As with `volume export`, this was coded up exclusively in cmd/
instead of in libpod. Move it into Libpod, add a REST endpoint,
add bindings, and now everything talks using the ContainerEngine
wiring.
Also similar to `volume export` this also makes things work much
better with volumes that require mounting - we can now guarantee
they're actually mounted, instead of just hoping.
Includes some refactoring of `volume export` as well, to simplify
its implementation and ensure both Import and Export work with
readers/writers, as opposed to just files.
Fixes#26409
Signed-off-by: Matt Heon <mheon@redhat.com>
The field allows users to specify a custom stop signal (e.g., SIGUSR1) per container.
If defined, it overrides the default stop signal (SIGTERM) or that defined in the image metadata.
Fixes: #25389
Signed-off-by: Arthur Wu <lion811004@gmail.com>
A recent pasta update changed the selinux rules and we now run pasta
under pasta_t and no longer the container_runtime_t type. The pasta type
has much stricter type rules on what the file we hand it must be
labelled. This test tries to mount the runroot which gets relabeled with
the container_file_t type but that means pasta can no longer access its
pid file we give it. To fix this test here simply mount a subdir.
see #26473
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This patch adds three examples to the podman-generate-spec.1 man page:
- Example of executed without any options
- Example of executed with the `--compact` option
- Example of executed with the `--filename` option
Fixes: #26377
Signed-off-by: shu-kitamura <shusei3316@yahoo.co.jp>
In order to use parallel.Enqueue() it is required to call
parallel.SetMaxThreads() first. However in our main call we have been
doing this after we setup the initial runtime so just move this up.
And while at it move up the cpu and memory profile setup as well so we
can capture the earlier parts as well.
This was most likely introduced by commit 46d874aa52 ("Refactor graph
traversal & use for pod stop") which started using parallel.Enqueue() in
removePod() which then can get called from refresh() when a container
has autoremoval configured.
I tried many hard resets in VMs to reproduce but was unable to do so.
I always got "retrieving temporary directory for container xxx: no such
container" erros instead and it failed to autoremove but no panics.
Besides that many times c/storage was corrupted which made the image I
used unusable and it had to be deleted which is concerning in itself.
Fixes#26469
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add ExitPolicy key to pod quadlets with logic to default to stop.
Docs updated with clarifcation on default value and usage example.
Simple assert added to bats to verify default constraint exists.
Changed argument order in ginkgo basic pod unit test
Signed-off-by: Neil Bailey <nbsp@nbailey.net>
they allow to override the owner of the volume. Differently from
-o=uid= and -o=gid= they are not passed down to the mount operation.
Closes: https://issues.redhat.com/browse/RHEL-76452
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This patch adds an example of using the `--ingore` option to the podman-secret-rm.1 man page.
Fixes: #26361
Signed-off-by: shu-kitamura <shusei3316@yahoo.co.jp>
When I worked up changes to Buildah's Governance, I found
that Podman's version was missing a few links, and there were
a few minor grammatical tweaks needed.
This addresses those.
For reference, Buildah's Governance Update PR: https://github.com/containers/buildah/pull/6124
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
This was not updated to the latest versions and CI and basically any
user should get in from their distro repos.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We no longer support CNI upstream and this default config file has not
been nedded for years since we started to generate our own default file
internally. And since 4.0.0 the default config file only exist in the
bianry and not on disk so this should not be installed by anyone even if
they still happen to use CNI.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We used this to load the iptables module, since f41 we use nftables by
default which does not need this at all so drop the module load file.
If some distros default still to the legacy iptables they can manually
add the moduled load file back.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This script does not bring accurate results. For nice dependency
analysis I can recommend goda:
https://github.com/loov/goda
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The config file is installed in the remote zip as an example but the
content in there is not being updated and no longer really the way to do
things. With podman 5.0 we have a proper system connection file and
people in general should just use the system connection commands.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This script was used when dependabot could not deal with vendoring, we
long since moved to renovate which handles it fine with manual steps so
remove this script.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It doesn't seem to be used anywhere and is not maintained. An up to date
specfile is found in the c/common repo.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This patch adds an example of using the --time option to the podman-network-rm.1 man page.
Fixes: #26373
Signed-off-by: shu-kitamura <shusei3316@yahoo.co.jp>
This patch adds two usage examples to the podman-system-migrate.1 man page:
- Normal invocation, with no expected output
- Migration to a new OCI runtime (e.g., from crun to runc)
Fixes: #26359
Signed-off-by: Arthur Wu <lion811004@gmail.com>
