs/tutorials: add a basic network config * display proper error when rmi -fa with infra containers * add --get-login command to podman-login. * Show image only once with images -q * Add script to create CI VMs for debugging * Cirrus: Migrate PAPR testing of F28 to Cirrus * Skip checkpoint tests on Fedora <30 * Cirrus: Add text editors to cache-images * Bump gitvalidation epoch * Bump to v0.12.2-dev * Clean up some existing varlink endpoints * mount: allow mount only when using vfs - Changelog for v1.0.0 (2018-1-11) * Update release notes for v1.0 * Remove clientintegration from Makefile * Regenerate EasyJSON to fix JSON issues * Update gitvalidation to avoid reverts w/o signoffs * Cirrus: Post-Merge Testing for v1.0 Branch * Move python code from contrib to it's own repo python-podman * Use defaults if paths are not specified in storage.conf * (Minor) Cirrus: Print timestamp at start * fix up sigstore path * Trivial readme updates * podman: bump RLIMIT_NOFILE also without CAP_SYS_RESOURCE * Fix handling of nil volumes * sign: make all error messages lowercase * sign: use filepath.Join instead of fmt.Sprintf * createconfig: always cleanup a rootless container * Fix 'image trust' from PR1899 * libpod/image: Use ParseNormalizedNamed in RepoDigests * apparmor: apply default profile at container initialization * Fix up image sign and trust * List the long variant of each option before its shorter counterpart * Use existing interface to request IP address during restore * Added checkpoint/restore test for same IP * Enable checkpoint test with established TCP connections * .github/ISSUE_TEMPLATE: Suggest '/kind bug' and '/kind feature' * pkg/hooks/exec: Include failed command in hook errors * hooks/exec/runtimeconfigfilter: Log config changes * hooks: Add pre-create hooks for runtime-config manipulation * Add Validate completions * Add a --workdir option to 'podman exec' * Default --sig-proxy to true for 'podman start --attach' * Test that 'podman start --sig-proxy' does not work without --attach * [WIP]Support podman image sign * vendor latest buildah * Honor image environment variables with exec * Minor: Remove redundant basename command in ooe.sh * Rename libpod.Config back to ContainerConfig * Add ability to build golang remote client * vendor latest buildah * Add the configuration file used to setup storage to podman info * podman: set umask to 022 * podman-login: adhere to user input * Vendor in latest containers/buildah code * Readd Python testing * Update vendor of runc * [skip ci] Docs: Add Bot Interactions section * container runlabel NAME implementation * Bump time for build_each_commit step * add container-init support * If local storage file exists, then use it rather then defaults. * vendor in new containers/storage * Fix completions * Touch up some troubleshooting nits * Log container command before starting the container * Use sprintf to generate port numbers while committing * Add troubleshooting for sparse files * Fix handling of symbolic links * podman build is not using the default oci-runtime * Re-enable checkpoint/restore CI tests on Fedora * Fixes to handle /dev/shm correctly. * rootless tests using stop is more reliable * Allow alias for list, ls, ps to work * Refactor: use idtools.ParseIDMap instead of bundling own version * cirrus: Use updated images including new crui * Switch all referencs to image.ContainerConfig to image.Config * Allow users to specify a directory for additonal devices * Change all 'can not' to 'cannot' for proper usage * Invalid index for array * Vendor in latest psgo code to fix race conditions * test: add test for rootless export * export: fix usage with rootless containers * rootless: add function to join user and mount namespace * libpod: always store the conmon pid file * Use existing CRIU packages in CI setup * skip test for blkio.weight when kernel does not support it * Add Play * Cirrus: Skip build all commits test on master * prepare for move to validate on 1.11 only * [skip ci] Gate: Update docs w/ safer local command * Support podman image trust command * Makefile: validate that each commit can at least build * perf test a stress test to profile CPU load of podman * all flakes must die * Add information on --restart * generate service object inline * Cirrus: One IRC notice only * docs/tutorials: add a basic network config * display proper error when rmi -fa with infra containers * add --get-login command to podman-login. * Show image only once with images -q * Add script to create CI VMs for debugging * Cirrus: Migrate PAPR testing of F28 to Cirrus * Skip checkpoint tests on Fedora <30 * Cirrus: Add text editors to cache-images * Clean up some existing varlink endpoints * mount: allow mount only when using vfs - Changelog for v0.12.1.2 (2018-12-13) * Add release notes for 0.12.1.2 * runlabel should sub podman for docker|/usr/bin/docker * condition fixed for adding volume to boltdb. * e2e: add tests for systemd * Add test for sharing resolv and hosts with netns * Makefile tweaks to fix make shell * failed containers with --rm should remove themselves * Fix documentation links and flow * Set Socket label for contianer * Containers sharing a netns should share resolv/hosts * Prevent a second lookup of user for image volumes * fix typo in kubernetes * No need to use `-i` in go build (with go 1.10 and above) * rootless: fix restart when using fuse-overlayfs * Cirrus: Update base-image build docs * Add capabilities to generate kube * disable F29 tests on PAPR * Ensure storage options are properly initialized * add more example usage to varlink endpoints * Update for API change * Vendor buildah after merging mtrmac/blob-info-caching-on-top-of-contents-caching * Vendor c/image after merging c/image#536 * Bump gitvalidation epoch * Bump to v0.12.2-dev - Changelog for v0.12.1.1 (2018-12-07) * Update release notes for v0.12.1.1 * Fix errors where OCI hooks directory does not exist * add timeout to pod stop * Remove manual handling of insecure registries in (podman search) * Fix reporting the registries.conf path on error * Remove manual handling of insecure registries in doPullImage * Remove the forceSecure parameter on the pull call stack * Remove manual handling of insecure registries in PushImageToReference * Factor out the registries.conf location code in pkg/registries * Remove the forceSecure parameter of Image.PushImageTo* * Minimally update for the DockerInsecureSkipTLSVerify type change * Bump gitvalidation epoch * Bump to v0.12.2-dev * Fix build on non-Linux * Remove some unused data structures and code * Vendor buildah after merging https://github.com/containers/buildah/pull/1214 * Update containers/image to 63a1cbdc5e6537056695cf0d627c0a33b334df53 * Cirrus: Document and codify base-image production * Cirrus: Use Makefile for image-building * Refactor BooleanAction to mimic golang interface * generate kube - Changelog for v0.12.1 (2018-12-06) * Update release notes for 0.12.1 * bind mount /etc/resolv.conf|hosts in pods * Remove --sync flag from `podman rm` * Add locking to Sync() on containers * Add --sync flag to podman ps * Add --sync option to podman rm * Tests for podman volume commands * Add "podman volume" command * tutorial: add ostree dependency * Pick registry to login from full image name as well * Add ability to prune containers and images * Invert tlsverify default in API * set .54 version for f28 due to memory error * Vendor in latest containers/storage * pkg/lookup: Return ID-only pointers on ErrNo*Entries * test for rmi with children * libpod/container_internal_linux: Allow gids that aren't in the group file * Don't initialize CNI when running as rootless * correct algorithm for deleting all images * Use runtime lockDir in BoltDB state * test: update runc again * vendor: update containers/storage * create pod on the fly * libpod/container_internal: Deprecate implicit hook directories * Revert changes to GetDefaultStoreOptions * Fix libpod static dir selection when graphroot changed * podman pod exists * Adding more varlink endpoints * Ensure directory where we will make database exists * Fix typo * rootless: raise error if newuidmap/newgidmap are not installed * Add better descriptions for validation errors in DB * Fix gofmt and lint * Make locks dir in unit tests * Do not initialize locks dir in BoltDB * Move rootless storage config into libpod * Set default paths from DB if not explicitly overridden * Add a struct indicating if some Runtime fields were set * Make DB config validation an explicit step * Move DB configuration up in runtime setup * Add ability to retrieve runtime configuration from DB * Add short-option handling to logs * tests: always install