Makes sure that ignition setups up systemd config so cgroup controllers
like `cpu, io` are also delegated to `non-root` along with `memory,
pid`.
This allows general users of `podman` on `macOS` and `podman-remote` to
do operations which are dependent on `cpu, io` cgroup controllers.
[NO TESTS NEEDED]
[NO NEW TESTS NEEDED]
We don't have a CI infra to test this, please pull the tree and run
`podman info` inside the machine to confirm.
Signed-off-by: Aditya R <arajan@redhat.com>
Often users want their overlayed volumes to be `non-volatile` in nature
that means that same `upper` dir can be re-used by one or more
containers but overall of nature of volumes still have to be `overlay`
so work done is still on a overlay not on the actual volume.
Following PR adds support for more advanced options i.e custom `workdir`
and `upperdir` for overlayed volumes. So that users can re-use `workdir`
and `upperdir` across new containers as well.
Usage
```console
$ podman run -it -v myvol:/data:O,upperdir=/path/persistant/upper,workdir=/path/persistant/work alpine sh
```
Signed-off-by: Aditya R <arajan@redhat.com>
[NO NEW TESTS NEEDED] image scp was reading the localhost syntax too loosely causing some errors with domains or hosts containing the word
localhost. Fixed that and added a few lines to make sure the pure localhost connections do not touch sshd
resolves#13021
Signed-off-by: cdoern <cdoern@redhat.com>
Good news the github action works, however I noticed that we cannot use
a multiline regex so we have to use serviceIsRemote to detect if this is
a remote client. Also change the os regex so that it matches both the
output of podman version and podman info.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
We get a lot of issues for podman-remote on macos. Since the fact that
this is a remote client is often overlooked by us lets add windows, macos
and remote label automatically based on a regex which should match the
output of podman version.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Due to some recent changes in the Makefile, the setup part of the script
is now breaking with the error:
```
install: cannot stat 'bin/rootlessport': No such file or directory
make: *** [Makefile:767: install.bin] Error 1
```
The root-cause seems to be the `install` targets not
properly specifying their build dependencies. This may lead to other
problems WRT automation, but for now I'm just patching this tool to
workaround the issue.
Signed-off-by: Chris Evich <cevich@redhat.com>
podman network create --subnet, --gateway and --ip-range can now be
specified multiple times to join the network to more than one subnet.
This is very useful if you want to use a dual stack network and assign a
fixed ipv4 and ipv6 subnet. The order of the options is important here,
the first --gateway/--ip-range will be assigned to the first subnet and
so on.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Bumps Buildah to v1.24.0 and adopts the new values for pull:
true, false, never, and always. The pull-never and pull-always options
for the build command are still usable, but they have been removed from
the man page documentation with this change.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
commit 350ede1eeb6ab33bce2918d7768b940c255e63c6 added the feature.
Do not check whether the device is usable by the rootless user before
adding to the container.
Closes: https://github.com/containers/podman/issues/12704
[NO NEW TESTS NEEDED] it requires changes on the host to test it
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
machinectl does not propogate error messages and adds extra lines in the output, exec.Cmd is able to clear the env besides PATH and TERM,
and use the given UID and GID to execute the command properly.
machinectl is still used to create a user session. Ubuntu support is limited by this.
Signed-off-by: cdoern <cdoern@redhat.com>
While #12998 fixed the query string, it neglected to address
presence of the old `githubRepository` field name in the reply. This
resulted in the job throwing an error:
`jq: error (at ./artifacts/reply.json:0): Cannot iterate over null`
However, the job did preserve an artifacts archive containing the new
response data. As a test for the fix in this commit, I ran the
raw response data through the corrected jq command-line. This
confirmed the change by properly parsing the data as expected by
the workflow.
Signed-off-by: Chris Evich <cevich@redhat.com>
The `body` string value must be quoted because it contains a colon.
Also fix an incorrect URL substitution reference in error-notice e-mail
body text.
(In my defense...testing this workflow is basically impractical without
merging it)
Signed-off-by: Chris Evich <cevich@redhat.com>
Documentation for API volume list, pointed to a different struct
than the code.
[NO NEW TESTS NEEDED]
Fixes#12987
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Building from source would involve separate `make` and `make install`
steps.
This removes a lot of unnecessary `-nobuild` targets which were
otherwise needed for packaging.
This commit also removes spec files for unused copr jobs.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Minimal: only test Fedora.Latest.
Reason: podman 4.0.0-0.2.rc2 broke bodhi gating tests:
https://github.com/containers/podman/issues/12989
Requires skipping two recently-added tests that use 'podman unshare',
which doesn't work on remote.
Signed-off-by: Ed Santiago <santiago@redhat.com>
