Add missing return after utils.Error(),
utils.InternalServerError(), utils.BadRequest().
[NO NEW TESTS NEEDED]
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
Add support for disabeling SELinux process separation in the container.
Add support for setting the process type of the container.
Add support for setting the process MCS level of the container.
Add support for setting the file type of the container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
All PRs are broken because this test fails, presumably due to a GraphQL
API change. Disable the test temporarily until a permanent solution
can be found.
Signed-off-by: Chris Evich <cevich@redhat.com>
When run make with muitiple jobs, `clean-binaries` could run after
the `podman-remote` target thus delete the newly built `podman-remote`
binary file. And this would cause the error later in the
`docs/remote-docs.sh` script.
Signed-off-by: xxyzz <gitpull@protonmail.com>
when using --userns=auto or --userns=pod, we should bind mount /sys
from the host instead of creating a new /sys in the container,
otherwise we rely on the fallback provided by crun, which might not be
available in other runtimes.
Also, in the last version of crun the fallback is stricter than it
used to be before and it uses a recursive bind mount through the new
mount API. That can be missing on old kernel.
Closes: https://github.com/containers/crun/issues/1131
[NO NEW TESTS NEEDED] to trigger the failure, we need a specific
combination of kernel, libc and OCI runtime.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Currently we are shipping no data about quadlet, since the
podman-systemd.unit file is not shipped. Also want to add the
quadlet name to the description of the man page so that
man -k quadlet
will help users find the man page.
Also add a link file such that if the user types in
man quadlet
man will show the podman-systemd.unit file.
Also eliminate the subpackage podman-quadlet
Fixes: https://github.com/containers/podman/issues/17349
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
copy the current mapping into a new user namespace, and run into a
separate user namespace.
Closes: https://github.com/containers/podman/issues/17337
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Just like buildkit buildah must allow cleaning the buildcache and cache generated on host by --mount=type=cache just like buildkit's prune command.
See: https://github.com/moby/buildkit#cache
Signed-off-by: Aditya R <arajan@redhat.com>
In the remote environment, this test will be failed,
because an error message is different from the local environment.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
Create the containers with a custom network. It has an impact on the
speed of container creation.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
One of the tmpfiles was not uniquely named, resulting in
conflicts with parallel 'make docs'. Fix that.
A better solution would be to run only one instance of the
preprocess script, but the Makefile incantation for that
is beyond me. This approach is CPU-wasteful but good enough.
Fixes: #17322
Signed-off-by: Ed Santiago <santiago@redhat.com>
quadlet tests were using 'systemctl show -P', a shortcut
that doesn't exist on RHEL8. Translate to old-systemd
language.
And, minor tweaks to make future test diagnosing easier.
This is a frontport of #17311; bringing from release branch
to main. Except that was an emergency, so it was a one-line
fix. This is a better long-term fix, not as trivial to review.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Image content hasn't changed much, the biggest thing here is the
$IMAGE_SUFFIX value. This new schema is also fully manageable by
renovate. Allowing a tag-push to c/automation_images to create image
update PRs in all repos automatically.
ref: https://github.com/containers/automation_images/pull/247
Also, cleanup a few comments and remove a disused testing task.
Signed-off-by: Chris Evich <cevich@redhat.com>