runc on Ubuntu * cirrus: update ubuntu image * cirrus: make apt noninteractive * Dockerfile, .cirrus.yml: update runc commit * rootless: propagate XDG_RUNTIME_DIR to the OCI runtime * Update ubuntu VM image w/ newer runc * add pod short option to ps * Add create test with --mount flag * Only include container SizeRootFs when requested * /dev/shm should be mounted even in rootless mode. * disable checkpoint tests on f29 * test, rootless: specify USER env variable * Revert "downgrade runc due a rootless bug" * Fix completions to work with podman run command * hide kube command for now * pypod create/run: ignore args for container command * Add support for --all in pypodman ps command * Fixes #1867 * tests: fix NOTIFY_SOCKET test * Fix golang formatting issues * oci: propagate NOTIFY_SOCKET on runtime start * test: fix test for NOTIFY_SOCKET * Add test to ensure stopping a stopped container works * Stopping a stopped container is not an error for Podman * Disable mount options when running --privileged * Vendor in latest containers/storage * util: use fsnotify to wait for file * vendor: update selinux * rootless: store only subset of storage.conf * rootless: fix cleanup * network: allow slirp4netns mode also for root containers * Added more checkpoint/restore test cases * Fix podman container restore -a * Update bash completion for checkpoint/restore * Add '--tcp-established' to checkpoint/restore man page * Added tcp-established to checkpoint/restore * Remove unused CRIU_COMMIT variable * Point CRIU_COMMIT to CRIU release 3.11 * Updated CRIO_COMMIT to pull in new conmon for CRIU * Use also a struct to pass options to Restore() * _split_token(): handle None * Use host's resolv.conf if no network namespace enabled * rootless: add new netmode "slirp4netns" * tests: change return type for PodmanAsUser to PodmanTestIntegration * test: cleanup CNI network used by the tests * exec: don't wait for pidfile when the runtime exited * Remove mount options relatime from podman run --mount with shared * Update test case name to podman run with --mount flag * Add some tests for --ip flag with run and create command * Add history and namespaceoptions to image inspect * add podman container|image exists * set root propagation based on volume properties * Actually set version for podman module / pypodman * implement --format for version command * podman_tutorial.md typos: arguement -> argument; missing 'a' * Load NAT modules to fix tests involving CRIU * Vendor in latest containers/buildah * Update checkpoint/restore man pages * Added option to keep containers running after checkpointing * Use a struct to pass options to Checkpoint() * exec: always make explicit the tty value * Allow users to expose ports from the pod to the host * Improve speed of containers.list() * output libpod container to kubernetes yaml * rootless: create empty mounts.conf if it doesn't exist * registries: check user registries file only in rootless mode * rootless: create storage.conf when it doesn't exist * rootless: create libpod.conf when it doesn't exist * Don't use $HOST and $USER variables for remote * Implement pypodman start command * runlabel: use shlex for splitting commands * Add a rule to compile system test in Makefile * Fix no-new-privileges test * The system test write with ginkgo * Separate common used test functions and structs to test/utils * Add version command to pypodman * Bump gitvalidation epoch * Bump to v0.11.2-dev * Cirrus: Add documentation for system-testing * Cirrus: Simplify optional system-test script * Cirrus: Reveal magic, parallel system-testing * libpod should know if the network is disabled * Lint: Silence few given goconst lint warnings * Lint: Extract constant unknownPackage * Lint: Tests: add missing assertions * Lint: Do not ignore errors from docker run command when selinux enabled * Lint: InspectImage varlink api should return errors that occurred * Lint: Exclude autogenerated files from lint test * Lint: Update metalinter dependency * Set --force-rm for podman build to true by default * Vendor in latest containers/storage - Changelog for v0.11.1.1 (2018-11-15) * Vendor in containers/storage * Add release notes for 0.11.1.1 * Increase pidWaitTimeout to 60s * Cirrus: Add master branch testing status badge * rootless: call IsRootless just once * Bump golang to v1.10 in install.md * Standardized container image for gofmt and lint * Make list of approvers same as reviewers * vendor: update ostree-go * vendor.conf: fix typo * Cleanup podman spec to not show git checkout is dirty * Add space between num & unit in images output * Update troubleshooting guide to deal with rootless path * troubleshooting.md: add a recipe for rootless ping * remove $-prefix from (most) shell examples * docs: Fix duplicated entry for pod-container-unmount * Better document rootless containers * info: add rootless field * Accurately update state if prepare() partially fails * Do not hide errors when creating container with UserNSRoot * rm -f now removes a paused container * correct assignment of networkStatus * podman_tutorial: cni build path has changed * Bump gitvalidation epoch * Bump to v0.11.2-dev * Cirrus: Ignore any error from the IRC messenger * rootless: default to fuse-overlayfs when available - Changelog for v0.11.1 (2018-11-08) * Update release notes for 0.11.1 * update seccomp.json * Touch up --log* options and daemons in man pages * Fix run --hostname test that started failing post-merge * move defer'd function declaration ahead of prepare error return * Don't fail if /etc/passwd or /etc/group does not exists * Print error status code if we fail to parse it * Properly set Running state when starting containers * Fix misspelling * Retrieve container PID from conmon * If a container ceases to exist in runc, set exit status * EXPERIMENTAL: Do not call out to runc for sync * Actually save changes from post-stop sync * rootless: mount /sys/fs/cgroup/systemd from the host * rootless: don't bind mount /sys/fs/cgroup/systemd in systemd mode * Add hostname to /etc/hosts * Temporarily fix the Python tests to fix some PRs * Remove conmon cgroup before pod cgroup for cgroupfs * Fix cleanup for "Pause a bunch of running containers" * --interactive shall keep STDIN attached even when not explicitly called out * Do never override podman with docker * Make kill, pause, and unpause parallel. * Fix long image name handling * Make restart parallel and add --all * Add ChangeAction to parse sub-options from --change * replace quay.io/baude to quay.io/libpod * Change humanize to use MB vs MiB. * allow ppc64le to pass libpod integration tests * Cirrus-CI: Add option to run system-tests * Cirrus: Skip rebuilding images unless instructed * Cirrus: Disable image build job abort on push * Cirrus: Add a readme * Ubuntu VM image build: try update twice * Cirrus: Enable updating F28 image * rootless: do not add an additional /run to runroot * rootless: avoid hang on failed slirp4netns * Fix setting of version information * runtime: do not allow runroot longer than 50 characters * attach: fix attach when cuid is too long * truncate command output in ps by default * Update the runc commit used for testing * make various changes to ps output * Sync default config with libpod.conf * Use two spaces to pad PS fields * unmount: fix error logic * get user and group information using securejoin and runc's user library * CONTRIBUTING.md: add section about describing changes * Change to exported name in ParseDevice * Vendor in latest containers/storage * fix bug in rm -fa parallel deletes * Ensure test container in running state * Add tests for selinux labels * Add --max-workers and heuristics for parallel operations * Increase security and performance when looking up groups * run prepare in parallel * downgrade runc due a rootless bug * runlabel: run any command * Eat our own dogfood * vendor: update containers/storage * Add support for /usr/local installation * create: fix writing cidfile when using rootless * Explain the device format in man pages * read conmon output and convert to json in two steps * Cirrus: Use images w/ buildah fix * Add --all and --latest to checkpoint/restore * Use the newly added getAllOrLatestContainers() function * Use the new checkAllAndLatest() function * Also factor out getAllOrLatestContainers() function * Add checkAllAndLatest() function * Downgrade code to support python3.4 * Allow containers/storage to handle on SELinux labeling * Use more reliable check for rootless for firewall init * Vendor in latest containers/storage opencontainers/selinux * Make podman ps fast * Support auth file environment variable in podman build * fix environment variable