Add functional tests to start a container from systemd.
This patch will:
- create a systemd unit file to start redis container
- create the container with `podman create`
- enable the service
- start the container with systemd
- check that the service is actually running
Signed-off-by: Emilien Macchi <emilien@redhat.com>
Also, bump the Dockerfile to use the latest Golang image, as most
of our testing is now done on 1.11
Fixes: #1999
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Going through and adding options (like tls-verify, signature option, etc)
to some varlink endpoints (like push/pull) many of which had not been
updated since their original authoring.
Signed-off-by: baude <bbaude@redhat.com>
when starting or running a container that has --rm, if the starting
container fails (like due to an invalid command), the container should
get removed.
Resolves: #1985
Signed-off-by: baude <bbaude@redhat.com>
This will allow container processes to write to the CRIU socket that gets injected
into the container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
when using a driver different than vfs, the mount is probably in a
different mount namespace thus not accessible from the host. Avoid
the confusion by not allowing mount when a different driver is used.
Closes: https://github.com/containers/libpod/issues/1964
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
When sharing a network namespace, containers should also share
resolv.conf and /etc/hosts in case a container process made
changes to either (for example, if I set up a VPN client in
container A and join container B to its network namespace, I
expect container B to use the DNS servers from A to ensure it can
see everything on the VPN).
Resolves: #1546
Signed-off-by: Matthew Heon <mheon@redhat.com>
Instead of forcing another user lookup when mounting image
volumes, just use the information we looked up when we started
generating the spec.
This may resolve#1817
Signed-off-by: Matthew Heon <mheon@redhat.com>
> The go build command now maintains a cache of recently built
packages, separate from the installed packages in $GOROOT/pkg or
$GOPATH/pkg. The effect of the cache should be to speed builds that
do not explicitly install packages or when switching between
different copies of source code (for example, when changing back and
forth between different branches in a version control system). The
old advice to add the -i flag for speed, as in go build -i or go
test -i, is no longer necessary: builds run just as fast without -i.
This should also fix podman builds for NixOS, snap-installed go, …
Signed-off-by: Vincent Demeester <vdemeest@redhat.com>
With rootless containers we cannot really restart an existing container
as we would need to join the mount namespace as well to be able to reuse
the storage, so ensure the container is stopped first.
Closes: https://github.com/containers/libpod/issues/1965
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Using the default capabilities, we can determine which caps were
added and dropped. Now added them to the security context structure.
Signed-off-by: baude <bbaude@redhat.com>
If one of storage GraphRoot or RunRoot are specified, but the
other is not, c/storage will not use the default, and will throw
an error instead. Ensure that in cases where this would happen,
we populate the fields with the c/storage defaults ourselves.
Signed-off-by: Matthew Heon <mheon@redhat.com>
like podman stop of containers, we should allow the user to specify
a timeout override when stopping pods; otherwise they have to wait
the full timeout time specified during the pod/container creation.
Signed-off-by: baude <bbaude@redhat.com>
