This PR fixes a small bug in pulling disk artifacts where the machine os
was accidently being set to GOOS instead of "linux". Also removed the
manifest type verification because it served no purpose.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
The reserved annotation io.podman.annotations.volumes-from is made public to let user define volumes-from to have one container mount volumes of other containers.
The annotation format is: io.podman.annotations.volumes-from/tgtCtr: "srcCtr1:mntOpts1;srcCtr2:mntOpts;..."
Fixes: containers#16819
Signed-off-by: Vikas Goel <vikas.goel@gmail.com>
According to https://go.dev/ref/mod#module-cache golang will leave
behind read-only bits. It was observed that these cause the find/rm
cleanup operations to fail fail with `permission denied` on thousands
of files. This is preventing cleanup of cruft from unrelated Cirrus-tasks
leading to unnecessary occupation of critical, local-ssd storage space.
Fix this by ensuring the user has at least write access to the entire
contents of `$TMPDIR` and `$HOME`, `ci` subdirs.
Signed-off-by: Chris Evich <cevich@redhat.com>
Re-enable USBs check in wsl `SetProviderAttrs` function to prevent the
user trying to set USB settings which isn't supported.
Additionally removes a TODO in wsl's `CreateVM` function to check if the
`opts.USBs` length is greater than 0. This check is done in a more
generic way higher up the stack.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Instead of panic'ing for provider.MountType(), we return the "Unknown"
voluem type
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
When dealing with environment variables that set $HOME, we do not get
the desired result. Windows will honor USERPROFILE.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Our roadmap was completely outdated, revamp it to things we have
not already done. Same for the Podman Desktop section - it's not
a brand-new, unproven solution anymore.
Signed-off-by: Matt Heon <mheon@redhat.com>
Disable the `perfsprint` and `typecheck` linters as they are too noisy.
There are some good issues worthy of fixing but it's too time consuming
at the moment. Hence, let's unblock the PR.
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
if the target mount path already exists and the container uses a user
namespace, correctly map the target UID/GID to the host values before
attempting a chown.
Closes: https://github.com/containers/podman/issues/21608
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
this pr represents a shift in how we download podman machine images.
these images will now be stored in oci registry and will replace the
default method of downloading an image. you can still use a reference
to a disk image as a path or url too with the --image-path switch.
the final registry and location of the images has not been determined;
and will need to be updated in podman as well.
i dont think we need to allow --image-path to accept a registry/image
for the podman 5.0 release. i do think there will be demand for this.
upgrades also need to be plumbed. for example, updating from an oci
registry.
once we make decisions on final image locations/registrties as well as
some behaviors of init and the oci pull, we must update the machine-init
documentation.
Signed-off-by: Brent Baude <bbaude@redhat.com>
Rootless users should be defaulted to point DOCKER_HOST at
$XDG_RUNTIME_DIR/podman/podman.sock
When podman-docker package is installed.
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
And, runc-1.12 broke our seccomp e2e tests (runc now calls getcwd(),
which is the dummy syscall blocked for testing seccomp). Switch
to blocking link() instead.
Also, disable v4.1.0 upgrade tests. They're hanging, and I have
no idea why, and have wasted most of a day debugging.
Fixes: #21546
Signed-off-by: Ed Santiago <santiago@redhat.com>
The default location for temporary files created by mktemp may not
have enough space for an image. Use the new SSH functions which
support an input reader to make the code simpler, more reliable,
and more efficient.
[NO NEW TESTS NEEDED]
Signed-off-by: Gordon Messmer <gordon.messmer@gmail.com>
we should not panic podman when it has to deal with a podman4 machine
config. instead, we throw a soft error for `machine ls` and in all
other cases, we throw a hard error stating that the machine config is
incompatible.
a future PR will provide instructions on how to recover from this.
current idea is something like `podman machine reset` which blows
everything away machine-wise.
Signed-off-by: Brent Baude <bbaude@redhat.com>
Conmon writes the exit file and oom file (if container
was oom killed) to the persist directory. This directory
is retained across reboots as well.
Update podman to create a persist-dir/ctr-id for the exit
and oom files for each container to be written to. The oom
state of container is set after reading the files
from the persist-dir/ctr-id directory.
The exit code still continues to read the exit file from
the exits directory.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