parsing * tests: use existing CRIU version check * Use the CRIU version check in checkpoint/restore * Add helper function to read out CRIU version * vendor in go-criu and dependencies * oci: cleanup process status * Handle http/https in registry given to login/out * re-enable f29 testing * correct stats err with non-running containers * Use restoreArtifacts to save time in integration tests * Make rm faster * Fix man page to show info on storage * Move rootless directory handling to the libpod/pkg/util directory * Fix podman port -l * Fix trivial missing markup in manpage * Cirrus: Install CRIU in test images * Cirrus: Use different CNI_COMMIT for Fedora * Fix Cirrus/Packer VM image building * Revert "Cirrus: Enable debugging delay on non-zero exit" * Cirrus: IRC message when cirrus testing successful * cirrus: Add simple IRC messenger * fix NOTIFY_SOCKET in e2e testfix NOTIFY_SOCKET in e2e tests * Bump gitvalidation epoch * Bump to v0.10.2-dev - Changelog for v0.10.1.3 (2018-10-17) * Update release notes for 0.10.1.3 * Vendor in new new buildah/ci * Fix podman in podman * Bump gitvalidation epoch * Bump to v0.10.2-dev - Changelog for v0.10.1.2 (2018-10-17) * Update release notes for 0.10.1.2 * Fix CGroup paths used for systemd CGroup mount * Bump gitvalidation epoch * Bump to v0.10.2-dev - Changelog for v0.10.1.1 (2018-10-16) * Update release notes for 0.10.1.1 * Mount proper cgroup for systemd to manage inside of the container. * Cirrus: Enable debugging delay on non-zero exit * Touchup fileo typo * volume: resolve symlinks in paths * volume: write the correct ID of the container in error messages * vendor: update containers/buildah * papr: relabel GOPATH/github.com/containers/podman * tests: do not fail in the cleanup phase * tests: do not make assumptions on the mount output * papr_prepare: remove double process for starting up .papr.sh * Add support for pod commands * Support auth file environment variable & add change to man pages * Generate a passwd file for users not in container * Bump gitvalidation epoch * Bump to v0.10.2-dev - Changelog for v0.10.1 (2018-10-11) * Swap from map to channels for podman stop workers * Add release notes for 0.10.1 * Pass along syslog variable to podman cleanup processes * Sort all command flags * rootless: detect when user namespaces are not enabled * Log an otherwise ignored error from joining a net ns * Fix gofmt * Add tests for --ip flag * Update manpages for --ip flag * Add --ip flag and plumbing into libpod * Document --net as an alias of --network in podman run & create * Update OCICNI vendor to 2d2983e4 * Temporary commit to swap branches * rootless: report more error messages from the startup phase * rootless: fix an hang on older versions of setresuid/setresgid * Update OCICNI vendor to e617a611 * fix runlabel functions based on QA feedback * Vendor latest containers/image * Stop containers in parallel fashion * wip * remove hack/dind * Vendor in latest github.com/containers/storage,image, buildah * runlabel: execute /proc/self/exe and avoid recursion * Re-add source-verify in cirrus-ci * added links to buildah.io and podman.io to README.md * Lower CPU/Memory usage by cirrus VMs * skip userns tests on non-fedora distributions for now * Remove Travis * docker: Double quote array expansions to avoid re-splitting elements * Ensure resolv.conf has the right label and path * Remove no longer used libnetwork from vendor.conf * Fix lint * Drop libnetwork vendor and move the code into pkg/ * Update libnetwork vendor to current master to fix CI * Switch to using libnetwork's resolvconf package * Add configuration for Cirrus-CI * disable gce building of images * re-add BR for golang compiler to contrib/spec/podman.spec.in * completions: add checkpoint/restore completions * tests: add checkpoint/restore test * tutorial: add checkpoint/restore to tutorial * docs: add checkpoint and restore man pages * Add support to checkpoint/restore containers * oci: split the stdout and stderr pipes * oci: always set XDG_RUNTIME_DIR * Fix pod status reporting for new Exited state * Add ability for ubuntu to be tested * selinux: drop superflous relabel * rootless: always set XDG_RUNTIME_DIR * Fix python tests * Fix Wait() to allow Exited state as well as Stopped * Fix cleanupRuntime to only save if container is valid * Fix bug with exited state and container remove * Address review comments and fix ps output * Add ContainerStateExited and OCI delete() in cleanup() * Need to allocate memory for hook struct * Disable SELinux labeling if --privileged * * Update documenation * Implement pod varlink bindings * Update docs to build a runc that works with systemd * runtime: fix message which assumes the runtime is runc * rootless: raise an error when trying to use cgroups * Add --all flag to podman kill * Add podman.io to README.md * Vendor in the latest containers/storage, image and buildah * Don't tmpcopyup on systemd cgroup * Add container runlabel command * run complex image names with short names * Add buildah version and distribution to info * Disable Fedora 29 and CentOS7 VM testing * podman runs disabled containers and privileged containers as spc_t * Update the OWNERS file so bot assigns sane reviewers * rework CI tests to test on VMs * Put openshift dockerfiles in test/install * Bump gitvalidation epoch * Bump to v0.9.4-dev * contrib/python/*/Makefile: Fallback to unversioned 'python' * Makefile: Drop PYTHON * Makefile: Call contrib/python's clean regardless of HAS_PYTHON3 - Changelog for v0.9.3.1 (2018-09-25) * Update release notes for 0.9.3.1 * Disable problematic SELinux code causing runc issues * Bump gitvalidation epoch * Bump to v0.9.4-dev - Changelog for v0.9.3 (2018-09-21) * Update release notes for 0.9.3 * Add --mount option for `create` & `run` command * Refactor Wait() to not require a timeout * Updates from reviews * Implement new subcommands * Don't mount /dev/shm if the user told you --ipc=none * rootless: error out if there are not enough UIDs/GIDs available * Vendor in latest containers/buildah * rootless: fix create with images not in the storage * rootless: skip usage of filepath.Join * create, rootless: join the userns of ns:PATH * create, rootless: join the userns of container:CONTAINER * spec: refactor ns modes to a common interface * Don't output inodes created to run a container * Add rpmbuild to the openshift fedora test image * Add new field to libpod to indicate whether or not to use labelling * Bind Mounts should be mounted read-only when in read-only mode * test, rootless: enforce cgroupfs manager * report when rootless * add the gopath environment variable to the openshift dockerfile * Vendor in latest opencontainers/runtime-tools * Add python-varlink to the Fedora openshift image * Add Dockerfile for openshift lint, gofmt, and validate testing * Vendor in latest containers/buildah * Don't crash if an image has no names * Replace all usages of "install -D" with "install -d" * Increase pidWaitTimeout to 1000ms * Small updates to OCI spec generation * Add new tests for ipc namespace sharing * Hooks supports two directories, process default and override * Bump gitvalidation epoch * Bump to v0.9.3-dev - Changelog for v0.9.2.1 (2018-09-17) * Update release notes for 0.9.2.1 * Vendor in latest projectatomic/buildah * Vndr latest containers/image * Bump gitvalidation epoch * Bump to v0.9.3-dev - Changelog for v0.9.2 (2018-09-14) * Update release notes for 0.9.2 * change search test to look for fedora and not fedora-minimal * Don't mount /dev/* if user mounted /dev * add registry information to varlink info * libpod/image/pull: Return image-pulling errors from doPullImage * Update gitvalidation epoch to avoid a bad commit * Update README to reflect current development efforts * rootless: do not raise an error if the entrypoint is specified * Add Buildah Podman relationship to README.md * Swap default mount propagation from private to rprivate * Add a way to disable port reservation * Add notes to check version on problem * Do not set rlimits if we are rootless * Up default Podman rlimits to avoid max open files * Search registries with an empty query * Vendor in latest containers/image * Remove duplicate code between create.go and run.go * Add --interval flag to podman wait * Add `podman rm --volumes` flag * Vendor in latest containers/storage to eliminage deadlock * do not build with devicemapper * run different cgroup tests depending on conditions * dont make python when running make * Explicitly set default CNI network name in libpod.conf * Pass on securityOpts from podInfraContainer to container added to pod. * Bump gitvalidation epoch * Bump to v0.9.2-dev - Changelog for v0.9.1.1 (2018-09-10) * Update release notes for 0.9.1.1 * Replace existing iptables handler with firewall code * Vendor CNI plugins firewall code * Fix displaying size on size calculation error * Bump gitvalidation epoch * Bump to v0.9.2-dev - Changelog for v0.9.1 (2018-09-07) * Update RELEASE_NOTES for 0.9.1 release * Fix pod sharing for utsmode * Respect user-added mounts over default spec mounts * Ensure we do not overlap mounts in the spec * Change references to cri-o to point at new repository * fix docs for podman build * use layer cache when building images * Add first pass for baseline pod tests * Change shm test to be less flaky. * Update WaitForTimeOut to output OutputString to help with debugging. * Fixups for baseline test script * Fix nameing of Namespaces to be more consistent * Start pod infra container when pod is created * vendor containerd/cgroups * Fix up libpod.conf man pages and referencese to it. * Print errors from individual pull attempts * Added GOPATH/bin to PATH install.md * We should fail Podman with ExitCode 125 by default * Add CRI logs parsing to podman logs * rmi remove all not error when no images are present * rootless: check uid with Geteuid() instead of Getuid() * rootless, tests: add tests for the pod command * rootless, create: support --pod * rootless, run: support --pod * rootless: create compatible pod infra container * rootless: be in an userns to initialize the runtime * commandNotFoundHandler: use stderr and exit code 1 * Bump gitvalidation epoch * Bump to v0.9.1-dev * Update release notes for 0.8.5 - Changelog for v0.8.5 (2018-08-31) * Add proper support for systemd inside of podman * We are mistakenly seeing repos as registries. * container: resolve rootfs symlinks * Up time between checks for podman wait * Turn on test debugging * Add support for remote commands * fixup A few language changes and subuid(5) * Make the documentation of user namespace options in podman-run clearer * pod create: restore help flag * catch command-not-found errors * don't print help message for usage errors * Vendor in latest containers/storage and containers/image * add conmon to copr spec * docs: consistent format for example * docs: consistent headings * docs: make HISTORY consistent * docs: fix headers * varlink: fix --timeout usage * run/create: reserve `-h` flag for hostname * podman,varlink: inform user about --timeout 0 * rootless: show an error when stats is used * rootless: show an error when pause/unpause are used * rootless: unexport GetUserNSForPid * rootless, exec: use the new function to join the userns * rootless: fix top * rootless: add new function to join existing namespace * Vendor in latest projectatomic/buildah * Set nproc in containers unless explicitly overridden * Do not set max open files by default if we are rootless * Set default max open files in spec * Resolve /etc/resolv.conf before reading * document `--rm` semantics * allow specification of entrypoint in the form of a slice * Test RPM build and install for regressions * rootless, search: do not create a new userns * rootless, login, logout: do not create a new userns * rootless, kill: do not create a new userns * rootless, stop: do not create a new userns * Ensure return errors match API docs * Fix manpage to note how multiple filters are combined * Fix handling of multiple filters in podman ps * Fix Mount Propagation * docs: add containers-mounts.conf(5) * docs: use "containers-" prefix for registries and storage * rootless: fix --pid=host * rootless: fix --ipc=host * spec: bind mount /sys only when userNS are enabled * rootless, tests: add test for --uts=host * Dockerfile.Fedora: install slirp4netns * rootless: don't use kill --all * rootless: exec handle processes that create an user namespace * rootless: fix exec * Move whale-says test to end of baseline * Bump gitvalidation epoch * Bump to v0.8.5-dev - Changelog for v0.8.4 (2018-08-24) * Add release notes * Regenerate easyjson after rebase * Vendor easyjson code to fix build * Swap from FFJSON to easyjson * Make 'make clean' remove FFJSON generated code * rootless: allow to override policy.json by the user * add completion for --pod in run and create * Fixed formatting and lowered verbosity of pod ps * Do not try to enable AppArmor in rootless mode * exposes tcp port only if no proto specified. * rpm-spec: use skopeo-containers instead of containers-common * Reveal information about container capabilities * Vendor in latest projectatomic/buildah * Refactor error checking in With*NSFromPod options * Fixing network ns segfault * Change pause container to infra container * Support pause containers in varlink * Added option to share kernel namespaces in libpod and podman * Changed GetContainerStats to return ErrCtrStateInvalid * Add GetPodStats to varlink * rpm-spec: update distro-specific dependencies * Add podman pod top * Include pod stats and top in commands/completions * Vendor changes to psgo * Fix syntax description of --ulimit command * Swap test image in exec test to fedora for useradd * Add tests for exec --user * Properly translate users into runc format for exec * test: ad more tests for rootless containers * rootless: fix --net host --privileged * Fix a bug with hook ALWAYS matching with a process * Fixed segfault in stats where container had netNS none or from container * Enable pod stats with short ID and name * Touch up cert-dir in man pages * make dbuild fixed on ubuntu/debian * vendor latest github.com/urfave/cli * Add retry decorator for flakey tests * Update error message from reviews * Support Attach subcommand in pypodman * Fix handling of devices * tutorial: point to containers/skopeo * point to containers/skopeo * install.md: point to containers/libpod * Bump gitvalidation epoch * Bump to v0.8.4-dev - Changelog for v0.8.3 (2018-08-17) * Make failure to retrieve individual ctrs/pods nonfatal * Mention that systemd is the default cgroup manager * Add dependency for python3-psutil module * Vendor in latest buildah and imagebuilder * Don't fail on size. * Fix handling of socket connection refusal. * podman: fix --uts=host * podman pod stats * Added helper function for libpod pod api calls * CreatePod args now PodCreate structure * Added reason to PodContainerError * Change batchcontainer to shared * Add Pod API to varlink. * Change pod varlink API. * Moved getPodStatus to pod API to be used in varlink * Vendor in latest containers/psgo code * switch projectatomic to containers * Revert "spec: bind mount /sys only for rootless containers" * Suport format param for varlink Commit * Fix segfault in top when -l and no args are passed * Document STORAGE_DRIVER and STORAGE_OPTS environment variable * podman.spec: recommend slirp4netns * Do not 'make all' on Travis for Linux * Fix build on non-Linux OSes * Create pod CGroups when using the systemd cgroup driver * Switch systemd default CGroup parent to machine.slice * spec: bind mount /sys only for rootless containers * build, rootless: specify IsolationOCIRootless * vendor: update buildah version * Fix handling of hostname in --net=host * Updated pod_api to reflect function spec * Add create and pull commands * rootless: not require userns for help/version * pkg/apparmor: use a pipe instead of a tmp file * pkg/apparmor: move data under Linux/apparmor buildtags * pkg/apparmor: move all linux-code into apparmor_linux* * podman in rootless mode will only work with cgroupfs at this point. * when searching, survive errors for multiple registries * Remove unused function in runtime.go * Fix papr tests by forcing cgroupfs in CI * Bump gitvalidation epoch * Bump to v0.8.3-dev - Changelog for v0.8.2.1 (2018-08-11) * Ensure pod inspect is locked and validity-checked * Further fix tests * Bump gitvalidation epoch * Bump to v0.8.3-dev * Fix python tests again * Fix python tests to use cgroupfs * Fix typo breaking tests * Force cgroupfs for python tests * Swap default CGroup manager to systemd * Only use cgroupfs for containerized tests * Temporarily force all tests to use cgroupfs driver - Changelog for v0.8.2 (2018-08-10) * We need to sort mounts so that one mount does not over mount another. * search name should include registry * Split pod.go into 3 files * Make errors during refresh nonfatal * Add batch check to container stats lock * removeContainer: fix deadlock * Add FFJSON to build container * Don't require .gopathok for individual FFJSON targets * Add FFJSON generation to makefile * Re-add FFJSON for container and pod structs * Fixed a bug setting dependencies on the wrong container * Always connect to the stdout and stderr of stream * apparmor: respect "unconfined" setting * oci.go: syslog: fix debug formatting * add