The code currently assumes that the container we delegate network
namespace to will never further delegate to another container, so
when looking up things like /etc/hosts and /etc/resolv.conf we
won't pull the correct files from the chained dependency. The
changes to resolve this are relatively simple - just need to keep
looking until we find a container without NetNsCtr set.
Fixes#4626
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
After a restart, pods and containers both run a refresh()
function to prepare to run after a reboot. Until now, volumes
have not had a similar function, because they had no per-boot
setup to perform.
Unfortunately, this was not noticed when in-memory locking was
introduced to volumes. The refresh() routine is, among other
things, responsible for ensuring that locks are reserved after a
reboot, ensuring they cannot be taken by a freshly-created
container, pod, or volume. If this reservation is not done, we
can end up with two objects using the same lock, potentially
needing to lock each other for some operations - classic recipe
for deadlocks.
Add a refresh() function to volumes to perform lock reservation
and ensure it is called as part of overall refresh().
Fixes#4605Fixes#4621
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
It changes the podman spec from using with_doc to bcond_without
for building docs so that anyone can pass --without doc as well
as other rpmbuild args to the build_rpm.sh script to skip
building docs.
Since go-md2man is not available in CentOS8 repo. without the
help fo extra_args, it makes it conditional.
It also moves the manpages to a seperate package.
Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
Add an additional troubleshooting item to warn users that Secure Boot
can prevent Podman from running containers. The error messages and
initial debugging steps don't make it clear that this all stems from a
BIOS setting. Hopefully adding this item to the troubleshooting doc
will avoid future headaches.
Signed-off-by: Brian Fallik <brian@clypd.com>
do not change the runtime error to be lowercase, but use a case
insensitive regex matching. In this way the original error from the
OCI runtime is reported back.
regression introduced by bc485bce47f55135d6ead80537bc145edb779ae9
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* added .install.md2man as dependency for docs, fixed broken build
on systems that do not have go-md2man preinstalled.
* sorted PHONY targets
Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* assure we use bash strict mode
* avoid shallow errors on full clones
* make script bit more idempotent
Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
If the user specifies .Server.* on a non podman-remote,
substitute .Client for .Server and return the value.
This is for compatability with Docker.
Since prior versions documented --format {{ .Version }}, we
have to continue to support that.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This command will destroy all data created via podman.
It will remove containers, images, volumes, pods.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
filter flag helps to filter the containers based on
labels, until(time), name, etc for prune command.
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
Trying to checkpoint a container started with --rm works, but it makes
no sense as the container, including the checkpoint, will be deleted
after writing the checkpoint. This commit inhibits checkpointing
containers started with '--rm' unless '--export' is used. If the
checkpoint is exported it can easily be restored from the exported
checkpoint, even if '--rm' is used. To restore a container from a
checkpoint it is even necessary to manually run 'podman rm' if the
container is not started with '--rm'.
Signed-off-by: Adrian Reber <areber@redhat.com>
since go-man2md is not available in CentOS 8, making it
optional allows them to build the rpm.
Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
Since btrfs-progs-devel is not available in RHEL/CentOS 8 and
the spec fails to build it while running build_rpm.sh,
making it optional fixes the issue.
It also modifies the spec file to install btrfs-progs-devel for
fedora only.
Since golang-github-cpuguy83-go-md2man was added twice, it also
removes the repetition.
Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
when parsing the OCI error, be sure to discard any other output that
is not matched. The full output is still printed with
--log-level=debug.
Closes: https://github.com/containers/libpod/issues/4574
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
We leverage the containers/storage image history tracking feature to
show the previously used image names when running:
`podman images --history`
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
This path allows pod prune & pod rm to remove stopped containers in the pod before deleting the pod.
PrunePods and RemovePod should be able to remove containers without force removal of stopped pods.
Signed-off-by: Qi Wang <qiwan@redhat.com>
These only conflict when joining more than one network. We can
still set a single CNI network and set a static IP and/or static
MAC.
Fixes#4500
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
