according to the conversation in #18193, we only support plain tar or
gzipped tar as input.
Fixes: #18193
Signed-off-by: Brent Baude <bbaude@redhat.com>
A user reported that it was a surprise to receive an unsupported os
error when trying to use `podman machine os apply` with WSL machines.
This is intentional however the documentation needed to be updated to
explicitly state why (it is not based on FCOS).
Fixes: #25435
Signed-off-by: Brent Baude <bbaude@redhat.com>
When starting a container consider healthcheck errors fatal. That way
user know when systemd-run failed to setup the timer to run the
healthcheck and we don't get into a state where the container is running
but not the healthcheck.
This also fixes the broken error reporting from the systemd-run exec, if
the binary could not be run the output was just empty leaving the users
with no idea what failed.
Fixes#25034
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Packit's `pre-sync` action allows modification of spec file prior to
dist-git PR creation. This is already being done on containers-common
rpm to update c/storage and c/image verions tags in spec.
This commit will allow `podman version` to show `Git Commit: $SHA` for
copr as well as koji builds.
Ref: https://raw.githubusercontent.com/containers/common/refs/heads/main/.packit.yaml
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
... to validate that the manifests match expected digests, if any.
Do this everywhere, even where we read local storage which is
mostly trusted, because it is cheap enough and being consistent
makes it less likely for the code to be copied into other
contexts shere the sources are not trusted.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This commit adds the "secret" Event type and emits
"create" and "remove" events for this Event type
when Secret is created or removed.
This can be used for example by podman interfaces to
view and manage secrets.
Fixes: #24030
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
Add a new `podman machine cp` subcommand to allow users to copy files or
directories between a running Podman Machine and their host.
Tests cover the following cases:
- Copy a file from the host machine to the VM
- Copy a directory from the host machine to the VM
- Copy a file from the VM to the host machine
- Copy a directory from the VM to the host machine
- Copy a file to a directory
- Copy a directory to a file
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
This resolves an ordering issue that prevented quotas from being
applied. XFS quotas are applied recursively, but only for
subdirectories created after the quota is applied; if we create
`_data` before the quota, and then use `_data` for all data in
the volume, the quota will never be used by the volume.
Also, add a test that volume quotas are working as designed using
an XFS formatted loop device in the system tests. This should
prevent any further regressions on basic quota functionality,
such as quotas being shared between volumes.
Fixes#25368
Signed-off-by: Matt Heon <mheon@redhat.com>
Since commit c25cc7230 ("Allow a value of -1 to set unlimited pids
limit") podman converts the pids-limit value of -1 to 0 for OCI spec.
Unfortunately, different runtimes (crun and runc) treat pids.limit=0
differently, and the runtime-spec definition is somewhat vague
(see [1]).
Long term fix belongs to runtime-spec and then runtimes should follow
it.
Short term fix is do not convert -1 to 0 (as all runtimes treat -1 as
unlimited).
[NO NEW TESTS NEEDED] -- this is covered by test added in commit 553e53d44.
Fixes: https://issues.redhat.com/browse/RHEL-80973
[1]: https://github.com/opencontainers/runc/issues/4014#issuecomment-1888185352
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>