podman pod inspect * Fix ambiguity in adding localhost to podman save * Fix CGroupFS cgroup manager cgroup creation for pods * Update Conmon commit for testing * Pass newly-added --log-level flag to Conmon * Cleanup man pages * Improve ps handling of container start/stop time * rootless: fix user lookup if USER= is not set * enabled copr epel builds again * Handle yum and dnf * Test regressions against the RPM spec file * Pass DESTDIR down to python Makefile * Add dpkg support for returning oci/conmon versions * Have info print conmon/oci runtime information * Better pull error for fully-qualified images * Stub varlink pod methods. * Remove inotify work around * Rename varlink socket and interface * Change tarball filename in copr prepare and match short-commit length * Add Runc and Conmon versions to Podman Version * update copr spec, lets get it building again * Add missing dependencies to build system * Port to MacOS * Make one runtime for the varlink service * Bump gitvalidation epoch * Bump to v0.8.2-dev - Changelog for v0.8.1 (2018-08-03) * Vendor in latest github.com/projectatomic/buildah * Update gitvalidation epoch * Check for missing arguments in /proc/self/cmdline * Added ps --pod option * clarify pull error message * rootless: do not set setgroups to deny when using newuidmap * Man page fixes found by https://pagure.io/ManualPageScan * Inline pullGoalNamesFromPossiblyUnqualifiedName into Runtime.pullGoalFromPossibly... * Replace getPullRefName by Runtime.getPullRefPair * Inline pullGoalNamesFromImageReference back into Runtime.pullGoalFromImageReference * Introduce getSinglePullRefNameGoal * Test Runtime.pullGoalFromPossiblyUnqualifiedName instead of pullGoalNameFrom... * Test Runtime.pullGoalFromImageReference instead of pullGoalNamesFromImageReference * Use REGISTRIES_CONFIG_PATH for all tests * rootless: do not segfault if the parent already died * RFC: Rename runtime.pullImage to runtime.pullImageFromHeuristicSource * Introduce Runtime.pullImageFromReference, call it in Runtime.FromImageReference * RFC: Remove unused transport name constants from libpod * Replace Runtime.LoadFromArchive with Runtime.LoadFromArchiveReference * Rename the "image" variable to "imageName" * Fix the heuristic for docker-archive: sources in (podman pull) * Split doPullImage from pullImage * Remove the forceCompress parameter from getCopyOptions and DRO.GetSystemContext * Remove the authFile parameter from getCopyOptions and DRO.GetSystemContext * Remove the signaturePolicyPath parameter from getCopyOptions and DRO.GetSystemContext * Add a *types.SystemContext parameter to getCopyOptions and DRO.GetSystemContext * Move pullImage from Image to Runtime * Do not re-parse the list of search registries just for an error message * Eliminate duplicate determination whether to use search registries * Eliminate the "DockerArchive means pull all refPairs" special case * Introduce struct pullGoalNames * Introduce struct pullGoal * Use []pullRefPair instead of []*pullRefPair * Use []pullRefName instead of []*pullRefName * Introduce singlePullRefNameGoal * Use an early return from refNamesFromPossiblyUnqualifiedName * RFC: Rename Image.PushImage to Image.PushImageToHeuristicDestination * Remove an unnecessary use of alltransports.ParseImageName * RFC? Hard-code "format" string values instead of using libpod.* transport names * Use PushImageToReference for (podman save) * Call imageNameForSaveDestination while creating the references * Exit early in the simple case in imageNameForSaveDestination * Rename parameters of imageNameForSaveDestination * Split imageNameForSaveDestination from saveCmd * Split a single if statement into two. * Move source handling before destination parsing * Split Image.PushImageToReference from Image.PushImage * Don't format to string and re-parse a DockerReference() * Remove the :// end from DockerTransport * Remove the TransportNames arrays * Document the properties of DefaultTransport a bit better. * Eliminate the "dest" variable. * Use an early exit if a docker-archive: image has no repo tags * Reorganize the tag loading in DockerArchive case * Return early in refNamesFromImageReference instead of appending to pullNames * Use srcRef.StringWithinTransport() instead of parsing imgName again * Use a switch instead of if/if else/.../else * Remove the error return value from getPullRefName * Rename getPullListFromRef to refPairsFromImageReference * Split refNamesFromImageReference from Runtime.getPullListFromRef * Replace getPullRefPair with getPullRefName * Include the rejected reference when parsing it fails in pullRefPairsFromRefNames * Add --force to podman umount to force the unmounting of the rootfs * Integration Test Improvements #3 * Ensure container and pod refresh picks up a State * Fix build on non-linux platforms * Rework state testing to allow State structs to be empty * Add additional comments on accessing state in API * Do not fetch pod and ctr State on retrieval in Bolt * network: add support for rootless network with slirp4netns * varlink ImageRemove should always return image ID * Add documentations on how to setup /etc/subuid and /etc/subgid * Integration Test Improvements #2 * avoid spewing fds do to restore of cached images * Add load test for xz compressed images * Speed up test results * Show duration for each ginkgo test and test speed improvements * vendor: update containers/storage * Clean up pylint warnings and errors for podman * podman rmi shouldn't delete named referenced images * Bump gitvalidation epoch * Bump to v0.8.1-dev - Changelog for v0.7.4 (2018-07-27) * Add pod pause/unpause * Fix up docker compatibility messages * Update vendored version of runc,buildah,containers/image * Refactored method of getting pods * Fix godoc comment in pkg/netns * Fix handling of Linux network namespaces * Update containernetworking/plugins to current master * Cleanup descriptions and help information * Skip seccomp-dependent tests on non-Linux * Use the Linux version BoltState.getContainerFromDB on all platforms. * Split parseNetNSBoltData from BoltState.getContainerFromDB * Use testify/require in a few places to avoid panics in tests * Skip unit tests which require storage when not running as root * Don't pollute the build output with failures to build checkseccomp * Remove cmd/podman/user.go * double papr timeout for all ci tests * vendor latest containers/psgo * Vendor latest container/storage to fix overlay mountopt * Add pod kill * Added pod restart * Added pod.Restart() functionality to libpod. * Add a mutex to BoltDB state to prevent lock issues * Clear variables used to store options after parsing for every volume * Clean up pylint warnings and errors * podman: allow to specify the IPC namespace to join * podman: allow to specify the UTS namespace to join * podman: allow to specify the PID namespace to join * podman: allow to specify the userns to join * network: support ns: prefix to join existing namespace * spec: allow container:NAME network mode * Update comments in BoltDB and In-Memory states * Add an E2E test to verify basic namespace functionality * Add libpod namespace to config * Add missing runtime.go lines to set namespace * Address first round of review comments * Set namespace for new pods/containers based on runtime * Add --namespace flag to Podman * Update documentation for the State interface * Ensure pods are part of the set namespace when added * Enforce namespace checks on container add * Add tests for state namespacing * Add namespaces to in memory state * Untested implementation of namespaced BoltDB access * Add constraint that dependencies must be in the same ns * Add namespaces and initial constraints to database * Add container and pod namespaces to configs * Fix varlink API usage of psgo * Update issue template to point build bugs at buildah * We don't currently support --mac-address * Vendor in latest containers/psgo code * Update container Mounted() and Mountpoint() functions * [WIP] Refactor and simplify python builds * AppArmor: runtime check if it's enabled on the host * Add format descriptors infor to podman top * Fix error handling in pod start/stop. * docs/podman-top: fix typo and whitespace * Use the result of reference.Parse when checking for digests. * Make refNamesFromPossiblyUnqualifiedName independent from Image * Make Image.HasShaInInputName to an independent local function * Split createNamesToPull into ref{Names,Pairs}FromPossiblyUnqualifiedName * Rename local variables in Runtime.pullRefPairsFromRefNames * Split Runtime.pullRefPairsFromRefNames from Image.createNamesToPull * Rename nameToPull to pullRefName * Rename pullStruct to pullRefPair * Replace optional nameToPull.shaPullName with mandatory dstName * Introduce nameToPull, move shaPullName in there * Split normalizeTag from Image.TagImage * Remove Image.isShortName * Inline getTags into its only user * Add unit tests for imageParts * Add OnBuild and usernamespace test to baseline * Bump gitvalidation epoch * Bump to v0.7.4-dev - Changelog for v0.7.3 (2018-07-20) * Update psgo vendor * Podman load/tag/save prepend localhost when no repository is present * Pod ps now uses pod.Status() * Added pod start and stop * rootless: support a per-user mounts.conf * secrets: parse only one mounts configuration file * rootless: allow a per-user registries.conf file * pull: get registries using the registries pkg * rootless: allow a per-user storage.conf file * rootless, docs: document the libpod.conf file used in rootless mode * Let containers/storage keep track of mounts * podman-top: use containers/psgo * Vendor in latest code for storage,image, buildah * Abort a test on nil containers, so that future tests don't panic * Fix TestPostDeleteHooks on macOS * Use `...` for a regexp constant to improve readability * oci: keep exposed ports busy and leak the fd into conmon * Dockerfile: install nmap-ncat * Update podman_tutorial.md * Update transfer.md * Add missing podman commands * Update gitvalidation epoch * Fix ps filter with key=value labels * rootless: require subids to be present * Downgrade setup.py * Bump gitvalidation epoch * Bump to v0.7.3-dev - Changelog for v0.7.2 (2018-07-13) * Change logic for detecting conflicting flags in ps * Update python directories to better support setup.py * Fix ps --sort=size test * remote python client for podman * Only print container size JSON if --size was requested * Don't print rootfs and rw sizes if they're empty * Major fixes to podman ps --format=json output * Ignore running containers in ps exit-code filters * Record whether the container has exited * rootless: correctly propagate the exit status from the container * rootless: unshare mount namespace * Need to wait for container to exit before completing run/start completes * If proxy fails then then signal should be sent to the main process * fix pull image that includes a sha * Added full podman pod ps, with tests and man page * Podman pod create/rm commands with man page and tests. * Added created time to pod state * Support multiple networks * Log all output of logrus to syslog as well as stdout/stderr * podman rmi should only untag image if parent of another * Changed container status of Unknown from being printed as Dead to Error in Ps * Fix podman build completions * Refactor attach()/start() after podman changes * create conmon sockets when getting their paths * build: enable ostree in containers/storage when available * podman/libpod: add default AppArmor profile * runtime: delete unused function * rootless: propagate errors from GetRootlessRuntimeDir() * rootless: resolve the user home directory * rootless: fix when argv[0] is not an absolute path * Allow Init() on stopped containers * urfave/cli: fix regression in short-opts parsing * Add --volumes-from flag to podman run and create * Vendor in latest buildah to add masks for /proc/keys and /proc/acpi * Vendor in latest containers/storage * Mask /proc/keys to protect information leak about keys on host * ctime: Drop 32-/64-bit distinction on Linux * Podman stats with no containers listed is the same as podman stats --all * Refactor unittest for change in history API * Bump gitvalidation epoch * Bump to v0.7.2-dev - Changelog for v0.7.1 (2018-07-06) * pkg/ctime: Factor libpod/finished* into a separate package * Block use of /proc/acpi from inside containers * remove buildah requirement for the libpod image library * contrib/python/test/test_tunnel: Fix -nNT -> -nNTq * Refactor podman/utils with a single container start and attach function * Remove now-unneeded cleanupCgroup() for unsupported OS * Remove per-container CGroup parents * Fix nits and GOPATH in tutorial * spec: Make addPrivilegedDevices and createBlockIO per-platform * libpod/runtime_pod: Make removePod per-platform * libpod/networking_unsupported: Remove JoinNetworkNameSpace * .travis: Run gofmt and lint on OS X * rootless: Merge rootless.go back into rootless_linux.go * Makefile: Use a pattern rule for cross-compilation * more changes to compile darwin * Fix timeout issue with built-in volume test * rootless: add /run/user/$UID to the lookup paths * rootless: add function to retrieve the original UID * rootless: always set XDG_RUNTIME_DIR * rootless: set XDG_RUNTIME_DIR also for state and exec * libpod/container: Replace containerState* with containerPlatformState * urfave/cli: fix parsing of short opts * docs: Follow man-pages(7) suggestions for SYNOPSIS * Allow multiple mounts * Makefile: Use 'git diff' to show gofmt changes * Skip a test in Travis that has timeout issues * vendor in selinux and buildah for darwin compilation * add image user to inspect data * changes to allow for darwin compilation * Bump gitvalidation epoch * Bump to v0.7.1-dev - Changelog for v0.6.5 (2018-06-29) * Fix built-in volume issue with podman run/create * Add `podman container cleanup` to CLI * Allow multiple containers and all for umount * Returning joining namespace error should not be fatal * Start using github.com/seccomp/containers-golang * Test to verify overlay quotas work, show container overhead on quota * conmon no longer writes to syslog * Fix broken f28/cloud instance * Vendor latest projectatomic/buildah * vendor in latest golang/x/sys * vendor in latest docker package * Remove the --registry flag from podman search * utils: fix endless write of resize event * Start prints UUID or container name that user inputs on success * cmd/podman/utils.go: Cancel-able resize writes * Fix podman hangs when detecting startup error in container attached mode * travis: bump go to 1.9.x and 1.10.x * podman-build --help: update description * *: Replace Generator.Spec() with Generator.Config * generator.New() requires an OS string input variable * Vendor in latest buildah * Vendor in latest runtime-tools * docs: add documentation for rootless containers * runtime: change rootless data storage default path * rootless: use $HOME/.config/containers/libpod.conf * test: add env variables to the debug output * rootless: do not configure additional groups * oci: set XDG_RUNTIME_DIR to the runtime from GetRootlessRuntimeDir() * rootless: add management for the userNS * container_internal: don't ignore error from cleanupNetwork() * Mark containers invalid earlier during removal * Add --authfile to podman search * Vendor in latest containers/image * add podman remote client * Vendor in go-selinux again * Update the vendoring of github.com/opencontainers/selinux * Containers can dissappear * Add podman-image and podman-container man page links * Update ocicni vendor to pick up bugfixes * make varlink optional for podman * Bump gitvalidation epoch * Bump to v0.6.5-dev - Changelog for v0.6.4 (2018-06-22) * Add tests for podman refresh * Point podman-refresh at the right manpage * Add bash completions for podman refresh * Add manpages for podman refresh * Move podman refresh under the container subcommand * Make CGroups cleanup optional on whether they exist * Add podman refresh command * Add Refresh() to ctrs to refresh state after db change * Add information about the configuration files to the install docs * Add unittests and fix bugs * Fix docs on --sig-proxy to match current behaviour * Podman history now prints out intermediate image IDs * Add cap-add and cap-drop to build man page * Option handling has become large and should be a shared function * Fix image volumes access and mount problems on restart * We are using err in defer function, needs to be defined name * Update the version of conmon used in test * install: need to install make on Fedora-like distros * Vendor containers/storage for better error reporting on dups * libpod: fix race with attach/start * Implement SSH tunnels between client and podman server * Add carriage return to log message when using --tty flag * Errors from closing a netns on removal from DB are nonfatal * Vendor in latest go-selinux * Added --sort to ps * Fix podman build -q * Add extra debug so we can tell apart postdelete hooks * hack/ostree_tag.sh: Fill in OSTree dependencies * TLS verify is skipped per registry. * Add missing functionality for podman build layers * Add --all,-a flag to podman images * Add MacAddress to inspect * Update gitvalidation epoch * top: make output tabular * Add more network info ipv4/ipv6 and be more compatible with docker * Do not run iptablesDNS workaround on IPv6 addresses * Added --tls-verify functionality to podman search, with tests * Bump gitvalidation epoch * Bump to v0.6.4-dev - Changelog for v0.6.3 (2018-06-15) * spec: remove dead code * test: add test for running a rootless container * container: specify path to error message * podman: use a different store for the rootless case * container: do not set any mapping when using a rootfs * podman: do not use Chown in rootless mode * network: do not attempt to create a network in rootless mode * oci: do not set resources in rootless mode * oci: do not use hooks in rootless mode * oci: do not set the cgroup path in Rootless mode * spec: change mount options for /dev/pts in rootless mode * container: do not add shm in rootless mode * oci: pass XDG_RUNTIME_DIR down to the OCI runtime * podman: allow to override Tmpdir * podman: provide a default UID mapping when non root * podman: accept option --rootfs to use exploded images * When setting a memory limit, also set a swap limit * Fix cleaning up network namespaces on detached ctrs * Vendor in latest projectatomic/buildah * Temporarily turn of ps --last test until fixed * Implement --latest for ps * Correctly report errors retrieving containers in ps * Doc changes to fix alignment on most of the docs * Added --sort flag to podman image * add podman container and image command * Vendor in latest buildah code * rmi: remove image if all tags are specified * Aliases do not work with IsSet * Touchups for registries.conf across a few man pages * Remove container from state before cleaning up. * hack/release.sh: Add a guard against -dev suffixes for argv[2] * Bump gitvalidation epoch * Bump to v0.6.3-dev - Changelog for v0.6.2 (2018-06-08) * Test to make sure we are getting proper exit codes on podman run * Propegate exit code on Exec calls and integrated test * Vendor in latest buildah code * Update epoch to fix validation problems * Touch up whitespace issue in build man * Add disable-content flag info to man page for build * podman-run: clean up some formatting issues * Add pointers for Integration Tests to docs * Remove SELinux transition rule after conmon is started. * Add --all flag even though it is a noop so scripts will work * Add support for BuildImage * Added a defer to an Unlock that immediately followed a Lock * varlink build fixes * podman-varlink: log timeouts * bash completion: remove shebang * install.md: fix typo * Vendor in latest buildah code * Update OWNERS file to be based on reality * Add logo to transfer page * libpod: Execute poststop hooks locally * Add some test for podman run flag security-opt * Add a function for e2e test to write json file * Use go-selinux for selinux check * Add flag to add annotations to a container * Want to change the log level on buildah by default to warnf * vendor in latest github.com/varlink/go * hooks: Add debug logging for initial hook loading * hooks/docs: Fix 1.0.0 Nvidia example (adding version, etc.) * hooks/1.0.0/when_test: Fix "both, and" -> "both, or" name typo * hooks/1.0.0: Fix 'annotation' -> 'annotations' in JSON * hooks: Fail ReadDir if a configured hook executable is missing * Cleanup transfer.md page, remove CRI-O content * Vendor in latest containers/storage * Bump gitvalidation epoch * Bump to v0.6.2-dev - Changelog for v0.6.1 (2018-06-01) * hack/release.sh: Bump spec in dev_version_commit * hack/release.sh: No longer need to bump setup.py * Provide examples for python podman API * Bump Buildah vendor to pick up fix for tests * Log podman build failures in papr * Use Version from spec file in setup.py * Attempt to use fedora 28 atomic host * Fix lable handling * runtime: add /usr/libexec/podman/conmon to the conmon paths * varlink build * Add OnBuild support for podman build * return all inspect info for varlink containerinspect * hooks/exec: Allow successful reaps for 0s post-kill timeouts * hack/release.sh: Add a release script * Implement container attach * If user specifies UIDMapSlice without GIDMapSlice, set them equal * fix panic with podman pull * pkg/hooks/exec: Add a new package for local hook execution * Remove --net flag and make it an alias for --network * Catch does not exist error * hooks: Rename Hooks() output to extensionStageHooks * hooks: Allow local control of OCI stages via extensionStages * We need to change the SELinux label of the conmon process to s0 * Clear all caps, except the bounding set, when --user is specified. * Makefile: Add stderr redirect to HAS_PYTHON3 definition * Force update of API.md * do not allow port related args to be used with --network=container: * Update .gitignore for Varlink code and gopathok * sort containers and images by create time * Cleanup man pages * add go generate varlink to copr spec * Remove varlink's generated Go file * Bump gitvalidation epoch * Bump to v0.6.1-dev - Changelog for v0.5.4 (2018-05-25): * Vendor in latest projectatomic/buildah * Rename addFIPSsModeSecret to addFIPSModeSecret * Make references to the Process part of Spec conditional * save and load should support multi-tag for docker-archive * Implement python podman create and start * Spell check strings and comments * hooks/1.0.0: Error on empty process.args instead of panicking * Set Entrypoint from image only if not already set * Update podman build to match buildah bud functionality * Fix test_runner call of podman varlink * Fix handling of command in images * Add support for Zulu timestamp parsing * Clarify using podman build with a URL, Git repo, or archive. * Vendor in latest container/storage for devicemapper support * set varlink timeout to 1 seconds * podman create, start, getattachsocket * use $GO env-var instead of hard-coded go binary * tidy up the copr spec * honor multiple change values * hooks/README: Fix some Markdown typos (e.g. missing runc target) * oci-hooks.5: Discuss directory precedence and monitoring * finish changing the path for varlink * Tighten the security on the podman varlink socket * Implement podman.containers.commit() - Changelog for v0.5.3 (2018-05-18): * remove hooks files reference and no varlink-python on f27 or epel * contrib/spec/podman.spec.in: Drop README-hooks * troubleshooting: Add console syntax highlighting * Fix typo * Refresh pods when refreshing podman state * Add per-pod CGroups * Add pod state * hooks: Fix monitoring of multiple directories * make sure hooks are renamed for copr spec * Use container cleanup() functions when removing * docs/podman.1: Link to hook documentation * hooks/docs: Add oci-hooks.5 and per-package man page building * Add Troubleshooting guide * chrootuser: default to GID 0 when given a numeric --user * Add python3 package to podman * libpod: fix panic when using -t and the process fails to start * Makefile: Use ?= for shell variables (ISODATE, etc.) * Skip tests that are flaking, holding up merge queue * Remove old varlink tests * Allow push/save without image reference * Vendor in latest containers/image * Makefile: Respect GOBIN * Fix podman inspect bash completions * Update Tutorial with Fedora kit location * Makefile: Drop find-godeps.sh for podman target * Support pulling Dockerfile from http * Refactor libpod python varlink bindings * add more bash completions * improve podman commit documentation and error messages * Touch up logo links * implement varlink commit * fix segfault for podman push * Add the Podman Logo * logo: Remove unused directory * hooks: Add package support for extension stages * Gracefully handle containers removed from c/storage * Add packaging for hooks/README.md * Remove stop on error from Docker install switch in baseline tests * docs: fix contrib/cni broken link - Changelog for v0.5.2 (2018-05-11): * vendor/golang.org/x/text: Vendor collate and language * hooks: Order injection by collated JSON filename * libpod: Add HooksDirNotExistFatal * hooks/read: Ignore IsNotExist for JSON files in ReadDir * pkg/hooks: Version the hook structure and add 1.0.0 hooks * Fix varlink remove image force * Update Podman-specific readme * Update main README * vendor.conf: Pin containernetworking/plugins to 1fb94a42 * Do not error trying to remove cgroups that don't exist * Remove parent cgroup we create with cgroupfs * Place Conmon and Container in separate CGroups * Add --cgroup-manager flag to Podman binary * Major fixes to systemd cgroup handling * Skip systemd-style CGroups test * Alter CGroup path handling for 'podman top' * Add validation for CGroup parents. Pass CGroups path into runc * vendor/github.com/docker/docker/hack: Remove unused directory * varlink info * vendor.conf: Bump containerd/cgroups to 77e62851 * vendor.conf: Bump CNI to v0.6.0 * Dont eat the pull error message for varlink * podman push should honor registries.conf * alphabetize the varlink methods, types, and errors in the docs * Add missing newline to podman port * Generate varlink API documentation automatically * Allow streaming on some varlink container methods * Remove extra close from attach resize channel * Vendor in latest containers/storage fix for UserNS * container.go: fix lint error * Dockerfile.Fedora: use fedora:28 instead of fedora:27 * Fix calculation of RunningFor in ps json output * Should not error out if container no longer exists in oci * Make invalid state nonfatal when cleaning up in run * test/e2e/run_userns_test.go: new file * podman, userNS: configure an intermediate mount namespace * networking, userNS: configure the network namespace after create * Begin wiring in USERNS Support into podman - Changelog for v0.5.1 (2018-05-04): * Fix pulling from secure registry * Optionally init() during container restart * bashcompletion enhancements * Add directory for systemd socket and service if not present * varlink containers * Make podman commit to localhost rather then docker.io * Trivial refactor on volume addition * When adding volumes to DB, handle nontrivial cases * Add accessors for new image fields in container config * Store user Volumes, Entrypoint, Command in database * Further fix Godoc comments in options.go * Update hooks to use config bool to detect volume mounts * Fix Godoc comments in options.go * Add config bool to indicate there are user volumes * Print the Buildah comment from commit to given writer * Do not print unnecessary Buildah details during commit * remove options from create/run that we cannot support * fix typos in the inspect json structs * Fix podman logout --all flag * podman should assign a host port to -p when omitted * Vendor in latest buildah * Fix misc stuff found by jhonce * libpod.conf: Podman's conmon path on openSUSE * Add iidfile parame to build and commit man pages * do not commit default volumes from container * correct varlink command in service file * Vendor in latest containers/image * Make ':' a restricted character for file names * Add more validation to --volume flag for run and create * Fix libseccomp not working in travis * CONTRIBUTING: Document PR approval and link to OWNERS * OWNERS: rename 'assignees' to 'approvers' - Changelog for v0.4.4 (2018-04-27): * Use buildah commit and bud in podman * README: Link to CONTRIBUTING.md * Remove systemd-cat support * Refactor unittest for varlink component * Update .gitignore for python work * Modify secrets pkg * varlink images * Retrieve IP addresses for container from DB * Add --default-mounts-file hidden flag * Add isolation note to build man page * Modify man pages so they compile correctly in mandb * Strip transport from image name when looking for local image * readme: improve formatting, add links * updated epoch for bad dco * Only generate the varlink glue code if needed and from the vendor dir * Latest revendoring deleted the cmd dir in varlink * Remove more Errorf in favor of Wrapf * Do not eat error messages from pullImage * Updated varlink vendored code * Add unit files to the copr spec * packagers need the varlink generated file * Makefile; make podman depend on varlink_generate * Modify --user flag for podman create and run * Add some podman search test with filter * Fix podman search no-trunc test * Dusty would prefer it to be part of the release. * Add FIPS mode secret * Initial varlink implementation * Add restart test with timeout * Improve restart latest container test * Add start time check for restart test * add libpod.conf man page * Add seconds after epoch to copr rpms to tie break versioning * enable no test cache - Changelog for v0.4.3 (2018-04-20): * podman push without destination image * Add make .git target * Fix tests for podman run --attach * Print ctr ID if neither STDOUT and STDERR are attached * Add one test case for check diff in container and committed image * Vendor in latest containers/image and contaners/storage * Fix a typo * It is OK to start an already running container (with no attach) * Refactor logic for forceSecure in pull for readability * Small logic fix for podman pull with tls-verify * Allow podman start to attach to a running container * regression: tls verify should be set on registries.conf if insecure * ip validation game too strong * - reverse host field order (ip goes first) - fix host string split to permit IPv6 * Allow podman to exit exit codes of removed containers * Modify diff and inspect docs * Add oci-systemd-hook as a runtime dep to copr spec * validate dns-search values prior to creation * Change container.locked to batched * Add a function for check if command exist * Add WaitContainerReady for wait for docker registry ready * Add several podman push tests * podman pull should always try to pull * Allow the use of -i/-a on any container * Fix secrets patch * Remove demos.sh file from test - Changelog for v0.4.2 (2018-04-13): * Fix podman run --attach tests * Fix another comparison of a Go interface against nil * Allowing attaching stdin to non-interactive containers * Add tests for podman attach * Change attach to accept a struct containing streams * Fix terminal attach * Changes to attach to enable per-stream attaching * HACK temporary fix for test suite * Fix locking interaction in batched Exec() on container * Fix leaking files in Ginkgo * Force host UID/GID mapping when creating containers * Do not lock all containers during pod kill * Make pod stop lock one container at a time * Do not lock all containers during pod start * Containers transitioning to stop should not break stats * Add -i to exec for compatibility reasons * Unescape characters in inspect JSON format output * Use buildah commit for podman commit * Functionality changes to the following flags * Vendor in latest containers/storage and containers/image - Changelog for v0.4.1 (2018-04-05): * Remove image via storage if a buildah container is associated * Add hooks support to podman * Run images with no names * Prevent a potential race when stopping containers * Only allocate tty when -t * Stopping a stopped container should not be an error * Add conmon-pidfile flag to bash completions/manpages * --entrypoint= should delete existing entrypoint * Fix golint * Remove explicit Init() calls in run and start * Refactor dependency checks from init() into public API * Do not require Init() before Start() * Ensure dependencies are running before initializing containers * Add container dependencies to Inspect output * Add backend code for generic dependencies * Vendor in latest containers/image * Makefile: Fix typo podmon -> podman * Correct a godoc comment * Sleep for 5 seconds before pushing to registry in tests * Change errorf to warnf in warning removing ctr storage * Don't return an ImageConfig when creating storage * More gracefully handle unexpected storage deletion * Remove crictl from Dockerfile * Eliminate raceyness of sig-proxy test - Changelog for v0.3.5 (2018-03-29): * Allow sha256: prefix for input * Add secrets patch to podman * Fix tests * Remove a loop in container graph * Only start containers that are not running in pod start * Change pod Start() to use container dependency graph * Add tests for container graphs * Initial implementation of container graph generation * Error is already wrapped properly. * Check for duplicate names when generating new container and pod names. * podman: new option --conmon-pidfile= * Ensure container dependencies are part of the same pod * Prevent ctrs not in pods from depending on pod ctrs * Disable --sig-proxy tests due to race conditions * Remove dependency on kubernetes * Vendor in lots of kubernetes stuff to shrink image size * Fix some minor issues lint has been picking up * cmd/podman/run.go: Error nicely when no image found * podman exec should handle options --env foo * Remove current SQLite DB driver * Update containers/storage to pick up overlay driver fix * First tag, untag THEN reload the image * Add files section to podman man page - Changelog for v0.3.4 (2018-03-23): * Bump version to v0.3.4 * Make container env variable conditional * Stage 4 Image cleanup * Add CONTAINER environment variable * Small manpage reword * Document .containerenv in manpages. Move it to /run. * Add .containerenv file * Add script to determine dependency sizes * If cidfile exists, do not proceed * Removing tagged images change in behavior * Use podman to test podman on FAH * Migrate podman inspect and tag to image library * Migrate podman images to image library * Makefile: add changelog target * Image library stage 4 - create and commit * Add 'podman restart' asciinema * Fix Travis tests for sig-proxy